Phishing and scam emails are fraudulent messages that try to trick you into giving away your personal, medical or financial information, or infect your device with malware. These emails can be very convincing and may appear to come from legitimate sources, such as the Nottinghamshire Healthcare NHS Foundation Trust. However, there are ways to spot and avoid these malicious emails. This page will provide you with some tips and best practices to help you stay safe online.
How to spot phishing and scam emails
Phishing and scam emails often have some common characteristics that can help you identify them. Here are some examples of what to look out for:
- Sender’s address: Check the sender’s email address carefully. Phishing and scam emails may use a fake or spoofed address that looks similar to the real one, but has some subtle differences. For example, instead of @nottshc.nhs.uk, they may use @nottshc-nhs.uk or @nottshc.com.
- Subject line: Look at the subject line of the email. Phishing and scam emails may use urgent or threatening language, such as “Your account has been suspended” or “You have an outstanding invoice”. They may also use generic or vague terms, such as “Important message” or “Please read”.
- Content: Read the content of the email carefully. Phishing and scam emails may have spelling or grammatical errors, or use poor or inconsistent formatting. They may also ask you to do something unusual or suspicious, such as clicking on a link, opening an attachment, or providing your personal or financial information. They may also offer you something that sounds too good to be true, such as a job opportunity, a prize, or a refund.
- Links and attachments: Hover over any links or attachments in the email. Phishing and scam emails may use fake or misleading web addresses that do not match the expected destination or the sender’s domain. For example, instead of https://www.nottinghamshirehealthcare.nhs.uk/, they may use http://www.nottinghamshirehealthcare.com/ or https://www.nottinghamshirehealthcare.nottshc-nhs.uk./. They may also use attachments that contain malware or viruses, such as .exe, .zip, or .docm files.
How to protect yourself from phishing and scam emails
Phishing and scam emails can be very harmful if you fall for them. They can compromise your personal or financial information, damage your device, or expose you to further attacks. Here are some tips and best practices to help you protect yourself from phishing and scam emails:
- Do not reply: Do not reply to any phishing or scam emails. Replying may confirm that your email address is active and encourage the sender to send you more emails or target you with more sophisticated attacks.
Do not click or open: Do not click on any links or open any attachments in phishing or scam emails. Clicking or opening may redirect you to a fake or malicious website, or download malware or viruses to your device.
- Verify: If you are not sure whether an email is genuine or not, verify it with the sender or the organization. You can do this by contacting them directly using a trusted source, such as their official website, phone number, or email address. Do not use any contact details provided in the email, as they may be fake or compromised.
- Update: Keep your device and software updated with the latest security patches and antivirus software. This can help you prevent or detect any malware or viruses that may infect your device through phishing or scam emails.
- Secure: Use strong and unique passwords for your online accounts and enable two-factor authentication if possible. This can help you protect your personal or financial information from unauthorized access or theft. You can also use a password manager to store and manage your passwords securely.
Legitimate Trust comminications
There have been instances in the past where phishing and scam emails allegedly from the Trust, offering job placements have been sent to a number of individuals both within and outside of the UK.
It can be very hard to spot the problems with such a message but in addition to the advice above you should note the following:
- We will never send you a scanned letter.
- The NHS does not offer private healthcare.
- The Trust does not offer performance related bonuses.
In addition, the Trust uses an electronic recruiting system called TRAC. All legitimate emails originate from that system and will include a job reference number. If you have applied for one of our vacancies, the job reference number will match the number assigned to the vacancy you applied for.