Suspicious emails: How to spot them

The COVID-19 pandemic has triggered a rise in hackers sending fraudulent emails that attempt to trick you into clicking on malicious links or opening attachments.

Scammers are using phishing emails to profit from the coronavirus outbreak

* By sharing this blog with your staff and holding a Q&A session on the topic, you will instantly improve your company's cyber resilience - especially if your team is working from home.

If you've received an email asking you to donate to a worthy cause amid the coronavirus pandemic, you're not alone.

Sadly, cyber criminals have seen the global crisis as an opportunity to make money through a myriad of fraudulent messages - both online and on the phone.

Some messages have announced a 'cure' for the virus, offered financial rewards, or encouraged recipients to donate to a worthy cause.

But like many scams and phishing emails, these messages are designed to trick you into interacting. To help you detect them, we've compiled some advice from the National Cyber Security Centre (NCSC) on how to spot the most obvious signs of a scam, and what to do if you've already responded.

The guidance forms five parts:

  1. Criminals use email, phone call and text message

  2. Reporting suspicious messages

  3. What to do if you've already responded

  4. Spotting suspicious messages

  5. Make yourself a harder target

1. Criminals use email, phone call and text message

Criminals want to convince you to do something which they can use to their advantage. In a scam email or text message, their goal is often to convince you to click a link. Once clicked, you may be sent to a dodgy website which could download viruses onto your computer, or steal your passwords and personal information.

Over the phone, the approach may be more direct, asking you for sensitive information, such as banking details.

They do this by pretending to be someone you trust, or from some organisation you trust. This could be your Internet Service Provider (ISP), local council, even a friend in need. And they may contact you by phone call, email or text message. The term 'phishing' is often used when talking about emails.

2. Reporting suspicious messages

The message might be from a company you don’t normally receive communications from, or someone you do not know. You may just have a hunch. If you are suspicious, you should report it. By doing so you'll be helping to protect many more people from being affected.

Email If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) at

Text message Suspicious text messages should be forwarded to 7726. This free-of-charge short code enables your provider to investigate the origin of the text and take action, if found to be malicious.

3. What to do if you've already responded

If you've already responded to a suspicious message, take the following steps:

  • If you’ve been tricked into providing your banking details, contact your bank and let them know.

  • If you think your account has already been hacked (you may have received messages sent from your account that you don't recognise, or you may have been locked out of your account), refer to our guidance on recovering a hacked account.

  • If you received the message on a work laptop or phone, contact your IT department and let them know. 

  • If you opened a link on your computer, or followed instructions to install software, open your antivirus (AV) software if you have it, and run a full scan. Allow your antivirus software to clean up any problems it finds. 

  • If you've given out your password, you should change the passwords on any of your accounts which use the same password.

  • If you've lost money, tell your bank and report it as a crime to Action Fraud. By doing this, you'll be helping the battle against criminal activity, and in the process prevent others becoming victims of cyber crime.

4. Spotting suspicious messages

Spotting scam messages and phone calls is becoming increasingly difficult. Many scams will even fool the experts. However, there are some tricks that criminals will use to try and get you to respond without thinking. Things to look out for are:

  • Authority - Is the message claiming to be from someone official? For example, your bank, doctor, a solicitor, or a government department. Criminals often pretend to be important people or organisations to trick you into doing what they want.

  • Urgency - Are you told you have a limited time to respond (such as 'within 24 hours' or 'immediately')? Criminals often threaten you with fines or other negative consequences.

  • Emotion - Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.

  • Scarcity - Is the message offering something in short supply, like concert tickets, money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.

  • Current events - Are you expecting to see a message like this? Criminals often exploit current news stories, big events or specific times of year (like tax reporting) to make their scam seem more relevant to you.

If you think a message or call might really be from an organisation you have an existing relationship with, like your bank, and you want to be sure:

  • Go back to something you can trust. Visit the official website, log in to your account, or phone their advertised phone number. Don't use the links or contact details in the message you have been sent or given over the phone.

  • Check to see if the official source has already told you what they will never ask you. For example, your bank may have told you that they will never ask for your password.

5. Make yourself a harder target

Criminals can use publicly available information about you to make their phishing messages more convincing. This could be gleaned from your social media accounts. To make life harder for the criminals, you can do the following:

  • For your social media applications and other online accounts, review your privacy settings.

  • Think about what you post (and who can see it).

  • Change your phone number to be unlisted, or 'ex-directory'.

The National Cyber Security Centre website has detailed advice on protecting your privacy on social media.


READ MORE: How hackers try to obtain your password


The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.