Stay safe from phishing scam emails
Phishing is a method that fraudsters use to obtain personal information from you, such as usernames, passwords or bank details. They then use these for illegal purposes, for example to steal money from your account or even to clone your identity.
Typically, phishing is done by sending an email that looks like it’s from a legitimate source in order to convince you to hand over personal information. To improve your online security and avoid falling foul of phishing scam emails, we’ve put together some information on how to recognise them and what action you can take.
Check the subject line
If the subject line seems unusual, requests information, offers a reward or threatens consequences, this is probably an attempted phishing scam email or spam. Ignore it unless you’re certain you know who it’s from.
Make sure the sender is trustworthy
Be suspicious of emails from unknown senders, and remember they could pose as someone from a trusted company to make it more likely that you’ll respond to their request.
Financial or government organisations don’t send unsolicited emails that request the users to open a link or attachment, or provide information. Emails like these are probably phishing attempts.
Check the greeting
Generic greetings are a strong indication of phishing attempts. However, be aware that specific greetings don’t mean the email is safe. Attackers can find out your name or other personal information in order to create a more convincing lure, known as spear phishing.
If there’s a sense of urgency in the email which requires you to ‘act now’, it’s likely to be a phishing email. If the text is badly written or has spelling mistakes, this could also be a sign. Remember – EDF Energy will never ask you to disclose your password and you should never provide personal information if requested. It could be an energy bill scam.
Be wary of instructions to open an attachment or link within the email. Only open these if you’re sure the sender and email are genuine. It’s always best to type the URL directly into the address bar.