On the third day of Christmas…beware of phishing emails – they bring no glad tidings


Andrew Davidson

Andrew Davidson

IT Audit Senior Manager


“WARNING – Your Amazon account was used from an unknown device to purchase a £200 gift voucher. Click here to review or amend this transaction.”

“Congratulations, you’ve won a £50 Tesco voucher, click here to log into your Tesco Bank account.”

“Here’s a receipt showing your successful purchase of a year’s subscription to Netflix. “

“We’ve detected unusual activity in your bank account”

“We’ve suspended your PayPal account due to unusual activity”

So…recognise any of these? You might already have seen something similar in your inbox.

As the Christmas season approaches, we are inundated with special offers and gift vouchers from retailers. While a lot of these offers seem tempting, it’s important to remember that Christmas is also a busy time for cyber criminals hoping to catch you out with cleverly disguised phishing emails!

Phishing emails – what to look out for

The key to successfully phishing for someone’s personal details is to appear to come from somewhere you trust and then often add an element of threat. For example, a very common phishing scam is to pretend to be from Amazon or Apple giving a “receipt” for an extravagant purchase. We instantly recognise Amazon or Apple branding and inherently give emails with pictures of these brands a strong element of trust. Add to that the threat that someone has already accessed your account and made an expensive purchase can have many of us reach for the “click here to log in to your account” button before taking a moment to think.

Now, to avoid any doubt in your mind, emails from banks or online retailers (such as Apple or Amazon) never - and I mean NEVER - contain a handy link to allow you to log into your account. If the email says anything like “click here to verify” or “click here to log in” then it’s fake.

Clicking on these links will more often than not take you to a website that looks exactly the same as the genuine website with two key differences. Firstly, the web address will be wrong. Some of the more sophisticated attempts will have a close approximation such as www.amazonuk.co.uk or even app1e.com where you might not notice the difference from the genuine address on a quick look. Secondly, when you log in, all that will happen is that your details will be passed to the hacker. You might even be automatically re-directed to the genuine site with the message “you entered your password incorrectly – please try again” and so you’ll be none the wiser for the subterfuge.

How to protect yourself from the cyber grinches!

If you are ever you are in doubt look out for the following tell-tale signs:

  1. Don’t trust the display name on emails (anyone can copy and paste a picture)
  2. Hover the mouse over links on the email to see where they actually direct you to. When in doubt, google the company and log into the genuine site to review the claims.
  3. Check for spelling mistakes (English is not always the first language of the hacker)
  4. Does it mention you by name? Or are you “Valued Customer”
  5. Legitimate banks NEVER ask for credentials over email
  6. Beware of urgent or threatening language. The sense of urgency can put people into a panic and they are more likely to react than think.
  7. Does the email include credentials such as addresses, phone numbers and postal contact details? All banks and retailers include this.
  8. Don’t open attachments from anyone unless you were expecting it
  9. No bank or retail company ever provide handy links to login (although they do have links to FAQ sites or feedback sites)
  10. If it seems too good to be true – it probably is.

Keeping these points in mind can help lead to a happy and phish-free Christmas!

Did you know? Our team provide an IT auditing service to help you test your systems and ensure your staff are up to speed with best practices. If you’re interested to find out more, please get in touch with me at: andrew.davison@jcca.co.uk