How to Spot Scam Emails and Protect Yourself from Phishing

Posted byBrent ConlanPosted inTech TipsTags:, , , , ,

Scam emails are more convincing than ever. At Rolleston Tech Solutions, we regularly help customers who have clicked on a phishing link, entered their password on a fake website, or had their email account compromised. Here is how to spot the warning signs and protect yourself.

What Is Phishing?

Phishing is when someone sends you a fake email, text, or message designed to trick you into giving up personal information — usually your password, bank details, or credit card number. The message typically looks like it comes from a legitimate company like your bank, NZ Post, IRD, or Microsoft. It creates urgency, telling you that your account will be locked, a payment has failed, or a parcel is waiting.

How to Spot a Scam Email

Check the sender’s email address carefully. The display name might say “ANZ Bank” but the actual email address could be something like noreply@anz-security-check.com or support@banking-verify.info. Legitimate companies send from their official domain (e.g. @anz.co.nz).

Hover over links before clicking. On a computer, move your mouse over any link in the email without clicking. Look at the URL that appears in the bottom corner of your screen. Does it go to the company’s real website, or somewhere else entirely? On a phone, press and hold the link to preview the URL.

Look for urgency and threats. Phrases like “your account will be suspended in 24 hours” or “immediate action required” are designed to make you panic and act without thinking. Real companies rarely threaten you via email.

Watch for poor grammar and formatting. While scam emails have improved dramatically, many still contain subtle errors — odd spacing, unusual fonts, or slightly off branding. Compare the email to a genuine one from the same company.

Be suspicious of unexpected attachments. If you were not expecting a document, invoice, or receipt, do not open it. Malicious attachments can install viruses or ransomware on your computer.

What to Do If You Have Clicked a Phishing Link

If you have already clicked a suspicious link or entered your password on a fake site, act quickly. Change the password for the affected account immediately. If you use the same password on other accounts, change those too. Enable two-factor authentication (2FA) wherever possible. Check your bank accounts for any unauthorised transactions and contact your bank if you see anything unusual.

If your computer or email has been compromised, bring it to us. We can check for malware, secure your accounts, and help you set up better protection going forward.

Simple Steps to Stay Safe

  • Use a different password for every account — a password manager like Bitwarden makes this easy
  • Enable two-factor authentication on your email, banking, and social media accounts
  • Keep your operating system and browser up to date
  • Use Windows Defender (it is built into Windows and works well)
  • Never enter your password after clicking an email link — go directly to the website by typing the address yourself
  • If an email feels off, trust your instinct and verify through another channel

Need Help?

If you think your computer has been compromised, or you want help setting up better security for yourself or your business, get in touch with Rolleston Tech Solutions. We offer virus removal and security support for home users, and managed security including MFA rollout and Microsoft Intune for businesses across the Selwyn region.

Concerned about a suspicious email? Forward it to us at info@rollestontech.co.nz and we will tell you if it is legitimate. Call or text 027 450 2579.

Leave a comment