The purpose of a phishing email is to trick you into giving out personal information, such as passwords, bank account numbers and credit card details. A scammer may contact you unexpectedly, pretending to be from a legitimate business. For example, they may say they are a bank or other organisation verifying customer records. Phishing materials are designed to appear genuine and often copy the brand and style of those they are falsely attempting to represent.

Check the email you are reading for these suspicious attributes
Email attributePotential phishing tactic
Sender addressIf the sender address does not match the sender name, be suspicious of the entire email.
Email signaturesA signature block that is overly generic or does not follow the organisation's usual protocols could indicate something is wrong
Email content and tone We know how people we regularly interact with talk, so if an email sounds strange, it is probably worth a second look. If the email tries to stir up your emotions (greed, urgency, curiosity, fear etc.) while requesting privileged information, it is best not to respond.
URL's and attachmentsPhishing emails may request you to click on URL's. Do not click or submit your credentials via them. Few emails may include file attachments. Do not open it, they could be malware and might infect your system.

If the content of the email coerces you to act fast, you should slow down and think first. If the suspicious email presents you with links in words like 'CLICK HERE', hover your cursor over it to see the hidden URL.

Things to watch out for:

  • Poor spelling & grammar usage, mismatched punctuations etc.
  • Alternate spellings such as Peypal or Paypel
  • Unofficial links such as or
  • Links hidden behind a URL shortener such as
  • A sense of urgency that requires immediate action e.g: Threats to suspend or remove access unless account is validated

Can you spot the Phish?

If you spot a phish, please contact the IT Service Desk immediately.