Phishing emails: What to look for and how to stay safe

Phishing emails are becoming more frequent, and more convincing. They might look like messages from a friend, a colleague, a delivery service, or even our IT team. But behind the scenes, these are cyber traps designed to steal sensitive information or install malware on your device.

What are phishing emails?

Phishing emails are fraudulent messages that appear to come from trusted sources. Their goal is to trick you into:

• Clicking fake log-in pages to steal your credentials
• Responding to urgent sounding requests for money or sensitive data
• Downloading malicious attachments or clicking harmful links

Cybercriminals are clever and their scams are getting harder to spot. Even the most cautious users can be fooled.

How to spot a phishing email

To protect yourself and the organisation, follow these key tips:

• Check the sender carefully
  Look for subtle misspellings, strange email addresses, or unexpected senders

• Be suspicious of urgency
  If a message says 'act now' or 'urgent action required' verify the request through a trusted contact and don’t reply to the email directly

• Think before you click
  If something feels even slightly suspicious, don’t click. It’s always better to pause and check.

What to do if you spot a phishing email

• Don't click on any links or open attachments

• Report it immediately

If it's on your MS Society email, report it to:
[email protected]
[email protected] (so the address can be blocked across our servers)

If it's on your personal email, you can find information about reporting it here.

• Delete the email from all folders: Inbox, Deleted Items, and Junk

Staying alert is our best defence. If something looks off, even just a little, trust your instincts. Don’t click. Report it. Delete it.