• Jump to contents
  • Jump to main navigation
  • Jump to site map
  • Blog
  • Careers
  • Support
  • +44 207 837 2444
  • UK: +44 203 034 2244
  • US: +1 323 984 8908
  • +44 203 034 2244
  • +1 323 984 8908

Cardonet London IT Support for Business

Cardonet are a consultative busines partner who will work closely with you to provide a transparent, vendor-neutral approach to your IT Services.

0203 034 2244

7 Stean Street, London, E8 4ED

  • Home
  • IT Solutions
    • Industry Sector IT Solutions
      • Hospitality
        • Hotels
        • Hotel Management
        • Restaurants
        • Pub & Bars
      • Manufacturing
      • Charity
      • Education
    • Business IT Challenges
      • IT Outsourcing
      • GDPR Compliance
      • PCI DSS Compliance
  • IT Services
    • IT Support
      • 24x7 Service Desk Support
      • 24x7 Network Monitoring
      • Proactive IT Support
      • Remote IT Support
      • Onsite IT Support
      • Out of Hours IT Support
      • Dedicated Service Desk
      • Network Support
      • Microsoft Support
      • Apple Mac Support
    • IT Consultancy
      • IT Strategy
      • IT Projects
      • IT Audits
      • Software Licensing
      • IT Infrastructure
      • IT Procurement
      • IT Supplier Management
      • IT Security
      • IT Networks and Cabling
      • Cloud Readiness
      • Virtualisation
      • Backup and Continuity
    • Managed IT
      • Managed Networks
      • Managed Hosting
      • Managed Backups
      • Business Continuity
    • Managed Cloud
      • Private Cloud
      • Hybrid Cloud
      • Public Cloud
    • Cyber Security
      • Cyber Security Audit
      • Cyber Essentials Support
      • GDPR Compliance Support
      • Network Penetration Testing
      • Managed Cyber Security
      • PCI Compliance Support
      • ISO 27001 Certification Support
  • About
    • About Cardonet
      • Why Cardonet?
      • News and Insight
      • Management Team
      • Case Studies
      • Customers
      • Technology Partners
      • Accreditations & Memberships
      • Approach and Culture
      • History
    • Careers with Cardonet
      • Why Cardonet for your Career?
      • Meet our Team
      • Job Entry Options
      • Current Job Vacancies
  • Contact

News and Insight

How to Recognise a Phishing Scam

by Rachael / Friday, 18 December 2020 / Published in Cyber Security
how to spot a phishing scam

Phishing attacks remain one of the biggest threats to business cybersecurity for one simple reason: they work. They operate by impersonating a well-known source and then getting you to enter personal details and sensitive data or click a link which installs malware or downloads a virus. Over the years, cyber criminals have become more and more professional so phishing emails can look legitimate and be hard to recognise. A 2019 study by Small Business Trends found that 1 in every 99 emails is a phishing attack. When you consider the number of emails sent a received on a daily basis, this is quite alarming. Therefore, training employees to recognise a phishing attack is vital. However, it can be difficult to know how to recognise a phishing scam. Below is a real-life example of a phishing email, followed by a list of things you should look out for.

Here is an example of a real phishing email I received from someone claiming to be the courier company DPD. Personal information has been blacked out.

Sender’s Email Address

Oftentimes, a phishing scam can be flawless – apart from the sender’s email address, which can be an immediate giveaway. This can be seen in the sample phishing email above, which I received from someone claiming to be the courier DPD. For example:

  • Public email domain – If the sender is using a public email domain, it is likely to be a scam. Official company emails will never come from a @gmail.com address.
  • Incorrect domain name – If the email sender’s domain address is spelt incorrectly, or if the company name does not appear in the domain, it is likely to be a scam. For example, an email from paypal@notice-access-123.com is a phishing email purporting to be from PayPal. A real PayPal email would be abc@paypal.com, as the company name is in the domain.
  • Misspelt domain name – An email address can often look legitimate at first glance, with the correct domain and all. However, upon closer inspection, there might be a small spelling error, proving that it is a scam. For example, xyz@neflix.com, as opposed to xyz@netflix.com. Scammers know that an omission this small will not be noticed by many unsuspecting people.

Poorly Written Email

Although cyber-criminals are becoming more sophisticated, their writing is often poor. If an email looks unprofessional, chances are, it’s a scam. Phishing emails often contain spelling mistakes and grammatical errors which a professional email would not. They may also contain awkwardly worded sentences which don’t make sense. They may also be poorly formatted. Legitimate companies take the time to proofread and edit the emails they send out. If it is glaringly obvious that the email was not carefully crafted for communication between a company and their customers, it is a phishing email.

Suspicious Links or Attachments

Often, phishing emails will contain links or attachments which will direct you to a page where you enter your personal information. Firstly, it is important to remember that a legitimate company will never ask you for personal information or payment via an email. Secondly, you can usually tell whether the link is suspicious by hovering over it with your cursor. If the URL does not match the company’s website, it is a scam. For example, if you get an email purporting to be from Apple and the link URL does not direct you to apple.com, it is phishing. This can be seen in the sample phishing email above, where the URL did not re-direct to the DPD website.

A link might also look suspicious. Emails from professional companies will usually not contain unformatted links. If a link looks like it has not been formatted properly to match the rest of the email, it is suspicious and you should not click it.

Threatening or Urgent Tone

An email containing threatening or aggressive language, or that has a sense of urgency, should be treated as suspicious. Cyber-criminals will often send phishing emails that have an urgency about them, or that need to be dealt with right now. For example, emails where you have to ‘claim your prize’ within a time limit are phishing scams: creating a sense of urgency means the victim doesn’t have time to think about the legitimacy of the email. Cyber-criminals can also use scare tactics to try get people to give away their personal information or money. For example, they may send an email claiming to be from your credit card company, telling you that your card has been compromised and you need to act now. Think about how most companies communicate with their customers: a threatening or aggressive email will be phishing.

Context

Receiving phishing emails can often be stressful, especially when they are threatening. However, it is important to think about context when recognising phishing. For example, in the sample phishing email above that I received from someone claiming to be DPD, I knew immediately that it was phishing for 2 reasons:

  • I had no outstanding online orders.
  • In the past, DPD have always contacted me by text, never by email.

So, if you receive an email from someone claiming to be Netflix or PayPal when you have never had an account with either of those companies, you can be sure that it is phishing. If you are not sure, it might be a good idea to have a quick Google of ‘company X phishing scams’. This will tell you if there is a known phishing scam affecting a business. After I received the sample email below, I visited DPD’s website and lo and behold, they are aware of phishing scams such as the one I received, as you can see below.

Compare With Previous Emails

If you receive a suspicious email claiming to be from a company you have received emails from in the past, you can compare emails. For example, if you have an Amazon account and you receive a suspicious looking email from them, compare it to emails that you have previously received from Amazon. Phishing emails will have noticeable differences, such as font style or colour and formatting. If the style of the email is different to what the company usually sends, it is a scam. If you are still unsure whether the email is phishing, call the company. Businesses are aware of phishing and they will be happy to ensure that your account with them is secure.

Personal Information Requests

Legitimate companies will never send you an email asking you for sensitive personal information, such as bank details. Any emails you receive asking for personal information, or asking for money, should be treated with suspicion as they are likely to be phishing.


If you suspect an email is phishing, do not click on any links. Report the email as phishing and delete it.

If you think you have been phished, you should immediately change your passwords, backup your data and run a virus scan on your computer.


Cardonet can provide you with a comprehensive range of cyber security services to help you stay secure and, at the same time, help you demonstrate compliance with industry and regulatory standards. To find out more about our Cyber Security Services, please click here.

If you are concerned about how phishing has affected or could affect your business in the upcoming year, call us on +44 203 034 2244 or +1 323 984 8908. Alternately, you can contact us online. We will be happy to help you overcome your hotel IT challenges so that you can improve your guest experience and set your hotel apart. Cardonet have been working with businesses for the past twenty years to help them overcome their technological challenges. We have engineering bases in the United Kingdom, Europe and Southern California and our group of highly experienced engineers are available 24/7 to assist and ensure that your IT infrastructure is secure and running seamlessly.

Share this on:

  • LinkedIn
  • Twitter
  • Facebook
Tagged under: Business Continuity, Cyber Awareness, Cyber Security, Phishing Scams

About Rachael

What you can read next

Cardonet Top Tips Vigilant Cybersecurity Risks Home Working
Cybersecurity Risks of Remote Working
October Cybersecurity Awareness
October is Cybersecurity Awareness Month
practical strategies to enhance cybersecurity
Practical Strategies to Enhance Business IT Security

You must be logged in to post a comment.

Featured Posts

  • cardonet events 2020

    Cardonet Lockdown Events 2020

  • Teams Phone

    Microsoft Teams Phone can Replace Your Business Phone System

  • practical strategies to enhance cybersecurity

    Practical Strategies to Enhance Business IT Security

  • the-importance-of-having-a-useable-and-tested-IT-disaster-recovery-plan-cardonet

    The importance of having a useable and tested IT disaster recovery plan

Archives

  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017

Categories

  • Bam's Blog
  • Customers
  • Cyber Security
  • Events
  • GDPR
  • Guidance
  • IT Consultancy
  • IT Support
  • Managed IT
  • Press Release
  • Recruitment
  • Team
  • Uncategorised
  • USA

Tags

Awards BBQ Business Business Continuity Christmas Christmas Party Cloud Computing Compliance coronavirus Covid 19 Cyber Awareness Cyber Security Data Backups Disaster Recovery Halloween HOSPA HOSPACE Hospitality Hotel Hotel IT Services Hotel IT Solutions Hotel IT Support Hotels Hotel Technology Information Security Management ISO IT documentation IT infrastructure IT Services IT Support London Managed Service Provider Microsoft Migration Pancake Pancake Day Party Phishing Scams Remote Working Security Software Summer Party Team Team Event Teams

Cardonet Twitter

34 days ago#2020 has been a challenging year and we all deserve huge praises. Especially the NHS staff. We welcome #2021 wi… https://t.co/v7nBXTz6pj
Follow @@cardonetit
TOP

We will help you overcome your technology challenges

Call us on +44 203 034 2244 or +1 323 984 8908, email us at or fill out the following form to start the conversation.

For further information on how we process your data, please refer to our Privacy Policy.

IT Solutions

  • IT Solutions by Industry
  • Business IT Challenges

IT Services

  • IT Support
  • IT Consultancy
  • Managed IT
  • Managed Cloud
  • Communication
  • Cyber Security

About

  • Why Cardonet
  • Meet our Team
  • Blog
  • Case Studies
  • Careers

Contact

  • +44 207 837 2444
  • UK: +44 203 034 2244
  • US: +1 323 984 8908
Cardonet 20 years proudly supporting our customer
  • Company Number: 06263199
  • VAT No: GB 912250759
  • 7 Stean Street, London, UK, E8 4ED
  • 925 N La Brea Avenue, Los Angeles, CA 90038
Cardonet IT Support and IT Services in London

© 1999 - 2020 All rights reserved.

  • Sitemap
  • Terms and Conditions
  • Privacy Policy
  • GDPR
  • Accessibility Statement
  • Corporate Social Responsibility
  • Environmental Policy
TOP
Cardonet
Cardonet Consultancy Limited 7 Stean Street London, Greater London E8 4ED
London Map +442030342244
Cardonet US Inc 925 N La Brea Ave Los Angeles, California 90038
Los Angeles Map +13239848908
Home Cardonet IT Support Logo