How to stay safe from phishing

How to stay safe from phishing

What is phishing?

Phishing attacks are typically scam emails, online services, phone calls or texts where a company is posing as a brand you recognise. Phishing scams take control of software and security weaknesses. Their aim is simple – they are designed to make you panic and will trick you into responding or clicking immediately on links by claiming you will lose something if you don’t.  


Phishing scams can seem legitimate and very convincing so it’s important to remain vigilant. If you click on the link, open attachments or provide them with any information you may be tricked into handing over valuable personal details, money, or downloading something that infects your computer and puts you at risk. Visit Security & Fraud Prevention for more information.  

What should I do if I have been cat-phished?

If you have been the victim of fraud (identity theft, scam, credit fraud alert), or cybercrime please report this to Action Fraud; Action Fraud is the UK’s national fraud and cyber crime reporting centre. You can report either online at or by telephone on 0300 123 2040.


Attackers spend a lot of time working on their phishing attacks and typically send these out to millions of people. They have no idea how many people they will deceive but much like using a net to catch fish, you don’t know what you will catch, but the bigger the net, the more fish you will find! 


What to look out for?

Be cautious, even if you think you recognise the sender, they may be a phishing site. Genuine companies will never ask for Online Banking log on details or card details in an email. Don’t reply or click on any links or attachments. Visit Be Fraud Smart for more information.


The link could take you anywhere and also applies to images. Clicking on anything in an email you didn’t expect is like taking a leap into darkness as you just never know where the link will take you. 

What should I do instead of clicking links?

If unsure, visit their website by typing their known web address directly into the address bar. Don't click on a link or copy and paste from the email itself.


By visiting the website this way, you can see if there’s something that needs taken care of without the risk of ending up on a phishing site. Visit Be Fraud Smart for more information.

Once on the legitimate website, you have the option of phoning the company direct on a known trusted number.


The bottom line is that unless you explicitly know and trust it, avoid it! 

Make this a habit and you can avoid one of the biggest mistakes in internet safety!


For further information on fraud and scams please visit our FAQs.