Back to Insights Back to Insights

The average office worker receives 121 emails per day. This, along with the fact that criminals are getting smarter, means phishing emails are becoming harder to spot. 

Even the most observant and diligent employee can mistakenly open a phishing email, causing serious consequences for your cybersecurity. In this article, we provide some helpful tips on how to protect your business from phishing emails.

What is a phishing email?

A standard phishing scam involves scammers sending thousands of fake emails to people, asking for sensitive information, for example, bank details. A phishing email can also contain a link to a website that, if clicked on, can download a damaging virus.

The senders of phishing emails aim to trick the recipient into sending money or stealing the recipient’s identity.  

How to spot a phishing email?

To ensure your employees can recognise and report a phishing attempt, it is important to have the following policies and procedures in place:


Configure your employees’ accounts using the principle of least privilege

This means that an employee’s access to the network is limited to what is required for them to perform their duties. 

This will mitigate any damage should a staff member fall victim to a phishing attack. Furthermore, do not allow an employee using an account with Administrator privileges to open emails or browse the internet.


Educate employees on how to spot phishing emails

Most scam emails come from overseas, so might be written in poor English with clear spelling and grammar errors.

No reputable organisation will ask someone to provide company or personal bank details by email, so this is an obvious sign that the message is a scam. Employees should also be alert to any emails from high-ranking officials, especially if they are asking for money.


Don’t volunteer information to cybercriminals

Remember, all the information contained on your company website and social media accounts can be used by scammers to create bespoke phishing emails. 

Keep track of your organisation’s digital footprint, including any online information provided by suppliers and/or partners. And encourage employees to consider how much personal information they put on the internet, not only for the protection of the company but also for their online security.


Get legal assistance from LawBite

The adage of ‘if it seems too good to be true, it probably is’ applies to phishing emails. It is highly unlikely that a stranger wants to give your employees money or access to some secret area of the internet. By empowering your employees to identify and report phishing emails, you will drastically reduce the risk of a cyber-attack.

To talk to our solicitors about cyber protection and understand more about our unique GDPR packages, please contact us below. We can provide you with a free 15-minute consultation.


Get started


Additional resources

In closing

Nothing in this article constitutes legal advice on which you should rely. The article is provided for general information purposes only. Professional legal advice should always be sought before taking any action relating to or relying on the content of this article. Our Platform Terms of Use apply to this article.

Free legal support for businesses

The LawBite Free Essentials Plan acts as your very own legal assistant, ready to provide expertise and guidance on the common legal issues that SMEs and businesses face.

Free Templates
  • X 3 legal document templates
  • Drafted by our expert lawyers
  • New documents added every month
Legal Healthcheck Tools
  • Business-specific surveys
  • Understand how compliant you are
  • Checks in, GDPR, IP, Brexit and more
Resources, Webinars and Articles
  • Access to the latest LawBite events
  • Legal guides for businesses
  • Smarter business law videos