A new form of Ransomware has recently spread to 74 countries, most notably affecting the NHS. This ransomware arrives via phishing emails, and gets onto systems by the user clicking on a link or attachment in a phishing email.

The ransomware works by exploiting a vulnerability in the Windows operating system. Microsoft have released a security patch for this flaw – and Netstar clients have already had this patch proactively installed. However, we still recommend you are vigilant and suspicious of all emails from unknown senders!

Use the guide below to identify suspicious emails.

Ransomware and viruses are not the only threat from phishing emails. Email is one way that social engineering can be carried out, which can result in theft of data and loss of significant funds. This has been seen with emails sent to employees in accounts, posing as the CEO of the business, requesting them to pay a fake invoice or transfer money.

Keep your Business Safe with this Infographic on Email Security Red Flags

Email security red flags

Transcription of Content


Do you recognise the sender’s email address as someone you usually communicate with?

Is the email from someone outside your organisation and not related to your job responsibilities?

Is the email sent from someone inside your organisation or from a customer, supplier or partner you usually deal with, but is very unusual or out of character?

Is the sender’s email address from a suspicious domain? (like natwest-support.com)

Is this an unexpected or unusual email with a hyperlink or attachment from someone you haven’t communicated with recently?


Is the email subject line irrelevant or out of context with the content?

Is the message a reply to something you did not send or request? (Does it have RE: at the start?)


Were you cc’d on an email to someone you don’t personally know?

Is the email sent to an unusual mix of people? I.e. A random group of people at your organisation?


Was the email sent at a strange time, outside business hours, like 2am?


Are there any potentially unsafe files attached to the email? I.e. PDF, XLS, DOC, EXE (only .txt can be safely opened)

Is there an attachment on the email which was not expected or is not relevant to the email message (i.e. the type of attachment is not usually sent by this sender)


When you hover your mouse over a hyperlink in the message, is the preview link that appears different to the link in the email? Look very closely – there might only be 1 or 2 characters difference! I.e. bankofamerica.com vs. bankofarnerica.com

Is there no content in the email other than a hyperlink?

Is the hyperlink a misspelling of a known website? Check the mouse hover preview closely too!


Is the sender asking you to click a link or open an attachment to avoid a negative consequence or gain something of value?

Is the email unusual or has bad grammar or spelling?

Is the email asking me to look at something compromising about myself or someone I know, such as a an embarrassing picture?

Does the email look like a Facebook notification email telling you that one of your friends commented about you, or on a picture of you, possibly with something like “can’t believe you did this”?