Email phishing

What is phishing?

Phishing is an email that tries to trick you in to giving out personal information, or visiting fake websites. Responding to a phishing attack can:

  • Release your personal details to someone who may use them fraudulently
  • Encrypt your files and folders, demanding that a 'ransom' fee be paid to revert the damage
  • Stop your computer from working completely

Whaling, pharming, angling – these are just some other common names for types of phishing attempts, but they are all designed to cause the same damage. People who engineer phishing scams are criminals and hackers.

The National Cyber Security Centre has released guidance on what phishing is, how to spot it, and what to do if you think you've clicked a suspicious link:

Key check points

  1. Is the sender of the email someone you know?
  2. Does the URL it contains look legitimate ? (Hover your mouse to check)
  3. Were you expecting an attachment?

Remember - JDLR. If it Just Doesn't Look Right, we'd rather know!


If you think you’re a victim of a phishing email, or that your computer has become infected, telephone us immediately on +44 (0) 161 306 5544.

If you receive a suspicious email, do not click on any links and do not reply, but you should let us know by sending us the phishing email as an attachment to

How to report phishing using Microsoft Outlook

  1. Select the email message
  2. Click 'More' (next to the 'Forward' button) and select 'Forward as attachment'
  3. In the new message window that pops up, send the email to:

How to report phishing using Outlook on the Web

  1. Right-click (or Ctrl+click on a Mac) on the email message
  2. Click 'Forward as attachment'
  3. In the new message window that pops up, send the email to:

You don't need to explain why you've sent the message. Everything we need to know will be in that attachment.

Never reply to suspected junk email, click any links or open any associated attachments (as these more than likely will contain viruses). Replying or clicking an 'unsubscribe' link could confirm to the sender that your email is in use and they will send you more. The only way to be completely safe is to forward any suspect messages to, then delete them.