Because the faster you spot it, the safer your business is.
In today’s digital world, phishing emails are one of the most common — and effective — cyber threats. But here’s the good news: you don’t need to be a tech expert to catch them before they cause damage. In fact, you can spot most phishing attempts in under 10 seconds by knowing what to look for.
1️⃣ Check the “From” Address, Not Just the Name
Phishing emails often spoof familiar names — like your bank, Microsoft, or even your boss.
But the actual email address tells the truth.
- Red flag: Emails from strange domains (e.g.
support@secure-login123.com) - Top tip: If the name looks familiar but the email is off, don’t click anything.
2️⃣ Look for a Sense of Urgency or Threat
Phishers want you to act without thinking. They’ll say things like:
- “Your account will be locked in 24 hours!”
- “Unusual login detected — verify now!”
If it’s trying to panic you, pause instead.
3️⃣ Hover Over Links — Don’t Click
Before clicking any link, hover your mouse over it (or long-press on mobile).
- Does the web address match the claimed sender?
- Does it lead somewhere suspicious like
bit.ly,drive-something, or strange domains?
When in doubt, leave it out.
4️⃣ Look for Grammar and Spelling Mistakes
Many phishing emails come from overseas or use automated scripts.
- Watch for unusual phrasing, missing words, or odd punctuation.
- Legitimate organisations proofread — phishers often don’t.
5️⃣ Attachments You Didn’t Ask For? Stop Right There.
Unsolicited attachments, especially .zip, .exe, .html, or .doc files, are major red flags.
Unless you were expecting it and know the sender, don’t open it.
Final Tip: Trust Your Gut…Or Contact The Service Desk
If something feels “off,” it probably is. Encourage your team to slow down, double-check, and report anything suspicious.
If in any doubt give us a shout
