Guide to Phishing Emails

Learn everything you need to know about one of the most common cyber-crimes

  1. Catalogue
  2. Resources
  3. Phishing Tackle

Go Phish

Sophos tell us that 41% of IT Professionals report phishing attacks on a daily basis, and that 30% of phishing emails are opened by users, so the need for education and prevention when it comes to phishing is as necessary as ever.

The content on this page and accompanying articles will give you a comprehensive overview of what phishing is, different types of attack, how to spot an attempt at phishing, technical and human ways to prevent phishing, and a handy Phishing Flowchart to help you turn the tide on scammers.

What is Phishing?

Phishing is an attempt by a cyber-criminal to obtain information from a user, usually by sending the user an email or message directing them to click links and to provide information at the website the links take them to.

The emails (and websites) are typically designed and stylised to look like a genuine email from a legitimate sender.

Phishing is a type of ‘social engineering’: attempting to manipulate someone into performing actions they otherwise wouldn’t.

Is the email I just received a phishing email?

It’s Monday. You check your email, as you normally do, and there’s an email from your bank, as there sometimes is. But this one threatens that your account will be closed in 48 hours if you don’t verify your details. All you need to do is click the link in the email and your account will be fine.

This is an example of ‘phishing’, a type of online identity theft that usually uses emails to trick the user in to doing something.

Of course, the email isn’t actually from your bank, and your account isn’t going to be closed in 48 hours, and you haven’t won a prize in a competition you knew nothing about, and there isn’t an order waiting for you at a depot. Sorry.

Phishing is devious and deceptive, playing on some of our base emotions and manipulating us when we're vulnerable.

Use our Knowledgebase Articles below to explore ways you can spot and stop phishing.

What is Social Engineering?

Social engineering is when someone attempts to manipulate someone else into performing actions they otherwise wouldn’t, like opening an email, clicking a link in an email or text message, or downloading an attachment.

The theory behind social engineering is based on Robert Cialdini’s work on ‘influence’, setting out six key principles. Click the icons below to learn more about these principles: