Lams IT Solutions
Back to blog
Security6 min read

Recognising phishing: how to protect yourself against online scams

Lams IT Solutions

What is phishing?

You can recognise phishing by five red flags: a sender address that doesn't match (check the full address, not just the display name), a sense of urgency ("your account will be blocked"), a generic greeting ("Dear customer"), suspicious links (hover over them without clicking) and unexpected attachments. If you did click a phishing link: immediately change your password, enable two-factor authentication and run a virus scan.

Phishing happens via email, text messages (smishing), phone calls (vishing) and social media.

Common red flags

Sender address doesn't match

The displayed name may look legitimate ("Microsoft Support"), but the actual email address reveals the fraud: for example support@micros0ft-help.net. Always click the sender name to see the full address.

Sense of urgency

Messages like "Your account will be blocked within 24 hours" or "Immediate action required" are designed to make you act without thinking.

Generic greeting

Legitimate organisations know your name. A message that begins with "Dear customer" or "Dear user" is a warning sign.

Suspicious links

Hover your mouse over a link (without clicking) to see the actual web address. A link that visibly points to "your-bank.be" but actually leads to banklogin-secure.xyz is fraudulent.

Unexpected attachments

Never open attachments (.exe, .zip, .docm) from senders you don't know or weren't expecting.

Request for credentials or payment

No legitimate organisation asks for your password by email.

Mass phishing versus spear phishing

Regular phishing is sent broadly and is barely personalised. Spear phishing is more targeted: the criminal has collected information in advance (via LinkedIn, social media or previous data breaches) and crafts a message specifically tailored to you or your company. This makes it much harder to detect.

What to do if you clicked a link

  • Immediately change your password for the affected account and for any other accounts where you use the same password.
  • Enable two-factor authentication if you haven't already.
  • Run a virus scan with an up-to-date antivirus program.
  • Notify your bank if you entered financial details.
  • Report it to your IT department or IT partner so they can check your business network.

    • Practical checklist

  • Always check the full email address of the sender
  • Hover over links before clicking
  • Never use the same password on multiple sites
  • Enable two-factor authentication on all important accounts
  • Be extra vigilant with messages that insist on quick action
  • In doubt? Call the organisation using a number you look up yourself

    • Want to train your employees to recognise phishing? Lams IT Solutions organises practical awareness sessions tailored to your company — explore our AI solutions and training or get in touch.

    Need help?

    Have questions about this article, or want to know how we can help you? Get in touch — no obligations.

    Send a messageCall 0498 52 17 34View our IT support

    More articles

    Security

    Cybersecurity for SMEs: a practical checklist

    5 October 2025

    AI & Automation

    How SMEs can use ChatGPT to boost productivity

    20 February 2026

    IT Support

    5 reasons your computer is slow (and how to fix it)

    15 January 2026

    View all articles