Email is an excellent communication tool but is frequently used to deliver unwanted or unwelcome material. This is often referred to or spam or junk email. At best this is annoying and at worst it can be malicious, causing considerable harm to your computer and organisation.

A phishing email is a scam where criminals typically send fake emails to thousands of people to trick people into providing their banking details. We have recently seen a rise in Coronavirus Phishing Emails and the HMRC phishing scam.

How to spot phishing emails

The NCSC is the UK’s lead technical authority on cyber security and offers unrivalled real-time threat analysis, defence against national cyber attacks and tailored advice to victims when incidents do happen. A range of guidance for small and medium-sized organisations can be found on the NCSC website. They provide the following advice on how to a spot phishing email:

Spotting scam messages and phone calls is becoming increasingly difficult. Many scams will even fool the experts. However, there are some tricks that criminals will use to try and get you to respond without thinking. Things to look out for are:

  • Authority– Is the message claiming to be from someone official? For example, your bank, doctor, a solicitor, or a government department. Criminals often pretend to be important people or organisations to trick you into doing what they want.
  • Urgency– Are you told you have a limited time to respond (such as ‘within 24 hours’ or ‘immediately’)? Criminals often threaten you with fines or other negative consequences.
  • Emotion– Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.
  • Scarcity– Is the message offering something in short supply, like money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.
  • Current events – Are you expecting to see a message like this? Criminals often exploit current news stories, big events, or specific times of year (like vaccine rollout) to make their scam seem more relevant to you. Be wary of anyone outside your normal supply chain for meds/therapeutics etc

If you think a message or call might really be from an organisation you have an existing relationship with, like your bank, and you want to be sure:

  • Go back to something you can trust. Visit the official website, log in to your account, or phone their advertised phone number. Don’t use the links or contact details in the message you have been sent or given over the phone.

Check to see if the official source has already told you what they will never ask you. For example, your bank may have told you that they will never ask for your password.

What to do

Delete suspicious emails. Do not click on links or open attachments in a phishing email as they may contain fraudulent requests for information or contain links to viruses. Do not respond to them even if they seem to come from a company or person you may know. Responding can confirm that your address is legitimate to the sender. If you are not sure if an email is genuine, try calling the sender on a phone number you know to be correct.

If you have received an email which you’re not quite sure about, forward it to the NCSC’s Suspicious Email Reporting Service (SERS): [email protected].

Once reported you will receive an acknowledgement email. The NCSC will then analyse the suspect email and any websites it links to. They will use any additional information you’ve provided to look for and monitor suspicious activity. Whilst the NCSC is unable to inform you of the outcome of its review, they confirm that they do act upon every message received.

According to the NCSC, this new service has already led to more than 2.3 million reports of malicious emails being flagged by the British public. Many of the 22,000 malicious URLs which have been taken down are related to coronavirus scams, such as pretending to sell PPE equipment to hide a cyber attack.

If you are using NHSmail and need to check or report suspicious emails you can do this by following the NHSmail guidance.