What to do with Suspicious Emails: Avoiding a Phishing Attack

2nd March 2022 | By Colin Thomson


Follow us at


When you receive a phishing email take these steps to minimise disruption and stay ahead of the scammers.

Criminals use phishing to obtain information such as user credentials and credit card details by posing as a trustworthy entity in an electronic communication. Millions of phishing emails are sent daily.

Follow these steps if you receive a suspicious e mail

1. Do not open the message.
2. Do not click on links.
3. Do not disclose personal information such as username, password, account
or financial details.
4. Do not reply to the sender or try to contact them in any way.
5. Do not open attachments.
6. Do not forward the message (but do warn others by sending a screen shot).
7. Call the person who the message is reportedly from before transferring funds.
8. If you are unsure about a suspicious email, SMS or phone call, inform your line manager or contact your IT team. 

If you think you have clicked a malicious link or have entered personal information into a suspicious website take these steps as soon as possible to minimise disruption.

Switch off your device or disconnect from the network

  • Switch off your PC, laptop or mobile device immediately.
  • If using a PC that is wired to the company network, unplug the network cable from the back of the machine.
  • Doing so limits the potential spread of malware to the rest of the network.

Inform your line manager

  • Inform your line manager of the steps you took immediately before and after the event.
  • Doing so lets your IT team understand a clear sequence of events

Contact your IT provider

  • Contact your IT department or line manager to let them know you have a potential data breach.

Update your password

  • If you have clicked a suspicious link or downloaded malware, ask your IT
    team to change the password of the affected account immediately.
  • If you use the same password for more than one site - something we strongly
    advise against; change the password on those sites to something unique and secure.

If your organisation needs help through mock phishing exercises then Contact Network ROI and we can help you implement this. 

Follow us on LinkedIn @network-roi-ltd

Follow us for company updates, industry insights and advice on how you can make the best use of technology

Follow us