How to recognise scam emails and phishing attempts

Today I received an email from Santander Bank warning of a possible scam that’s circulating. These scams are nothing new but they are evolving to look like they come from reputable companies or companies that people use regularly. Small business owners are most at risk (as the images show below) with fake emails appearing to come from HMRC and Sage Accounting – commonly used by small businesses.

How to recognise scam emails and phishing attempts

This email I received prompted me to offer a few tips on how to recognise scam emails and phishing attempts that land in your inbox. I get these virtually every day but I have email addresses published all over the internet on various sites, so I do expect that my address will be farmed by these unscrupulous companies.

Here’s a few examples of the kinds of emails they use:

How to recognise scam emails and phishing attempts-HMRC

How to recognise scam emails and phishing attempts-sage





The idea is that if it looks like the email comes from a company that you are familiar with, you are likely to TRUST it, therefore increasing the chances of you attempting to open the attached .zip file.

Most of the time these emails have an attachment in the for of a .zip file. Zip files are used to compress files to make them easier to send digitally. Most people are familiar with using them. The problem here is that once you open the .zip file, you may have already activated a virus and inadvertently installed nasty software on your computer.

Some emails contain ‘fake links’ to sites. This is where the link displays something you know, but leads to another site that installs software on to your device. The way to test the link for integrity is to hover over the link and look in your address bar to see if it matches the text in the email itself.

Hover over the link below for an example:

‘Please visit for more information’

If you click the link, it actually redirects to You may notice that the address bar at the bottom of the screen shows that it is linked to Google, whereas the actual link looks like a link to the Medway SEO website.

Here’s how easy this is for website owners and email writers to edit the link:

How to recognise scam emails and phishing attempts-example

This is an the email I received from Santander Bank that has some great advice and links about scam emails and phishing attempts:

To make sure your personal details and computer aren’t compromised, we wanted to make you aware of a significant email scam that’s being received by some of our customers at the moment.

How to recognise the email
The email has an attachment which appears to be correspondence linked to the email.

All official emails from us will address you by name. If an email that says it’s from us doesn’t do this, don’t open any attachments within it.

What does the attachment do if it’s opened?
It can install a virus which will encrypt your computer files and the files on your local network. Once encrypted, the computer will display a screen with a count down timer and ask for a ransom payment for the decryption key to allow you to access your files.

What’s being done about the email?
The National Crime Agency’s National Cyber Crime Unit (NCCU) is aware of the email and is working hard to trace the source. Until they do, this email has been assessed as a significant risk. Anyone who is infected with this malware should report it via

What should I do if I get the email?
Forward it to us at

If you open the attachment, the NCCU says it would never endorse paying the ransom and there’s no guarantee the fraudsters would give you the decryption key. Instead you should:

• help the NCCU find the source of the emails by reporting it at

• disconnect the computer from the network

• get your computer professionally cleaned.

Some anti-virus companies will offer corrective software solutions but won’t restore any encrypted files.

Read more advice at

Other ways to protect yourself
There are some preventative measures you can take to protect yourself

Update your anti-virus and operating system with the latest versions
These will include any updates needed to protect you against new threats since the last time your software was installed.

Back up your files regularly
By preserving them off the network, they’ll be safe if your computer does ever become infected.

I have Trusteer Rapport. Will this protect me?
Trusteer Rapport protects you against viruses that try to steal your banking log on details. This virus is different in that it doesn’t steal anything but tries to hold you to ransom. As Trusteer Rapport isn’t designed for this type of virus it doesn’t protect you against it.

If you’re unsure if an email is from us, or have any other questions about this issue, contact us on 0845 600 4388. Lines are open 7am to 11pm Monday to Saturday and 9am to 9pm Sunday.

Yours sincerely

Santander Customer Services

Santander emailed me directly, addressing me by name with this information on how to recognise scam emails and phishing attempts – I still checked ALL the links before proceeding any further.

To summarise, the easiest way to know how to recognise scam emails and phishing attempts is to make sure the email is addressed to you personally, check that the links within the email are genuine and make sure you NEVER open a .zip file that you haven’t scanned with anti-virus software.

If you found this article useful, please consider sharing with your network.