What is phishing

A quick way to determine whether an email is legitimate or not is to look at the sender’s email address. Often, the address will contain an odd combination of words or numbers that make it look shifty. If in doubt, give the company a call to check whether the email is genuine.

Another big giveaway of a phishing email is its lack of personalisation. An authentic email from a real company would normally address its customers by name; scammers are unlikely to know your name, so they will start their email with a generic greeting, such as ‘Dear customer’.

Most phishing emails will want you to click on a link, where you can then enter your personal details. Immediately, this should ring an alarm bell as genuine brands will never ask you to supply information via an email link. If you’re still unsure whether to click the link or not, look at the URL itself – if the hyperlinked address is different from the address displayed in the email, it is probably malicious.

Scammers aren’t interested in spelling or grammar, so they often make careless mistakes in their emails. Before an authentic company sends an email to its customers, it is usually rigorously reviewed, so mistakes are rare. If you spot more than one error, you should treat the email with caution.

Phishing email scams tend to put pressure on you to act quickly, which authentic companies are unlikely to do in such an aggressive way. They may use intimidation to scare victims into disclosing their personal information or make unrealistic threats, for instance that they will close your bank account if you do not respond.

On the other hand, if the message contains bold claims that seem too good to be true, they probably are. It’s often wise to trust your instincts when it comes to emails that just don’t seem right. If a message looks suspicious, it usually is.