What's the difference between phishing and smishing?

Phishing uses email, while smishing uses SMS text messages. Both aim to steal money or data by pushing you to click links, download attachments, or share details.

Are smishing texts common in the UK?

Yes. Text-based delivery and bank impersonation scams are widely reported in the UK. A common example is the fake redelivery fee message.

How can you tell if an email is spear-phishing?

Spear-phishing looks personalised and targeted. It may use your real name, job title, colleagues’ names or details from LinkedIn, and often imitates someone you know to make an urgent request.

What should I do if I clicked a phishing link?

Run antivirus, change any passwords you entered, enable multi-factor authentication, and contact your bank if payment details were shared. Keep screenshots and report to the NCSC or Action Fraud.

Is it safe to open suspicious emails if I don't click links?

Simply opening an email is usually safe, but never click links or download attachments. If in doubt, delete it or report it.

INVESTMENT & CRYPTO SCAMS – UK GUIDE

Phishing vs Smishing vs Spear-Phishing

Scam messages come in many forms — emails, texts, or even personalised messages.
Learn the key differences between phishing, smishing, and spear-phishing —
and how to spot them in under 10 seconds.

✅ Based on real UK data ✅ Aligned with NCSC & Action Fraud. ✅ Works for emails, texts & DMs

Why this guide exists

Scammers now copy bank logos, fake dashboards and even celebrity names to make you act fast. This guide strips the noise — quick checks you can use every time a suspicious message appears.

Here’s how these scams work — and how to protect yourself.

What is Phishing?

Phishing is the most common type of scam message — fraudulent emails designed to trick you into handing over passwords, card numbers, or personal data.

- 📧 Often looks like a message from your bank, HMRC, or delivery firm.
- 🪤 Includes fake links or attachments that install malware or steal logins.
- 💳 May request “account verification” or “urgent payment.”

Example: “Your PayPal account has been suspended — click to restore access.”

What is Smishing?

Smishing is SMS phishing — scam texts sent to your phone. They often use urgency or small fees to get you to click a link.

Example: “Royal Mail: A £1.99 redelivery fee is required to receive your parcel.”

💡 Pro tip: Forward suspicious texts to 7726 (free) to report them to your network.

What is Spear-Phishing?

Spear-phishing is a targeted form of phishing aimed at a specific person or company. The scammer researches you first — using LinkedIn, social media or leaked data — to make the message look real.

- 👤 May include your real name or job title.
- 🏢 Often appears to come from your boss or colleague.
- 🔗 Contains links to fake internal documents or payment requests.

These are especially dangerous for businesses — one click can expose an entire network.

⚠️ How these scams typically work

Example:

The Pitch → “There’s a problem” (account, delivery, tax) or tempting offer.
The Hook → A link, attachment or urgent request pushes you to act now.
The Trap → You click, share details or make a “small” payment… it escalates.

Looks real? If a message uses urgency, pressure or secrecy — treat it as suspicious until you can verify it yourself.

Key differences at a glance

Type	How it’s sent	Common targets
Phishing	Email	Anyone with an inbox
Smishing	SMS / Text	General public
Spear-phishing	Email/DM (targeted)	Employees & professionals

🚩 Red flags to spot any phishing attempt

- ⚡️ Unexpected urgency → “Act now or your account will be closed.”
- 🌐 Odd sender address → Display name looks real but domain is off.
- ⛓️‍💥 Short or mismatched links → Hover and check the real domain first.
- 💸 Requests for money or gift cards → Not how legit orgs operate.
- ℹ️ Personalised details → Real job title/company = likely spear-phishing.

⚠️ Even one of these signs is enough — walk away before you lose money.

Forward to report@phishing.gov.uk →

Free PDF: Spot Scams in 10 Seconds

10 quick checks for emails, texts and DMs — concise, printable, shareable.

✅ Check the sender address
✅ Hover before you click
✅ Never pay before you verify

Get the Free PDF →

Even smart people get caught — what matters is what you do next.

💡 Trusted Tools & Resources

Fraudsters rely on speed and secrecy — these tools add extra layers of protection so you can spot scams before they cost you.

🔐 NordPass — Secure password manager that protects your logins against phishing. 👉 Get NordPass →
🌐 NordVPN — Keep your online activity private when banking, shopping, or investing. 👉 Get NordVPN →
🛡️ CIFAS Protective Registration — Extra protection if you’ve been a victim of fraud; alerts lenders to double-check applications. 👉 Learn more at CIFAS →
📘 Scam Me If You Can (Frank Abagnale) — Practical guide to spotting scams. 👉 Get the book →

🛡️ How to Protect Yourself

- ✅ Hover over links and check the real domain.
- ✅ Go to the site directly — don’t use the link provided.
- ✅ Turn on multi-factor authentication for key accounts.
- ✅ Keep software and antivirus up to date.
- ✅ Forward suspicious emails to report@phishing.gov.uk and texts to 7726 (free).

If you pause before paying, you win.

If you think you’ve been scammed:

Stop payments immediately — call your bank.
Change passwords and enable MFA.
Forward emails to report@phishing.gov.uk, texts to 7726.
Report to Action Fraud.

FAQ — Phishing & Smishing

How do I tell if an email is phishing?

Check the sender address (not just display name), hover links, and watch for poor grammar or unexpected attachments. Verify via the organisation’s official number.

What should I do if I clicked a link?

Disconnect from Wi-Fi/data, don’t enter details, change passwords, and report to report@phishing.gov.uk.

Are SMS links dangerous?

Yes. Type the website manually or call the organisation using a number on their official site.

📘 Get our Free Guide: Spot Scams in 10 Seconds

Your simple checklist to stop scams before they start.
No jargon, no fluff — just 10 proven red flags you can use today.

👉 Download Free Guide

⚠️ It only takes one click to stop a scam.