24 March 2020
Please find below some links with advice from the National Cyber Security Centre, including some that specifically addressed Covid-19 themed phishing emails.
General home working advice for organisations and individuals: https://www.ncsc.gov.uk/guidance/home-working
On how to spot phishing emails: https://www.ncsc.gov.uk/guidance/suspicious-email-actions
Here's some tips on spotting phishing emails:
- Many phishing emails have poor grammar, punctuation and spelling.
- Is the design and overall quality what you'd expect from the organisation the email is supposed to come from?
- Is it addressed to you by name, or does it refer to 'valued customer', or 'friend', or 'colleague'? This can be a sign that the sender does not actually know you, and that it is part of a phishing scam.
- Does the email contain a veiled threat that asks you to act urgently? Be suspicious of words like 'send these details within 24 hours' or 'you have been a victim of crime, click here immediately'.
- Look at the sender's name. Does it sound legitimate, or is it trying to mimic someone you know?
- If it sounds too good to be true, it probably is. It's most unlikely that someone will want to give you money, or give you access to a secret part of the Internet.
- Your bank, or any other official source, should never ask you to supply personal information from an email.
- Try to check any claims made in the email through some other channel. For example, by calling your bank to see if they actually sent you an email or doing a quick Google search on some of the wording used in the email.