Avoid Email Scams

Asset 35

Quick guide to spotting suspicious emails

Posted on 14 March 2022 by Beaming Support

Email is a simple business tool used by most of us every day, but it is also a very easy method for fraudsters to gather information to assist with scams and commit cybercrimes. What could, at first, appear to be a harmless conversation or email chain may actually be a drawn-out plan to build trust before a targeted attack. In the hands of a scammer, information can be just as detrimental as clicking a suspicious link.

It is important to know how to recognise suspicious emails and what to do if you receive one. We have listed simple questions all employees should ask when using email and explained how to deal with something that doesn’t seem right.

Before trusting an email ask yourself:

Are you under pressure?

If the email requests you to click a link, download an attachment, or share information especially with any sense of urgency, be suspicious. Don’t automatically click links or attachments unless you are expecting them. If you are unsure of something you have been sent, contact the sender by another means to verify their intent.

Is this out of character?

If the email appears to be genuine but seems out of character for the sender, treat it with caution and follow up verbally rather than replying. Fraudsters may try to build rapport in order to get what they want, such as a message from a senior member of the company asking for a discreet conversation over email to get you to impart information.

Have you checked the email address?

Fraudsters can register domain names very similar to that of legitimate businesses in order to appear genuine at first glance. Words may be deliberately misspelled in order to read as a familiar address. Double letters are often used in the place of W’s or M’s, or extra punctuation added. Check the spelling and punctuation in the address are correct.

To do this on mobile, you’ll need to open the email. At the top, underneath the “From” and “To” lines, you should find a link entitled “Details” or “View details” click to expand the “From” and “To” details which will display the email address of the sender and details as to when the message was received.

Have you double checked with the sender?

Spoofing allows fraudsters to send emails that appear to be from an address that you recognise. If the email is suspicious but the address appears to be genuine, always double check with the sender verbally.

What to do if an email seems suspicious:

Operate a zero-trust policy, follow up any emails you aren’t sure of in person or by phone if necessary

If you have any reason to believe that an email may be fraudulent

  1. Shift + Delete to clear it from your inbox
  2. Report the email to a supervisor
  3. Do not forward any suspicious emails. To inform others, use print screen (Ctrl + Print SC) or use the snipping tool to capture a copy of the email safely before deleting the original email (Shift + Delete).


2023 update: CEO fraud is a new scam infiltrating UK businesses. Learn more about what the scam looks like and how you can protect your business in our blog post.


Download a PDF of this guide

Print and share the advice with colleagues

Find more help and advice to improve cybersecurity:

About Beaming

We are an Independent Internet Service Provider for UK businesses. Serious about service with a network built for business; we make sure you stay connected.

From the resilient and secure network we’ve built, to the choice of tailormade products all supplied with expert service, we provide peace of mind that businesses require.

  • Sign up and receive a guide to spotting malicious emails

  • Email phishing scams have become sophisticated. Find out what you’re up against with our guide to recognising scam emails.

  • Subscribe to the Beaming Bulletin to receive monthly cyber threat alerts, the latest bug fixes from our team & news on the tech that works best for business, and we’ll send you our Business Guide to Phishing.
    • This field is for validation purposes and should be left unchanged.