Get in touch:

Tags: , , , , , , , , ,

Online fraud is reaching unprecedented levels, with 6.9 million cases reported every week according to Take Five Stop Fraud, a new HMRC and Microsoft awareness campaign. One of the biggest culprits is unsolicited or ‘phishing’ emails – messages that purport to be from your bank or another reputable organisation such as PayPal or, indeed, HMRC.


Frustratingly, these emails are often branded up to look genuine and can even link to websites that look like the real thing. In most cases, you’ll either be encouraged to enter personal and financial details, enabling cyber thieves to steal your identity or empty your bank accounts, or click on a link that launches a virus or ransomware attack on your IT infrastructure. Either way, you’ll be in big trouble! So how can you sort the wheat from the chaff and weed out the dodgy emails?

Here are some top tips to help you be security-savvy when you’re reading emails and browsing online.

  1. Check the ‘from’ email address

Phishing emails are becoming more sophisticated and often feature what looks like an authentic ‘from’ name at the top of the message. But hover your mouse over it to reveal the actual email address and you could be in for a shock. The domain name could be similar, but not quite the same as, the real thing or complete gobbledegook.

If you’re not sure, type in the URL you’d normally use for the company in question and look on their website for a reference to the email you’ve received. If there’s nothing there, you’re probably being scammed.

  1. Look at the greeting

Some scam emails are advanced enough to greet you by name, but often the salutation will simply say ‘Hi’ or ‘Dear customer’. Any company that you’re registered with, from banks to online shopping services, will almost always use your name. So if an email greeting is impersonal, or there’s a blank space after ‘Hi…’ or ‘Dear…’, alarm bells should start ringing straightaway.

  1. How’s their spelling and grammar?

Any professional organisation worth its salt will employ marketing professionals to write, edit and proofread their email communications. So if you notice silly mistakes like ‘Please give your bank detail’ or ‘Clock on the link below’, then you’ll know to smell a rat. At the same time, take a look at how the email is presented. If there’s a mish mash of different font types and sizes, or poor quality logos and branding, then it’s unlikely the email is genuine.

  1. Is it too good to be true?

Many an email scammer has coined it in with a seemingly irresistible  (and usually time-sensitive) offer – whether that’s a tax rebate from HMRC or a limited edition designer item that ‘you just can’t live without’.

Take a moment to think before you click on any links in emails like these. Are you really due a tax rebate after having such a great financial year? Do you really need a leopard-print catsuit from Zara? Probably not – in which case, it’s time to hit the ‘Junk’ button.

  1. Compare the contact details with the company website

A cunning trick of many scam emails is to include what look like real contact details at the bottom of the message. But hover your mouse over the email and web addresses and you may find that the links point to somewhere completely different from what’s written on-screen.

And beware of bogus phone numbers – calling a scam phone number could cost you a hefty sum, which you won’t be aware of until your next bill arrives. If in doubt, visit the company’s real website (by typing in the URL not by clicking on any email links) and check the phone number against the details on their Contact page.

  1. Above all…use your common sense!

As noted above, if something seems too good to be true, it usually is. Equally, bear in mind that any genuine financial institution would never ask you to confirm your credit card or PIN number on an email or by clicking on a web link. Always think twice before replying to an email, clicking on a link or downloading an attachment.

If you’re really not sure, you can always get in touch with the company in question (using the contact details you normally use, not those listed in the email) and check if the message is authentic.

Help and advice from Jalapeno Business Services

Our expert IT professionals can train and support your staff to be vigilant and stay safe online. With our remote monitoring service, we can also keep an eye on your IT systems and infrastructure 24/7, picking up on any problems at the earliest opportunity and before they disrupt your business operations. Get in touch to book your FREE, no obligation systems audit today.