top of page

How to spot a dodgy email...that looks real

Talk about the irony but we got a really suspiciously real but dodgy email today here at NHW HQ...

All very alarmist and official looking but a totally unexpected email. On closer inspection, we spotted a few giveaway signs that this email was definitely not legitimate and definitely phishing or worse...

  1. The senders domain. It is doubtful that has any interest in our password expiring. Nor do they administer our domain. That was the first hint that this was not legit.

  2. The bogus Sandbnhw HelpDesk Support sending mailbox - no such portal exists.

  3. The Threat. How can our domain be permanently closed? It takes forever for a domain to be deregistered. This is just a horrible scary threatening untruth there to force us to click the button in a panic

  4. The Button. Keep using our current password? Really? On closer inspection, this is where the damage happens - by hovering a mouse over the button, we can see exactly where it wants to send us... and it's not to our domain host. https:// and blah. The phishing scam is in that button. Luckily we have great anti virus software and when we did by accident click the button when trying to copy the bogus code, we got this warning flash up...

So, what to do...

  1. Don't click anything, open any attachment or follow any links in the email.

  2. Forward the email to . The National Cyber Security Centre (NCSC) will investigate it.

  3. Delete the email

  4. Have a cuppa and congratulate yourself for being ScamSavvy!

Scammers are becoming more and more sophisticated and with AI able to do human stuff at the speed of light, its only going to get worse. Do a course at and share your knowledge. Its all free and knowledge where scams are concerned is the ultimate defence.

45 views0 comments


bottom of page