Phishing emails are fake emails designed to make you click on a dodgy link, part with money or share personal information.
The email might have branding to make it look like it comes from a business or organisation you already have a connection with – your bank, your doctor, a tradesperson or HM Revenue and Customs (HMRC). Or it might appear to come from a business you’d be interested in buying from – a holiday company or fashion brand.
Phishing email checklist: what to look for
With the rise of artificial intelligence (AI), fake emails are getting more convincing all the time. But there can be some signs that an email isn’t genuine, so look out for:
- an amazing, time-limited offer or strong encouragement to ‘click here/now’ – encouraging you to respond quickly
- an email that doesn’t use your name – perhaps they don’t really know who you are
- spelling and grammar mistakes (though phishing emails are getting more sophisticated than they used to be)
- imagery or design that looks familiar but doesn’t feel quite right
- an unusual email address – it might look a bit similar but does it really match the official company’s email address?
- encouragement to click on an unknown link – if you’re not sure, visit the organisation’s website directly rather than clicking through
- a request for you to share personal data
What to do if you suspect fraud
If you’ve seen something that doesn’t feel right, STOP!
- break the contact – don’t reply, click on any links, call any phone numbers or make any payments
- check if it’s genuine: contact the organisation directly using an email address or phone number you know is correct, e.g. from your utility bills, via a search engine, on the back of your card or by calling 159 for banks
- before you delete the email, forward it to report@phishing.gov.uk
What to do if you’ve already responded to the email
Don’t panic! What you do next depends on whether you’ve replied, clicked a link, sent information or made a payment. Take a look at our advice on what to do if you’ve been a victim of fraud.
Reporting fraud
If you’ve been the victim of a phishing email, find out how and why to report it.