Skip to main content

Reading is great. Tracking makes it stick. Sign up for a free Dashboard to tick off tasks and see your Security Score.

Get my free Dashboard →
MalwareHigh priority

About 10 minutes to complete

Learn how to spot a phishing email

Learn the three things to check before clicking any link in an email. Fake phishing emails are responsible for the majority of hacked accounts in the UK — and they are getting harder to spot.

Why this matters

Phishing emails are the starting point for the majority of account takeovers and business email compromises in the UK. Attackers create convincing copies of real emails from banks, couriers, and HMRC to trick you into clicking a link or entering your details. Knowing what to look for takes only a few minutes to learn.

How to do it

  1. Check the sender's actual email address — not just the display name. Hover over or tap it to see the full address.
  2. Be suspicious of any unexpected message that asks you to click a link, download an attachment, or enter your details — even if it appears to come from a familiar organisation.
  3. Look for urgency or threats such as 'Your account will be closed' or 'Action required immediately.' Legitimate organisations rarely pressure you this way.
  4. If unsure, go directly to the organisation's website by typing the address yourself — never follow a link in the email.
  5. Report suspected phishing emails to your email provider (mark as spam) and to the NCSC Suspicious Email Reporting Service at report@phishing.gov.uk.

Need a more detailed walkthrough?

Our step-by-step guide explains each action in full detail, with confirmation steps and related tasks.

View full step-by-step guide →

Cyber Essentials framework

This task falls under the Malwarecontrol, one of five areas assessed in the UK's Cyber Essentials scheme. Completing it counts toward your Cyber Essentials alignment. Create a free account to track your progress across all five areas.

Track your security score for free

Create a free Cyber Nova AI account to tick off tasks like this one, see your Security Score, and stay on top of what you've done and what's still to do.

Start your free security check