Suspicious email
by in NewsFebruary 17, 2026

We have all seen them but what are you actually supposed to do? 

We have all received them and quite often it’s obvious that it’s a suspect email as you recognise the red flags straight away.  

These you flag as spam, phishing or junk if your company email system has that capability in place, then delete. 

Never! 

  • Click links 
  • Open attachments 
  • Press buttons 
  • Reply 

What about those that you are not so sure about? 

  • Trust your gut 
  • Don’t panic or feel pressured into acting 
  • If in anyway unsure, check first 

Don’t click links or buttons 

If you click links or buttons you may be taken to specific malware pages or, most likely you will be taken to a page that looks like a genuine Microsoft login page. The idea is to trick you into entering your username and password so that it can be captured. 

In addition, clicking the link will most likely alert the sender that you are a genuine email address and potentially a future target as they know that you click links.  

Don’t open attachments 

As well as potentially alerting the sender that you are likely to click on links or attachments there could be anything in the attachment. What may be an innocent looking document could have malware embedded. 

Don’t reply 

Do not reply, again you will alert the sender that you are likely to interact with them.  

Replying to a potential scammer to ask if an email is genuine or safe is not the best way forward. Even if you recognise the sender’s email address, their email system or account could have been compromised.  

This is often how invoice fraud is committed: 

  • Use a phishing scam to login to a suppliers ‘accounts’ email  
  • Watch the invoices as they are sent 
  • Identify a potential victim 
  • Email the victim to chase payment but advise that the bank details have been changed 
  • This normally happens when there are time pressures, just before the weekend, just before a bank holiday for example 
  • Pressure the victim into acting and paying the invoice to the wrong account 

Don’t allow yourself to be pressured 

Being pressured to take action is a very common part of these scams, and it is all about getting you into an agitated state to get you to override your gut and take action that you wouldn’t normally do.  

It is highly unlikely that your boss wants that Amazon voucher right now or that you will get sued or taken to court based on an email sent just before a bank holiday. 

DO the following 

Contact your IT team and ask them to check the email for you – trust me they would rather you call to check than spend the time investigating the mess. 

If an email appears to come from a known sender, then call them and ask. Make sure you use a known phone number or get the main office phone number for their company, do not rely on any phone numbers in the email. 

Relax, don’t allow the email to increase your stress levels. If you feel this is happening walk away, take some time to think about it properly before taking any action and ask a colleague for their advice. 

Whatever your IT question – big or small – drop us a message or give us a call. We’ll make sure you get a straightforward answer without the tech-speak. 

IT that just works. So you can, too.