Skip to main content
MalwareHigh priority

Never open unexpected email attachments or links

Treat any unexpected file attachment or link — even from someone you know — with suspicion before you click.

Why this matters

The majority of ransomware and malware infections begin with a phishing email. Pausing before clicking is free and highly effective.

How to do it

  1. Before opening an attachment or clicking a link:
  2. Were you expecting this email?
  3. Does the sender's address look genuine (not spoofed)?
  4. Hover over the link — does the URL match what is displayed?
  5. If in doubt, contact the sender by phone to verify
  6. Report suspicious emails to your email provider or IT team

Cyber Essentials framework

This task falls under the Malwarecontrol — one of five areas assessed in the UK's Cyber Essentials scheme. Completing it counts toward your Cyber Essentials alignment.

Track your full security score — free

Create a free account to check off tasks, see your Security Score, and build toward Cyber Essentials alignment.

Start your free security check