🔍 How to Spot a Scam — Quick Checklist
Report It to Action Fraud
Phishing emails: [email protected]
Scam texts: forward to 7726 (free)
Scam calls: report to Action Fraud
Action Fraud: 0300 123 2040
Threat-Specific Sections
📧 1. Phishing (Email-Based Attacks)
- Slightly altered domains (paypaI.com vs paypal.com)
- Urgency or authority pressure ("Immediate action required")
- Unexpected attachments or login requests
- Mismatched sender/display names
- Email header manipulation and spoofing
3. Credential harvesting or malware execution
💬 2. Smishing (SMS/Text-Based Attacks)
- Generic greetings ("Dear customer")
- Suspicious shortened URLs (bit.ly, tinyurl)
- Messages from unknown or international numbers
- Urgent delivery or bank claims ("Your parcel is waiting")
- Links to fake login pages or app install prompts
📞 3. Vishing (Voice/Call-Based Attacks)
- Caller ID spoofing (number looks real but is not)
- Pressure to act immediately (payments, credentials)
- Requests for OTPs, PINs, or remote access
- "Verification" calls you did not initiate
- Emotional manipulation — fear, urgency, authority
Key Differences & Overlaps
| Factor | Phishing | Smishing | Vishing |
|---|---|---|---|
| Channel | SMS | Voice call | |
| Speed | Slow (async) | Fast | Real-time |
| Difficulty | Easier to spot | Moderate | Hardest (human interaction) |
| Goal | Credentials, malware | Data capture | Financial fraud |
Example: A coordinated attack may use phishing (email link), followed by vishing (fake bank call to verify), and smishing (OTP capture).
Modular Training Blocks
Module A: How to Recognise a Threat
- Check the source — email domain, phone number, caller identity
- Analyse intent — is there urgency, fear, or authority pressure?
- Inspect links — hover (email), expand (SMS), verify verbally (calls)
- Validate context — were you expecting this communication?
Module B: Dos and Donts
- Verify requests via official channels
- Report suspicious messages immediately
- Use multi-factor authentication
- Pause before acting on urgency
- Click unknown links or download attachments
- Share passwords, OTPs, or sensitive data
- Trust caller ID or display names alone
- Install apps from unsolicited prompts
Module C: Reporting Procedure
- Report phishing: [email protected]
- Forward scam texts to 7726 (free)
- Action Fraud: 0300 123 2040
- Report spam to your email provider
- Message content (screenshot or raw text)
- Sender email / number / caller ID
- Timestamp of when it arrived
- Did you click or respond? Note what happened
Module D: What to Do If You Fell for It
- Change passwords — immediately, starting with your email and banking
- Revoke active sessions — log out of all devices from account settings
- Contact your bank — if financial details were shared, freeze cards
- Run a malware scan — on your phone, laptop, or both
- Report it — to Action Fraud and the relevant platform
- Monitor accounts — check for suspicious activity over the next weeks
Module E: Real-World Scenarios
"Your parcel is waiting. Click here to reschedule."
Red flag: Generic greeting, shortened URL, no tracking number. Response: Delete and block sender.
"Urgent — wire payment to new supplier today, CC is in loop."
Red flag: Different email domain, unusual urgency. Response: Verify via phone call using known number.
"This is IT. We need your MFA code to verify your account."
Red flag: IT never asks for MFA codes. Response: Hang up. Call IT on the official number.
🔒 Always verify before you trust. If a message asks for urgent action, sensitive information, or financial transactions — stop and confirm through an official channel. Report suspicious communications immediately.