“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”

IT Operations Manager
Simon Darley
Trusted by industry leaders

Let's Talk

Call us on one of the numbers below, we cover the whole of the UK.

BriSTOL HQ & The South West

+44 (0) 117 974 5179

London & Surrounding Areas

+44 (0) 207 043 7044

Manchester & the North West

+44 (0) 161 399 1305

“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”

IT Operations Manager
Simon Darley
Trusted by industry leaders

Request a Call-back.

First we need a few details.

Contact Form Primary popup

Keep up to date with the experts

Get insights direct to your email inbox

NEWSLETTER - Exit Intent

Follow us on social

“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”

IT Operations Manager
Simon Darley
Trusted by industry leaders

Request a Call

First we need a few details.

Contact Form Primary popup

How to Spot a Phishing Email - with Example

Published: December 1, 2020
Updated: January 19, 2024
In a nutshell:

Want to know what characteristics to look out for in a phishing e-mail? Our handy guide is here to help.

82% of data breaches involve a human element

What exactly is Phishing? – An Introduction

For those of you who might be unclear about the definition, it is a form of fraud in which an attacker impersonates a reputable person or company, usually through a scam e-mail or another form of communication. This can be done in a variety of ways, some of which include distributing malicious links or gaining user credentials and account information – hence the name phishing. Phishing is popular with cyber-criminals as it relies heavily on human error, something much easier to crack than computer code.

In an attempt to raise further awareness about online threats such as phishing and to provide insight into what you and your employees should be looking out for, we thought we would take you through a real example of a phishing email received and spotted by one of our staff…

This phishing email was a particularly good fake, however, there are still red flags that give away its lack of authenticity. Take a look at the fake email below, and we’ll explain why…

1) Be sure of the Sender

Always check the sender. This sender address does not appear to mimic a legitimate TV licensing email address. Always make sure you check the actual email address rather than just the sender name, an email from a public email system (such as an email domain like Gmail) is a red flag. – if the sender’s address is still unfamiliar to you, always take a few extra minutes to examine the content of the email.

2) False Scanning Claims

Do not be fooled by a ‘Protected’ or ‘Scanned for Malware’ message trying to lull you into a false sense of security… Is the web address correct?

3) Official Appearance

Similarly, do not be fooled by official-looking logos and images. Many cyber-criminals will use ‘scraped’ logos from a company in order to make their emails look legitimate.

4) Who is it Addressed to?

Notice how this scam email is addressed to the ‘Customer’ rather than including any personal information and details. Likely because it is part of a generic email campaign sent to thousands of recipients… However, it is important to remember that using your name does not equal legitimacy – rather it’s more likely to be part of a spear phishing campaign sent to targeted individuals.

5)Poor Spelling and Grammer

Poor spelling, grammatical errors and low-quality graphics are often a key giveaway that you have received a phishing email… This example is nearly flawless, however in the larger bodies of text you can spot unprofessional and informal use of language that would be unlikely to be included in an official email. With the advancements of AI, these mistakes will become harder to find and spot.

Finally, do not click on any of the links included in a suspicious email. Notice how this email is littered with links for you to click such as ‘Sign in’, ‘Renew now’ and links to apparent social media pages? If clicked, these may take you to a criminal or malicious website… If you’re in doubt, you can hover your mouse over the hyperlink to see the full URL.

Extra Tip 3: Sensitive Information


Key Takeaways

Our latest insights
  • March 15, 2024
    Read full article
  • MVP
    March 4, 2024
    Read full article
  • Scale Up Awards
    November 30, 2023
    Read full article
  • November 15, 2023
    Read full article
  • XDR vs SIEM
    January 19, 2024
    Read full article
  • Attack Surface
    December 19, 2023
    Read full article
  • Penetration test
    November 24, 2023
    Read full article
  • AI Prompt Injection Attacks
    October 3, 2023
    Read full article
  • windows server 2012 end of life
    October 3, 2023
    Read full article
  • Microsoft Inspire
    October 3, 2023
    Read full article
  • January 19, 2024
    Read full article
  • October 3, 2023
    Read full article