Spotting a Phishing email
Common clues that will help you identify a phishing email are:
- The mail comes from an unexpected email address (e.g. @hotmail.com, @gmail.com, @live.com or @yahoo.com) instead of one associated with the organisation that is claiming to be contacting you (e.g. @hsbc.co.uk or @sheffield.ac.uk)
- The message may have poor spelling and grammar
- It has a non-standard salutation such as Dear account user, Dear valued customer
- It uses a lot of capital letters, eg Dear WEBMAIL ACCOUNT USER
- The message carries a disproportionate threat or warning
- The message warns of a big change but has no email address or phone number for further information.
We have put together a screencast that shows you how to spot phishing messages.
Making sure your computer and web browser is up to date can reduce the risk of being caught out in a phishing attempt; however, you should never be complacent about giving out personal information such as your password or account details.