If an email contains any of the following, please think before you open it. The items in the list below can be an indication that an email is suspicious:
- Bad spelling and/ or poor grammar or bad formatting – if the email is genuine the formatting, spelling and grammar will usually be correct
- Familiar details in the subject field e.g. if something in the subject field relates to your line of work please don’t automatically open the email without properly reading the subject line. Spam emails can usually contain references to a subject that you’re familiar and often catch people out
- Don’t assume that because an email contains a familiar company logo that it’s a legitimate email. Many spam emails contain the logo of the company that the email claims to be from but often this is just used to fool you into thinking that the email is genuine
- If the email looks like it’s from a legitimate company but the sender address does not contain any references to the company, don’t click any of the links in the email. If an email is genuine the email address of the person sending the email will usually contain the company name
- If you receive an email that relates to an account that you hold with a company and there are no account details displayed at all the likelihood is that the email is not genuine – if an email doesn’t contain any personal information that relates to you like your name for example the same email has probably been sent to a large number of people
- The email is from somewhere you don’t live e.g. a different country
- The email is from a company you deal with but asks for personal details such as usernames or passwords
- The email is from someone you recognise but you’ve suddenly started receiving a lot more emails about things that they wouldn’t normally discuss
- Emails that ask you to open attachments especially ones that end in .pif or .scr
- Emails from ‘free’ email accounts such as Hotmail or Yahoo that are from someone you don’t recognise
- If you’ve clicked a link to a banking website check that the address begins with https or http. Nearly all banking websites will use https – if you still feel uncertain about the link, open a new tab and search for the name of the bank and confirm the website address shown with the address in the email
- Check the To and From lines in the email – if both fields have the same address or name in them the email is probably not genuine
- If you suspect an email is spam and you spot a link in the email to report it as spam DO NOT click the link, this link will often lead to a malware infection
If you have any concerns about an email that you’ve received take your time to respond to the email. Check with someone else before responding to or clicking any links in the email.
If you receive an email that claims to be from someone you recognise but contains information about a subject they would not normally email you about the likelihood is that the email is not from that person, the email account of your friend or colleague may have been hacked.
If you receive an email that appears to be from a company that you do business with that asks you to provide personal information such as your username, password or bank details DO NOT respond to the email or click on any of the links. If you are worried that there may a problem with your account, open the website by typing the details directly into a web browser and access your account this way.
DO NOT copy and paste any of the text or links from the email into a web browser – you can usually check the address in the link by hovering the mouse over the link without clicking (please refer to the following section for full details).