As we continue our time in isolation, online scammers and cybercriminals are more prevalent and sophisticated than ever. But, are you aware of the scams and tricks they use to fool us into handing over important personal information, or even parting with our money?

As part of our ‘staying safe online’ campaign we’ve developed a series of practical guides, with tips on spotting the scammers and avoiding falling victim to their tricks.

What are phishing emails?

Phishing scams are one of the most common forms of cybercrime - involving the creation of bogus and imitation emails, often with links claiming to have important updates and requesting urgent information.

How can I spot a phishing email?

1) The message is sent from a suspicious or public domain

When receiving an email, make sure to always check the email address that the message has been sent from, not just the sender’s name. Slick hackers could imitate one of your loved ones or colleagues' names, as a means of trying to get your attention.

It is incredibly unlikely that a legitimate company will contact you from an email address that ends ‘’ or ‘’

The best way to check a company’s domain name (the phrase after the @ symbol) is to type the organisation’s name into a search engine. If the domain name matches the apparent sender of the email, the message is likely to be genuine.

2) Contains suspicious links or attachments

If the email you have received contains a suspicious link or attachment - be wary of clicking anything before you can establish that it’s legitimate.

You can either hover over the link or right click and copy the link, to check the origin and see what page it would send you to. However, if in doubt, the best thing to do is refrain from clicking anything until you get confirmation from the believed-sender that the link/attachment is real.

3) Requests personal information

Scammers might use phishing emails to gain personal or financial information from their victims, as a means of further infiltrating the victim’s accounts.

Legitimate companies, such as your bank, will never ask you to provide personal details over email or text. As a rule - do not provide any personal details or respond to anyone that you do not trust.

If in doubt, call the company or bank directly and query the request that you have received.

4) The email is poorly written

A key way of establishing whether an email could be from an untrusted source is if it’s poorly written.

If an email includes poor grammar, punctuation and spelling, non-capitalising of names - it should be ignored. Everyone is prone to a typo or spelling mistake once in a while, but no respectable company will be sending emails with mass grammatical errors.

A top tip would be to keep a keen eye out for grammatical mistakes over spelling mistakes. When crafting phishing messages, scammers will often use a spellchecker or translation device, which will give them all the right words but not necessarily in the right context.

5) Requires an urgent response

Cybercriminals know that by blasting ‘ACT NOW’ or ‘PROCESS THIS IMMEDIATELY’ to their email, it adds a sense of urgency, which can ultimately make their victims blind to their scam.

In a lot of cases, this can be in the form of emails claiming that the receiver has missed a payment, or an email from a boss stating that they need an urgent task completed.

It’s always better to be safe than sorry - so stay vigilant when reacting to suspicious or out-of-the-blue emails.


We are now a nation that is functioning online; from shopping for essentials, home schooling the kids, keeping in shape or communicating with our loved ones - which is why it’s never been more important to pay attention to our safety and security online.

If you receive an email asking you to provide any personal security information, give your login credentials or login to a site which is not please forward the email to and then delete it.