What Is Phishing? How to Spot and Avoid Phishing Emails

Phishing is one of the most common cyber threats facing UK businesses today. It involves fraudulent emails, messages, or websites designed to trick employees into revealing sensitive information — passwords, financial details, or login credentials — by impersonating a trusted source.

For small and mid-sized businesses, phishing remains the number-one attack vector. According to the UK Government's Cyber Security Breaches Survey, over 80% of businesses that experienced a cyber attack identified phishing as the cause. Understanding what phishing looks like and how to stop it is essential for every organisation.

How Does Phishing Work?

Phishing attacks follow a predictable pattern. An attacker sends a message that appears legitimate — perhaps mimicking your bank, a supplier, Microsoft, or even a colleague. The message creates urgency or curiosity, prompting the recipient to:

• Click a malicious link that leads to a fake login page or downloads malware
• Open an infected attachment disguised as an invoice, delivery note, or spreadsheet
• Reply with sensitive information such as account numbers or passwords
• Authorise a payment based on a fraudulent request from a spoofed executive

Once the attacker has credentials or access, they can infiltrate email accounts, steal data, deploy ransomware, or redirect payments.

Types of Phishing You Should Know

Phishing isn't limited to generic spam emails. Modern attacks are increasingly targeted and sophisticated:

• Spear phishing — personalised attacks aimed at a specific individual, often using information gathered from LinkedIn or company websites
• Whaling — phishing directed at senior executives or finance teams, typically involving fake payment requests
• Clone phishing — a legitimate email is copied and resent with malicious links or attachments substituted
• Smishing and vishing — phishing via SMS text messages or voice calls
• Business Email Compromise (BEC) — attackers gain access to or spoof a real business email account to request payments or data

How to Spot a Phishing Email

Training your team to recognise phishing is your strongest defence. Look for these red flags:

• Sender address doesn't match the display name — hover over the sender to check the actual email domain
• Generic greetings — "Dear Customer" or "Dear User" instead of your name
• Urgency or threats — "Your account will be suspended" or "Immediate action required"
• Unusual requests — asking for passwords, payment details, or wire transfers via email
• Spelling and grammar errors — though AI-generated phishing is making this less reliable as a tell
• Suspicious links — hover before clicking to see the actual URL destination
• Unexpected attachments — especially .zip, .exe, or macro-enabled Office files

What to Do If You Suspect a Phishing Email

If an employee receives a suspicious message, they should follow these steps:

• Do not click any links or open attachments
• Do not reply to the message
• Report it to your IT team or managed service provider immediately
• Forward it to the National Cyber Security Centre at report@phishing.gov.uk
• Delete it from the inbox after reporting

If someone has already clicked a link or entered credentials, act fast. Change passwords immediately, enable multi-factor authentication, and alert your IT support provider to investigate further.

How to Protect Your Business from Phishing

A layered approach combining technology and training provides the strongest protection:

• Email filtering and security — advanced solutions scan for malicious links, attachments, and spoofed senders before emails reach inboxes. Read more about email security tools for UK businesses.
• Multi-factor authentication (MFA) — even if credentials are stolen, MFA prevents unauthorised access
• Security awareness training — regular phishing simulations and training keep staff vigilant. Explore security awareness training providers in the UK.
• Domain-based email authentication — DMARC, SPF, and DKIM records help prevent domain spoofing
• Endpoint detection and response (EDR) — catches malware that slips past email filters
• Incident response planning — know exactly what to do when a phishing attack succeeds

Why Phishing Is a Business Risk, Not Just an IT Problem

A successful phishing attack can result in data breaches, regulatory fines under UK GDPR, financial losses from fraudulent payments, reputational damage, and operational downtime. The average cost of a cyber breach for a UK SME now exceeds £15,000 — and for larger businesses, the figure runs into hundreds of thousands.

Phishing prevention isn't optional. It should be part of your broader cyber security strategy, with regular reviews and updates as threats evolve.

Get Expert Help with Phishing Protection

If you're unsure whether your business is adequately protected against phishing, Connection Technologies can help. We work with leading UK cyber security providers to find the right combination of email security, training, and endpoint protection — tailored to your size and budget.