Don’t Get Hooked! How to Spot a Phishing Email

Phishing emails – those sneaky wee scams trying to reel you in faster than a seagull nicking your chips.

They’re getting trickier every day, but we’ve got your back. Here’s how to spot a phishing email before you get caught out, plus what to do to stay safe online.

What Is Phishing?

Phishing is an online scam where fraudsters pretend to be someone you trust – like your bank, a delivery service, or even a pal – to trick you into giving away personal details.

They usually want:

• Login credentials
• Credit card numbers
• Account info or personal data

It’s the digital version of a knockoff designer bag – except this one could cost you your identity.

Check the Sender’s Email Address Carefully

One of the first red flags in a phishing email is the sender’s address. It may look legit at first glance, but when you hover over it, you might see something like support@bankofscot123.com instead of a proper business domain.

Scammers often tweak well-known names or add random numbers to look “close enough.” If the domain looks odd, trust your gut – it’s likely a fake.

Watch Out for Urgent or Threatening Language

Scam emails are designed to make you panic. They often say things like:

• “Your account has been compromised”
• “Immediate action required”
• “Click here or risk suspension”

These emails want you to act without thinking. Legit companies don’t use scare tactics. If the tone feels aggressive or urgent, it’s probably not real.

Spelling and Grammar Are Big Clues

Real companies triple-check their communications. Phishing emails? Not so much.

Look for:

• Spelling errors
• Awkward grammar
• Sentences that feel like they’ve been Google Translated three times

If it reads like it was written by someone who failed their Nat 4 English, treat it with caution.

Think Before You Click

Dodgy links are a scammer’s best friend. If you get an email asking you to “verify your account” or “log in now,” don’t click without thinking.

Hover over the link to preview where it goes. If the URL looks off – maybe it ends in .xyz, has extra numbers, or doesn’t match the company – close the email and go to the official site directly.

Example: instead of clicking the link in a suspicious PayPal email, type www.paypal.com directly into your browser and log in there.

When in Doubt, Don’t Reply – Reach Out Another Way

If something feels off, don’t respond to the email. Don’t click, don’t enter info, and definitely don’t download attachments.

Instead, contact the company directly using their official website or phone number – not anything included in the email itself.

And if you do fall for a phishing attempt, change your passwords immediately.

Stay Smart, Stay Safe

Phishing attacks are becoming more convincing – but if you stay alert, you can spot the signs before it’s too late.

Keep an eye out for dodgy senders, strange grammar, pressure tactics, and odd-looking links. And remember: real companies don’t ask for sensitive details over email.

So next time your inbox serves up something suspicious, don’t get reeled in. Trust your gut, close the tab, and report it if needed.