By Lynne Gowers on 9th October 2017

Don’t be fooled by phishing – 5 warning signs an email isn’t what it seems

While it’s not a new problem, it certainly isn’t one that’s going away anytime soon. We’re talking about phishing – the term used for the fraudulent practice of luring people to websites they wouldn’t normally use.

Phishing is typically carried out by unsolicited email or instant message in an app or social media platform. Its goal is to direct the user to a fake website, often in a bid to get them to enter personal details. Communications can appear to be from banks, retailers or service providers and have the look and feel of the real thing, the only difference is the website you are pointed towards.

Don’t get caught in the phish net – the warning signs

The phishing techniques used by online scammers are becoming ever-more sophisticated, making them all the more easy to fall for. Most of us would see right through a communication from a Nigerian prince, promising a share in his fortune if you would just part with your bank details. But what about a very official and legitimate-looking email purporting to be from your bank or a trusted service-provider? Harder to spot unless you are paying close attention.

Here are the warning signs to look out for:

Warning sign #1 – Asking for personal information

Financial institutions, reputable online retailers and service providers (including Boox) do not email or message their customers asking for personal information or information which they should already hold.
Here is an example of a phishing email sent to DHL customers to trick them into entering their personal details on a fake website.

phishing(Image credited to Comodo)

Warning sign #2 – Badly written emails or threatening language

Read emails and messages carefully. Phishing emails frequently contain spelling or grammatical errors which professional companies would (hopefully!) never make in their communications.

Likewise be alert to scare-mongering language which threatens repercussions if you do not take the actions they are asking you to, such as deactivating your account or cutting off your service.

Warning sign #3 – Hidden or misleading links

One of the hallmarks of a phishing attack is a link directing you to somewhere other than where it claims to. Hover over links before you click on them. Be aware that some URLs might look valid at first glance but use a different domain (.net instead of .com for example) or try to catch you out with a slight variation in spelling.
Also look out for shortened URLs. Scammers can use services such as, to shorten long URLs which further disguises the link’s destination.

Warning sign #4 – Attachments you are not sure of

A relatively new phishing trick is to bypass spam filters by placing the text of an email and fraudulent links in a file attachment, such as a PDF document, rather than in the body of the message. Files may also contain malware, so only click on attachments which you are completely sure about.

Warning sign #5 – The sender’s email address

Have a look at this email claiming to be from Amazon. At first glance it looks legit. Now look at the sender’s address in the email header – it in no way matches the name or the domain it is allegedly from.

(Image credited to Heidmal Security)

What do you when you’ve been phished

If you have a hunch that you’ve received a phishing email or message, do not reply to it, download any attachments or click on any links within it.

Just ignoring such emails helps the cyber-scammers to get away with it. Always report it directly to the organisation the communication claims to be from, but don’t use the contact information in the phishing message.

If you do get caught out, immediately change your passwords for the accounts involved and contact the company in question.

Boox App users

As an online accountancy practice, we take our security and that of our clients very seriously.

We will never ask you to provide or verify personal details through the app, by email or by text message.
If you receive any suspicious communication purporting to be from Boox, contact us straight away. Do not reply to the message, click on any links or download any attachments.

As with any application it is important to change your Boox App password regularly to keep your account safe and secure. Here’s a quick tutorial video to show you how to do this easily:

Final advice

Our final tip to avoid get fooled by phishing is trust your gut. If something doesn’t feel quite right, or sounds to good to be true, it probably is.

Lynne Gowers Written by Lynne Gowers

Was this article helpful?


Although we attempt to ensure that the Information contained in this publication is accurate and up-to-date at the date of publication it may not be comprehensive, we accept no liability for the results of any action taken on the basis of the information they contain and any implied warranties, including but not limited to the implied warranties of satisfactory quality, fitness for a particular purpose, non-infringement and accuracy are excluded to the extent that they may be excluded as a matter of law.

Share this blog

View our latest blogs

Take a look at our recent blogs below.

We’re here to help

Discuss your business and accountancy
needs in detail with our friendly team with
absolutely no obligation.

Call our friendly team on 0808 168 0422 or

Request a call back

(Open 8.30am to 5.30pm Monday to Friday)

Emily Ewin New Client Manager
Emily Ewin New Client Manager