Phishing scams are one of the most common — and most costly — threats facing computer users in Edinburgh today. Whether you're in Portobello, Leith, or anywhere else across the city, attackers send fake emails, texts, and calls designed to trick you into handing over passwords, banking details, or personal information. And they're getting harder to spot every year.
This guide explains how phishing works, what the warning signs look like, and what to do if you think you've been targeted.
What Is Phishing?
Phishing is a type of social engineering attack where a criminal impersonates a trusted organisation — your bank, HMRC, Royal Mail, or even a friend — to deceive you into taking an action. That might be clicking a malicious link, downloading an infected attachment, or entering your login credentials on a fake website.
The term "phishing" covers several variations:
- Email phishing — the most common form; a fraudulent email posing as a legitimate company.
- Smishing — phishing carried out via SMS text message (e.g. fake Royal Mail delivery notifications).
- Vishing — voice phishing; scam phone calls claiming to be from your bank or HMRC.
- Spear phishing — a targeted attack personalised with your name, employer, or other details to appear more credible.
7 Warning Signs of a Phishing Email
1. A Sender Address That Doesn't Quite Match
Phishing emails often use addresses that look legitimate at first glance — like support@royal-mail-delivery.com rather than royalmail.com. Always check the full sending address, not just the display name shown in your inbox.
2. Urgent or Threatening Language
Scammers create a sense of panic to make you act before you think. Phrases like "Your account has been suspended", "Immediate action required", or "Your parcel will be returned in 24 hours" are classic pressure tactics. Legitimate companies rarely communicate with that tone.
3. Suspicious Links
Hover over any link in an email before clicking it — the actual URL will appear in your browser's status bar or as a tooltip. If the destination address looks unusual, contains misspellings, or doesn't match the supposed sender's domain, don't click it.
4. Requests for Personal or Financial Information
Your bank, HMRC, and genuine retailers will never ask you to confirm your full password, PIN, or account number via email. If a message asks for this information, treat it as fraudulent.
5. Unexpected Attachments
If you weren't expecting a file, don't open it. Phishing attachments are frequently disguised as invoices, delivery receipts, or documents needing a signature. Opening them can install malware or ransomware on your device — something our virus removal service deals with regularly.
6. Poor Spelling and Generic Greetings
Many phishing emails still contain grammatical errors or use vague greetings like "Dear Customer" rather than your name. While spear phishing attacks are increasingly personalised, sloppy writing remains a common tell.
7. Mismatched Branding or Unusual Formatting
Compare the suspicious email to genuine ones you've received from the same organisation. Slightly off colours, outdated logos, or inconsistent fonts can indicate a fake. Fraudsters copy the look of real emails, but rarely perfectly.
What to Do If You Think You've Been Phished
If you've clicked a link or entered information on what you suspect was a phishing site, act quickly:
- Change your passwords immediately — starting with email, banking, and any account where you use the same password.
- Contact your bank — if you entered any financial details, call your bank's fraud team right away. Time is critical.
- Run a full malware scan — clicking a phishing link can trigger a silent download. Run a scan or bring your device to us for a professional check.
- Report it — forward phishing emails to report@phishing.gov.uk (the National Cyber Security Centre's service). You can also report scam texts by forwarding them to 7726 (free on most networks).
- Enable two-factor authentication (2FA) — even if your password is compromised, 2FA stops attackers from accessing your accounts without a second verification step.
How to Protect Yourself Going Forward
Prevention is far easier than recovering from a successful phishing attack. Here are the most effective habits to build:
- Use a password manager — tools like Bitwarden or 1Password generate unique, strong passwords for every account, so a single breach doesn't cascade across your logins.
- Enable 2FA on all important accounts — especially email, banking, and social media.
- Keep your software up to date — phishing attacks often exploit unpatched browser or OS vulnerabilities. Our guide on keeping Windows optimised covers this too.
- Use a reputable antivirus — modern security suites include anti-phishing filters for your browser and email client.
- Think before you click — take a moment to question any unexpected message before acting on it, no matter how urgent it appears.
When Your Device Has Already Been Compromised
Sometimes people only realise they've been phished after the fact — when strange charges appear on a bank statement, or their accounts start behaving oddly. If your device may have been infected as a result of a phishing attack, professional help is the safest route.
At PC Repair Services Edinburgh, we provide a thorough virus and malware removal service that goes beyond a basic antivirus scan. We check for keyloggers, remote access tools, and other threats that standard scanners can miss. We also offer a remote support service if you'd rather not leave home — ideal for residents across Edinburgh, including areas like Portobello, Leith, and Morningside.
If you're concerned about your device's security or think you may have been targeted by a phishing scam, book a repair online or get in touch — we're happy to advise.