Callum Scobie


The phrase ‘phishing’ is an analogy of an angler throwing out a baited hook in the hope that you will bite! Disguised as an important email from a colleague, friend, or business, phishing is becoming more sophisticated and appears to be the on rise throughout the Coronavirus pandemic. According to cybersecurity company KnowBe4, Coronavirus-related phishing email attacks are up by 600%.

The intention of phishing isn’t to catch a fresh Pollack, but to catch you off guard to obtain sensitive information such as banking details and company data. Often phishing emails will ask you to input your details to gather confidential information or to click on a link to download malware.

An existing example of phishing are emails masked as HMRC asking you to claim your tax refund. We are all under added stress and pressure right now, and with new government job retention and grant schemes, it only takes one slip in judgement to fall victim to hackers.

These scams are becoming harder to detect, with hackers using various techniques such as ‘spear phishing’. This method involves manipulating personal information that is available online to tailor an email to a specific individual. The attacker may disguise themselves as a work colleague using a spoof email address.

Below are some steps that you can take to ensure you are protecting yourself from phishing scams.

  1. HMRC will never contact customers who are due a refund via email or text; they will always send you a letter through the post.


  1. Check the sender’s email address. When clicking to see the full email address, it will become apparent that they aren’t who they claim to be. If you have received an email that appears to be from somebody you know but seems unusual, double-check the address for any variations in spelling or domain.


  1. Be vigilant and consider the language in the email, spelling, or grammatical errors. If a suspicious email contains a link, do not click on it.


  1. Are you sure this is a genuine email? If you have any doubts, it’s likely the email you have received is not legitimate. It is best practice to double-check, especially if you didn’t expect this kind of email in the first place.


MMGA takes online security very seriously, and our team complete cyber safety training to protect your valuable information and data. We can set you up with the relevant provider to complete cyber safety training that will ensure you and your team remain safe online.  If you are interested in completing this training, please get in touch.