Guidance: Phishing: Spot and report phishing emails and websites
Phishing attacks aim to steal or damage sensitive data by deceiving people into revealing personal information like passwords and credit card numbers.
A successful phishing attack can have serious consequences for Marie Curie, which could include loss of charity funds, exposure of coworkers personal information, unauthorised access to patient data or reputational damage.
Spotting and reporting phishing emails and websites helps to protect Marie Curie from scammers.
You can reduce the likelihood of being phished by being aware of the more common types of phishing attacks we have reported at Marie Curie.
Email Phishing - this type of attack uses tactics like hyperlinks to a malicious website then attempts to harvest personal information.
Malware Phishing - involves attaching malware disguised as a trustworthy attachment, like a CV, invoice or statement. In some cases opening a malware attachment can paralyse an IT system
Spear Phishing - where specific individuals are targeted by exploiting information gathered through research into their social media like Linkedin, Facebook and TikTok or company website
Quick tips to reduce the risk of being phished
Don't trust display names - Check the senders email address before opening the message
Check for typo's and grammar - Spelling mistakes and poor grammar are typical signs in phishing emails
Read the salutation - if the email is addressed to "valued customer" be wary
Beware of threats - phrases like "your account will be suspended" be wary
What to do if you receive a suspicious email
Forward all suspicious emails to phishing@mariecurie.org.uk
Click the link to Learn how phishing works from the attacker's perspective.