The senders email address may look trustworthy at first, but the name after the ‘@’ (the domain) can give you a clue as to whether it's bogus. For example if the email is sent from: @eonHelpDeskUK.com, this is likely a phishing attempt, as we’d only send emails from @eonenergy.com.
A genuine email will address you by your full name, and not a generic term like ‘sir’, ‘madam’, or ‘loyal customer’.
If you’re using a mouse, hover over any links you’re unsure of before clicking on them, just to see if the link address looks genuine. If you’re unsure, go to the website directly instead of using the link in the email.
Check the grammar, tone and design of any emails which you receive. Look out for inconsistent fonts, unusual characters and punctuation.
If you’re asked to enter personal details, check that the website’s address starts with ‘https’. The ‘s’ stands for ‘secure’ but doesn’t guarantee the site is genuine.
A sender isn't always who they say they are. Fraudsters can make email addresses appear genuine, even from someone you know.
Try not to click on any links, or open attachments from senders you're not sure of.
Use a mixture of numbers and both upper and lower case letters. Your emails are the most vulnerable to hackers, so keep them safe.
