How to spot a phishing email

HomeBankingOnline BankingOnline Safety › How to spot a phishing email

There are estimated to be over 5.47 billion people using the internet every single day in 2023, relying on it for work, banking, shopping, and for storing sensitive information. Despite the sophisticated measures in place to protect people against online scams, cyber criminals are still able to trick people into revealing valuable information or clicking on hazardous links that compromise device security.

Known as phishing, this illegal activity is only set to continue as we become increasingly dependent on the internet. In this article, we explore exactly what phishing is and how you can recognise, avoid and protect yourself against it.

What is phishing?

Phishing is when hackers and cyber criminals attempt to mislead people into clicking or interacting with harmful software so they can access your sensitive data. A simple way to think of it is as cyber criminals ‘fishing’ for victims.

Criminals send phishing emails to millions of people every single day. These emails are often plain text messages, just like any other email, but with suspicious links and seemingly harmless attachments that actually contain malware, spyware and viruses.

The email could also openly demand sensitive information such as your card details. This typically happens when a cyber criminal is pretending to be your bank and tells you that there is an issue with your card or account.


What is malware?

Short for malicious software, malware is a blanket term covering any computer program designed to exploit a device, service or network. Cybercriminals use malware to get sensitive data which they then exploit for financial gain.

What is spyware?

Spyware is a form of malware that, once downloaded onto your device, aims to gather information about you, such as your online activity and personal or financial data, before forwarding it on to third parties without your consent or knowledge.

Spyware can sometimes be used legally, and can ask for your permission to track your behaviour. If it hasn’t asked for permission, it might be downloaded secretly when you click on an illegitimate link and can also affect your computer’s performance.

Where does phishing occur?

Scammers will phish via text messages, phone calls or even social media, but ‘phishing’ most often describes cyberattacks by email.

How to identify phishing emails

While you might think a scam email would be easy to spot, they’re often not – and that’s exactly how cyber criminals are able to make substantial amounts of money. However, there are a few things to be aware of when looking for phishing emails, and these are as follows:

  1. Threatening language
  2. Spelling mistakes
  3. No personalisation
  4. Asking for personal information
  5. An email address that doesn’t look quite right
  6. It sounds too good to be true
  7. Distorted images or logos
  8. Long, suspicious-looking links
  9. The web address is misspelled

1. Threatening language

If the email demands something of you or informs you that imminent action is going to be taken against you unless you provide details or make a payment, it is likely to be a scam. Your bank and any other reputable provider would not contact you in this way to initiate a payment. 

2. Spelling mistakes 

Cyber criminals often make mistakes when writing emails, misspelling common words and phrases. A phishing email can sometimes feel like it’s been poorly translated, or that someone has rushed to write it. 

3. No personalisation

While your bank or subscription provider will usually refer to you by your name, scammers usually won’t be able to do this. Be wary of emails that address you as a ‘valued customer’, ‘friend’ or ‘colleague’ rather than by name. 

4. Asking outright for personal information

Your bank or any other trusted provider will not ask you to give them things like your password or PIN, so this should immediately be a cause for concern if you receive an email from someone purporting to be your bank. 

5. An unexpected email address 

Any legitimate, large company will not use email addresses that look uncertain. For example, if you receive an email from IKEA that ends with a public domain, such as ‘’ or ‘’ it is unlikely to be IKEA. In a similar sense, any email addresses that just don’t look professional should be treated with caution. 

6. It sounds too good to be true 

If you’re being promised a sizeable tax rebate despite paying the right amount of tax, or being told that you’ve won an all-expenses trip to the Bahamas for a competition you don’t remember entering, it’s likely to be a scam. Remember, if it sounds too good to be true – it probably is. In any instances where you think it might be legitimate, you should always check directly with the actual company first. 

7. Distorted images or logos

While some hackers do a very good job of replicating brand logos and images, they are often just pulled from existing websites and emails, meaning that they are of a lower quality than the originals. If a brand logo looks distorted or not like it should, this can be a cause for concern. 

8. Long, suspicious-looking links

Malicious emails will encourage you to click through using links that then download malware. You can avoid this by not clicking on any links in the email. If the email is from a company that you bank or shop with, it’s always better to either get in touch with them directly, or open a new browsing window and log in to your customer area to deal with any admin or payments that need to be made. 

9. The website URL is misspelled 

Hackers are unable to use exact domain names, which is why they often slightly and subtly misspell important names to trick rushing people into believing their legitimacy. For example, rather than ‘’ it could be ‘’ – you’d have to be looking very closely to spot the discrepancy.

How to protect yourself against scam emails

While some sophisticated scams are almost impossible to avoid, there are measures you can take to safeguard yourself against them. These include:

  • Being very careful about what information you share about yourself online. Even your family and friends sharing birthday pictures of you can give hackers a clue to passwords that might include your birth date
  • Setting social media accounts to private
  • Reviewing your privacy settings across all apps and websites 
  • Considering all aspects of an email using the checklist above before clicking on any links 
  • Setting and remembering your contact preferences when it comes to online banking
  • Brushing up on your online safety awareness
  • Remaining vigilant
  • Avoid rushing when it comes to your emails

What to do if you’ve clicked on a phishing email

With such a huge market operating online and more than 75% of phishing attacks occurring via email, it’s inevitable that there are going to be victims. However, it’s important not to panic if you are unlucky enough to be targeted, as there are steps you can take. 

Firstly, if possible, you should open your antivirus software and run a full system scan. This should identify any threats and give you instructions on what to do next. 

Secondly, if you’ve been tricked into providing a password, you should change all of your other passwords to something different and more secure. 

Finally, you should report the scam to the relevant body. In the unfortunate event you’ve lost money, report the incident to Action Fraud, which offers 24/7 reporting. You can also send information about phishing emails to the National Cyber Security Centre on 

Above all, it’s essential not to blame yourself. These scams are incredibly sophisticated and anyone can fall for them, which is how they manage to be successful. Rather than being embarrassed by your incident, it’s better to raise awareness of the scam by informing others, so they don’t fall for it too.