Phishing Emails

What are Phishing Emails?

Phishing emails are sometimes suspicious-looking emails sent by fraudsters, often recently by organised crime gangs who masquerade as someone you trust, such as your bank, a legitimate supplier, the NHSmail team, Cornwall IT Services or even a scanner or fax machine on the NHS network in Cornwall!

Click on the headings below to find out more:

Their aim is to obtain information from you, e.g. your NHSmail username and password, your online banking details or the username and password you use to access a secure website. Sometimes their aim is to install a virus that will enable them to gain access to your information or to encrypt your files and hold them to ransom.

Some look like genuine emails that you would typically expect to receive. Very often the fraudsters will go to great lengths to make their email look like it is genuine, including pictures from genuine websites and other links to click on that take you to the real site to lead you into a false sense of security. Most of them are unsolicited but given the fact that legitimate senders often use emails as a quick and easy means of communication the fraudsters email may arrive perhaps when you are expecting a parcel to be delivered or when an invoice is due from a supplier.

Phishing Emails

The NHSmail service blocks millions of suspect emails every day but occasionally some do get through the filters as the people that send them continually attempt to evade the filtering system.

If you respond to a suspect email or click on a link the email contains, your details could be compromised and the fraudster could use your NHSmail account to send thousands more suspect emails to other NHSmail users.

  • Don’t reveal your password to anyone verbally, via email or by entering it onto any website other than the NHSmail portal at The NHSmail team or Cornwall IT Services will never ask you for your password although in order to reset your password if you have forgotten it they might ask you for specific characters from the answers to your NHSmail security questions that you should have set.
  • To help you identify untrustworthy emails, a warning message may appear at the top of any email you receive which contains a link that is confirmed as malicious, has not been verified by the NHSmail anti-virus service or appears to come from an NHSmail account when it does not.        
  • Treat any unsolicited email with caution, even those sent from somebody you think you know and especially any that contain an attachment or link.
  • If you receive an email saying that your account needs to be ‘verified’ (or similar) which apparently comes from Cornwall IT Services, the NHSmail team, your bank, PayPal, an online auction site (e.g. eBay) or an online shopping site (e.g. Amazon) it will not be legitimate.
  • Avoid clicking on links or opening attachments in emails from an unexpected or unusual source.  Microsoft Word, Microsoft Excel, Adobe Portable Document Files (PDFs) and attachments ending in .XML, .JS, .EXE, .BAT or .ZIP can all be used to install malicious software. These type of malicious attachments are known as Trojans.
  • If you click on an email attachment and receive a warning that a program will run, or that macros need to be enabled DO NOT allow the program to run and DO NOT enable macros.
  • Be wary of links you don't know. These may appear to look like websites you are familiar with, but the address can be (subtly) different.  You may also see links that mask the actual address that say, for example, click here or have a shortened link such as
  • Avoid downloading or installing additional software or web browser plug-ins such as Adobe Flash Player from untrusted web sites.
  • Please forward as an attachment any phishing emails that you receive to the (if you are unsure how to do this please contact the CITS Service Desk for advice)
  • If you have clicked on a link contained in a phishing email, opened an attachment from a phishing email, enabled macros, allowed a program to run or entered your NHSmail password onto a suspicious website please contact the CITS Service Desk immediately on 01209 881717. It is strongly recommended that in any of these circumstances that you disconnect your PC from the network and/or remove the power cable without shutting down the computer first. If you need assistance with this please telephone the CITS Service Desk.

If you are at all in doubt about the origin or validity of an email you receive DO NOT open it.

The CITS Service Desk can provide advice if you receive a suspicious email that you think might be a phishing email. They can also ensure that, if it is found that you have become the victim of a phishing attack and potentially revealed your NHSmail password to a fraudster, your password is reset as well as your security questions to ensure that there is no further risk of compromise. The Service Desk provides the first point of contact if your NHSmail account has been compromised as the result of a phishing attack and can help to establish a dialogue with the relevant teams in Cornwall IT Services who can help recover your NHSmail account and record the incident and alert the relevant staff members within your organisation and help to put in place measures to prevent similar incidents occurring.
Cornwall IT Services provide local protection by ensuring that the CITS PC that you use to access your NHSmail account is:

  • Running a supported and fully up to date operating system, applications and web browser plug-ins
  • Running up to date anti-virus products
  • Enabled to access the Internet through a dedicated web gateway to help prevent you accessing malicious sites that attempt to install software onto your PC.
Back to Top