To Catch a Scammer: 8 hacks for recognising an email scam

Today’s small businesses are increasingly vulnerable to cyber-attacks. Here’s 8 things for employees to look for in a potential phishing attack.

Our experts

We are a team of writers, experimenters and researchers providing you with the best advice with zero bias or partiality.
Written and reviewed by:
Helena Young is reader supported – we may earn a commission from our recommendations, at no extra cost to you and without impacting our editorial impartiality.

Today’s post-Covid world of work is largely based online. Remote or hybrid working models have almost completely digitised information – increasing the risk of data breaches.

According to the government’s latest Cyber Security Breaches Survey, employees mostly fall prey to phishing (fraudulent emails, social media accounts, or text messages).

On average, the report puts the cost of a successful cyber-attack at £4,200 for small businesses. Given the perfect storm of rising inflation and post-Covid loan payback, this could be enough to wipe out some SMEs.

We’ve come up with a list of 8 things to look out for in a cyber-attack. All are simple to action and share with employees, so you can protect your business and workforce against the most common cyber security risks.

1. Is it badly written?

If you’ve received a scam – or ‘phishing’ – email before, you will have noticed that the sender’s spelling and grammar can leave much to be desired. What you might not have realised, however, is that these mistakes are often intentional.

Scammers want to find targets that are less observant, and therefore unlikely to grow suspicious at the site of poor language skills.

SMS email scam phishing smishing cyber security

Spelling errors, bad grammar, distorted logos – all are tools used to weed out more-cynical targets.

Another reason that scammers introduce spelling errors is to get past spam filters, which often look out for various keywords and phrases commonly found in phishing emails.

Other tell-tale signs to look for in a badly-written scam email include a lack of personalised greeting – such as ‘Hi User’.

2. Where was it sent from?

Very few legitimate organisations will contact your business with an email domain name like ‘’. Not even Google staff members.

Check that the sender’s email address aligns with the content of the message. As an example, if you have been sent an email from PayPal and the address reads ‘’, it’s definitely fake.

This is most obvious in SMS scams – also known as ‘smishing’ texts. If there’s a random number attached to the message, such as in the below example, then it is highly unlikely to be from a genuine source.

SMS email scam phishing smishing cyber security

How can I prevent a cyber-attack in my business?

Some SMEs are more vulnerable to data breaches than others. If you store a lot of sensitive customer information in your database, it’s a good idea to invest in small business CRM software to manage risks.

Our top-rated CRM for security, Pipedrive, boasts in-built security alerts that will notify you when a user carries out suspicious activity. This includes logging in from an unrecognised device or requesting a password reset.

3. What is it asking for?

Whatever bank you’re with, providers will never ask for you or your employees to give a full PIN or password when identifying you on the phone or online. They will also never ask for card reader codes on the phone or when logging in.

Similarly, they will never ask you to click on links through a text or an email to log into your online business or personal banking account.

If you’re ever being asked to give personal details like passwords or a PIN number, end all contact with the sender and flag the offending message to colleagues.

4. Is it too good to be true?

As lovely as it would be, it’s very improbable that you’re being given a £100,000 tax rebate or gifted a pair of expensive concert tickets.

Many scams rely on wowing you with megadeals that will sound too good to be true – because they are.

Below is an actual email advertising free bitcoin from Facebook founder Mark Zuckerberg, as an example.

SMS email scam phishing smishing cyber security

In these situations, you should contact whichever organisation has supposedly sent you the email and ask for confirmation. Don’t use numbers or addresses in the message – use details from the official website.

As tempting as the idea of a tax refund might be, it’s hardly worth putting yourself at risk.

5. Is it time-sensitive?

People make bad decisions when they’re under time pressure – a fact that fraudsters will try to take advantage of.

Are you being told you have a limited time to respond (such as ‘within 24 hours’ or ‘immediately’)?

SMS email scam phishing smishing cyber security

Criminals will also often threaten you with negative consequences, like a fine. Messages like this are designed to cause panic, and make you act without thinking.

Try to slow down and think before you react. DO NOT click any links.

6. Does it include attachments or links?

Fraudsters are always looking for ways to progress you through the scam process and gather sensitive information. To do this, they often include links or attachments that appear inviting or necessary to click on.

One of the most common is infected attachments, such as a fake invoice. These might seem benign, but secretly contain viruses.

If you or an employee opens the attachment, it will be too late. The document unleashes malware onto the victim’s computer, which can be used to steal personal information.

Startups’ advises that you never open an attachment unless you are fully confident about where it’s coming from. Even then, keep an eye out for anything suspicious.

For example, if you receive a pop-up warning – don’t proceed. Contact the sender through an alternative means of communication and ask them to verify that it’s legitimate.

You can spot a suspicious link if the destination address doesn’t match the context of the rest of the email.

For example, if you’ve received an email from Disney+, you’d expect the link it is sending you to have a domain name like ‘’.

Some suspicious links are harder to spot than others. Take this recent well-designed fraudulent email from software cryptocurrency wallet, MetaMask.

SMS email scam phishing smishing cyber security

It was very hard for users to spot that something was wrong. However, the time pressure signal that ‘all unverified accounts will be suspended on Wednesday May 11 2022’ meant some customers didn’t buy into the scam and avoided clicking on the link.

In cases such as the above, a good rule of thumb is for your employees to carry out all responses to potential phishing emails in a new tab.

If the message is alerting you to look at something linked to an account you have with a company, organisation or retailer, they should log in or make the call separately under a new tab or window to corroborate it.

7. Is it on the government website?

In recent years, as the number of cyber scams has risen, the government has put more effort into investigating and taking down scam email addresses and websites.

The National Cyber Security Centre (NCSC) is a UK government organisation that can be used to report potential scams via its website, or email (

The website also lists well-known frauds in its weekly threat report. It’s a good idea to share this information with employees at the beginning of each week so they’re kept up to date on what to look out for.

8. Why am I suspicious?

Sometimes, you can’t identify exactly why an email or SMS seems suspect. Maybe it’s just a gut feeling.

It could be nothing. But it’s best to err on the side of caution and ignore the message.

If it seems like it might be a legitimate request from a source you know, such as a bank, you can always contact your provider to check before taking any other actions.

What do I do if I fall for a scam?

If you, or any of your employees, do fall for an email scam, try not to feel too anxious or embarrassed.

Today’s cyber criminals are getting increasingly more convincing, and even the cleverest CEOs have fallen prey to a phishing scam.

The first step to take is to block all contact with the sender. If you or an employee has opened a suspicious email, answered a spam robocall, or are wary you’ve been the target of a scam, cease all contact.

Write down all the information you have about the potential scammer and block their email address or phone number.

Next, contact the channel you think has been targeted. So, if the scammer has asked for your business bank account details, call your bank immediately and ask them to assist you in flagging the transaction and returning your money.

Finally, you need to protect yourself and your business in case the criminal is out to get more money or personal information. Measures include:

  • Change all your passwords
  • File a police report
  • Sign up for credit monitoring
  • Freeze your business bank card or account
  • Back up important data

Keep an eye on out for suspicious activity in your business bank account

Next Steps

Spotting phishing emails or messaging might seem obvious to some. But cyber scams are getting more intelligent every day.

Providing training for staff on phishing awareness can be a hugely effective suit of armour for protecting your business and employees from cyber security risks.

We recommend small businesses relay the above information to staff via an in-person training session or as an easily-accessible document, so that the entire workforce knows how to protect the company from cyber attacks. is reader-supported. If you make a purchase through the links on our site, we may earn a commission from the retailers of the products we have reviewed. This helps to provide free reviews for our readers. It has no additional cost to you, and never affects the editorial independence of our reviews.

Written by:
Helena Young
Helena is Lead Writer at Startups. As resident people and premises expert, she's an authority on topics such as business energy, office and coworking spaces, and project management software. With a background in PR and marketing, Helena also manages the Startups 100 Index and is passionate about giving early-stage startups a platform to boost their brands. From interviewing Wetherspoon's boss Tim Martin to spotting data-led working from home trends, her insight has been featured by major trade publications including the ICAEW, and news outlets like the BBC, ITV News, Daily Express, and HuffPost UK.

Leave a comment

Leave a reply

We value your comments but kindly requests all posts are on topic, constructive and respectful. Please review our commenting policy.

Back to Top