Phishing is when cyber criminals use fake emails, social media posts or direct messages with the goal of tricking you into downloading a malicious file or clicking on a corrupted link.

If you click on a phishing link or file, you can unknowingly hand over your personal information to cybercriminals or install malware onto your device.  


What do I need to look for?

Before clicking any links or downloading attachments, take a few seconds to ensure the email looks legit. Here are some quick tips on how to clearly spot a phishing email:  

  • Does it contain an offer that’s too good to be true?  
  • Does it include language that’s urgent, alarming, or threatening?  
  • Is it poorly crafted writing with misspelled words and bad grammar? 
  • Is the greeting generic?  
  • Does it include requests to send personal information? 
  • Does it stress the urgency to click on unfamiliar hyperlinks or attachments? 
  • Is it a strange or abrupt business request? 
  • Does the sender’s e-mail address match the company it’s coming from? Look for little misspellings like or 

Uh oh! I see a phishing email. What do I do? 

If you’re at the office and the email came to your work email address, report it to your IT manager or security officer as quickly as possible.  

If the email came to your personal email address, don’t do what it says. Do not click on any links – even the unsubscribe link – or reply back to the email. Just use that delete button.


You can take your protection a step further and block the sending address from your email program. 

Here’s how to… 

Can I Report Phishing?

Some email platforms let you report phishing attempts. If you suspect an email is phishing for your information, it’s best to report it quickly. If the phishing message came to your work email, let your IT department know about the situation ASAP. 

Here’s how to:

There are also other applications like Sophos, which can filter phishing emails before they even arrive in your inbox or junk mail.

Join the SAP Business One Community for more tips on practising good cyber security.