Email safety 101: how to spot a phishing scam

6 June 2022

Phishing emails are the most common form of cybercrime. Learn how to protect yourself and your business with our four top cybersecurity tips.

Phishing emails are the most common form of cybercrime. Learn how to protect yourself and your business with our four top cybersecurity tips.

"Phishing". It sounds so innocuous, doesn't it?


Like, "pack your rods and bait – we're going to do a spot of phishing in the sunshine".


Not so fast. While we love the sound of an afternoon on the lake, this is a very different, err… kettle of phish.


Email phishing is a kind of cyber attack where scammers pretend to be someone they're not. These digital crooks want to catch you when your guard is down – they're hoping that you'll share some personal info or click a seemingly harmless link.


And when you fall for it, there's no going back.


Individuals might become victims of identify theft, or see their coffers drained in nothing flat. Businesses have it even harder – they're more likely to be targeted with ransomware attacks, where online outlaws encrypt data and demand a hefty fee to regain access.


It gets worse. Email phishing is the most common form of cybercrime, with phishing in general accounting for approximately 90% of data breaches. And it's not going away anytime soon.


Needless to say, it pays to learn how to protect yourself. In this post, we'll show you how to recognise phishing email scams with the help of our four easy-to-learn tips.


Read them. Absorb them. Say them out loud. Heck, put them on your Walkman and listen to them in your sleep if you have to. You'll thank us later.


1. Look for personalisation...


...or, rather, look for the lack of it.


See, scammers aren't the most detail-oriented bunch. They want to make a quick bit of cash, so will often shoot off dozens of emails in the hope that one or two land. It's a bit like hitting 100 golf balls simultaneously, then crossing your fingers you get a hole in one.


Your bank or insurance company, say, are likely to address you by name. Partly because they already have your details on file, and partly as a confidence measure. They want to make it loud and clear that they're not trying to scam you.


However, THIS IS NOT A HARD AND FAST RULE. Ahem… sorry for shouting, but we really can't stress this enough.


These kinds of wide-net scams often target many individuals at once. It's just not in the scammer's interest to research each of their victims one by one. Time is money, as they say.


Things change when businesses are in the firing line. By defrauding a business, swindlers have more to gain – so they're more likely to do their research and add personal details to their emails.


So think of it as a useful rule of thumb, but nothing more. You should never consider an email safe just because it includes personalisation.


2. Look for a WEIRD amount of URGENCY


We all know what "marketing speak" sounds like. We see and hear it every day – on our televisions, in our search results, from overenthusiastic salespeople. So far, so normal.


But in the world of phishing, this kind of urgent language is taken to extremes.


Here's the thing. Marketers know how to push our buttons. They'll often use snappy, insistent words to convince us to do a thing – and do it quickly.


Phishers might use a similar style, but it's cranked up to 11. They're not interested in entertaining us or selling us a compelling brand story. They just want our data, or cash, or a bit of both.


Or, to put it another way, it's the difference between this…


Sign up today and discover a new world of cost savings


…and this…


URGENT: PAYMENT FAILED. WARNING your account will be locked if you don't update your details TODAY


If you haven't had your morning coffee, or you had a rough night, you might have to squint to see the difference. But be on your guard – these moments of weakness are exactly what scammers are hoping to exploit.


3. Unleash your inner pedant


Nobody likes a grammar snob – except for other grammar snobs. Put two together and they'll talk for hours about Oxford commas and split infinitives… and put whole rooms of people to sleep in the process.


However, it's sometimes worth letting your inner stickler shine through. At least for scam-spotting purposes.


See, if there's one thing scam emails are famous for, it's poor spelling and grammar. That's why you'll often see sentences like "send you're reply quickly" or "I am the corwn prints of Liechtenstein, and I have a urgent and specail request".


Some claim this is intentional – that scammers include dodgy grammar on purpose because gullible people are less likely to spot it. However, we think it's more likely that cybercriminals tend to be non-native English speakers. There are nearly eight billion people on Earth, after all, and only 400 million of them (or about five per cent) speak English natively.


In any case, the phenomenon is real. If you get an email from Barclays, but it's spelt "Barcalys", consider it suspicious.


4. Check links and addresses


BIG WARNING. You should never click a link in a suspicious email. In fact, you should make a habit of checking all email links before you click through.


You can do this by hovering over the link (again, DON'T CLICK). Most web browsers and email clients will display a preview of the target address, which you can scrutinise like the digital detective that you are.


Say an email purports to be from Apple. If it links to www.apple.com, then there's a good bet it's real. If it sends you to www.dodgy-domain56.scam, then you should think twice before clicking it.


But be aware – these online imposters will often attempt to trick you with a link that looks real. For instance, they might try to send you to apple-payment.fakesite.org or www.appl3.com. This is known as "URL spoofing".


You can apply the same thinking to the sender's email address. An email from Apple is likely to be sent from an @apple.com domain. If it's come from barry538229@scamparty.com, be on your guard.


But you should be doubly careful with this. Because, with a little technical trickery, scammers can make it look like their email came from a legitimate domain.


As usual, it's a rule of thumb – not a surefire scam detector.


Next steps


We hope you found our email safety tips useful. Keep them in mind, and – fingers crossed – you'll know how to spot a phishing attack before it happens.


But while that's all well and good for your own inbox, things get more complicated when you're trying to protect an entire business.


Not to scare you, but it only takes one sleepy employee to click a malicious link, and – BAM! – your whole company is compromised.


It's enough to give you nightmares. But don't worry – we can help. Think of us as your cyber nightlight.


One way to bolster your online defences is to achieve a cybersecurity certification. We offer two types of accreditation: Cyber Essentials and ISO 27001. Either way, we'll be with you every step of the way to help you pass with flying colours.


Alternatively, you could consider engaging us for ongoing IT support. We've put together packages to suit businesses of all sizes – and all have security protections built in.


(One more thing. Why not sign up for our Knowledge Hub mailing list? You'll get tech tips like this delivered straight to your inbox. Cool, right?)

by Matthew Dickinson 21 Oct, 2024
We’re excited to announce that Yoozoom has officially joined the Windsor Telecom family as part of their mission to grow and expand across the UK. As a Leeds-based leader in unified communications, IT services, and networking solutions, Yoozoom has a proud legacy of helping businesses thrive. What does this mean for Yoozoom customers? Yoozoom will continue to provide the same high-quality services you know and trust. Windsor Telecom is committed to investing in our team and services, ensuring that we’re able to offer even more to our customers as part of a larger national network. A message from Windsor Telecom: "We’re thrilled to welcome the Yoozoom team and customers into the Windsor Telecom family,” said Pete Tomlinson, CEO of Windsor Telecom. “Their expertise will be invaluable as we grow our national presence, helping even more businesses use technology to deliver outstanding customer and employee experiences.” As part of Windsor Telecom’s UK-wide growth plan, Yoozoom is excited to embark on this next chapter and continue to deliver innovative solutions that make a difference. Stay tuned for more updates as we continue to evolve as part of the Windsor Telecom Group!
Small business owner? Need a new phone system? This is the guide for you.
by Simon Edward 26 Sept, 2022
Small business owner? Need a new phone system? This is the guide for you. Learn how to find a VoIP phone system that helps you smash your goals.
By 2025, all UK phone systems will be cloud-based.
by Simon Edward 19 Sept, 2022
By 2025, all UK phone systems will be cloud-based. If you're reluctant to switch sooner rather than later, read on for six advantages of a VoIP system.
Ten years ago, Skype was everywhere. Now… not so much. But what happened, exactly?
by Simon Edward 12 Sept, 2022
Ten years ago, Skype was everywhere. Now… not so much. But what happened, exactly? Read on to discover the truth behind Skype's rise and fall.
94% of all enterprises use cloud services – but do 94% know enough about cloud security?
by Simon Edward 05 Sept, 2022
94% of all enterprises use cloud services – but do 94% know enough about cloud security? Read on to find out more about staying safe in the cloud.
Do you even NEED two mobile phones for work?
by Simon Edward 22 Aug, 2022
Is it time to ditch the company mobile? We weigh up the pros and cons – and explore a third option that could save you cash and hassle.
Want to outsource IT support? Scratching your head over the options?
by Simon Edward 15 Aug, 2022
Want to outsource IT support? Scratching your head over the options? Choose the right IT company, first time, with our 5-step guide.
What is the true cost of an IT failure?
by Brian Rosten 08 Aug, 2022
IT failures cost more than you might think. Learn three ways to calculate the true cost of a failure and safeguard your business from tech disasters.
Time's running out – are you ready for BT's
by Simon Edward 02 Aug, 2022
In 2025, BT will switch off its ISDN and PSTN phone lines for good. Is your business ready for the change? Learn what's happening and what to do.
Learn 4 big reasons why phishing attacks work, as well as some useful tips to help you safeguard you
by Simon Edward 25 Jul, 2022
Phishing is on the rise. Learn 4 big reasons why phishing attacks work, as well as some useful tips to help you safeguard your business.
More posts
Share by: