Skip to main content

The ‘trusted sender’ email scam

One of the easiest ways to tell if an email you’ve received is genuine is by checking the email address of the sender. But what happens when the sender is someone you trust, and the email still turns out to be a scam? We’ve been looking into the ‘trusted sender’ scam.

How does the ‘trusted sender’ scam work?

A scammer finds the contact details for their victims; whether that’s through a hacking attempt of someone who holds a lot of customer information, buying them through the dark web, or simply accessing email addresses that are available freely online through a company website. 

Using this list of emails, the scammer can then contact their recipients claiming to be a person that the victims will trust, prompting them to click a link or download an attachment. This then allows the phisher to install malware on the victim’s machine, or takes them to a webpage where they will be asked to input their personal information or bank details.

Who is the ‘trusted sender’?

The trusted sender can be any person or company that a recipient feels safe talking to. This might be a business or an organisation that they’ve had email conversations with in the past, or a person who is well known or well liked by the recipient. The ‘trusted sender’ scam is particularly effective when the victim is expecting an email from a person or organisation.

Many of the phishing scams we’ve found out about fall under the umbrella of a ‘trusted sender’ scam; emails pertaining to be from Royal Mail, your boss and even your child.

How to tell if the sender is legitimate

With phishing emails that claim to be from someone you trust, with an email to match, it can be much harder to find out whether you’re looking at an email from your boss or an email from a scammer. However, there are some simple ways that you can check whether you’re being contacted by the real deal, or an imposter.

Firstly, pick up the phone. This is by far the easiest and most effective way of checking the legitimacy of a phishing email, by calling the recipient first. Make sure that you find the recipient’s contact number yourself, rather than using any contact numbers provided to you in the email; remember, that could go straight to the scammer’s mobile.

You can even do this with telephone scammers; ask for a reference number for the call, hang up, and contact them directly yourself. They’ll be able to confirm whether the email that you’re looking at is legitimate, or whether you should send it to Junk.

Don’t click any links. Don’t click a link to a webpage, don’t click a link to the business, don’t click an image in the email, don’t click an attachment. Remember, any and all of these links could be laden with malware ready to worm its way onto your smartphone or your computer. If you want to check whether an organisation or a business really did send you that email, find your way to their website yourself. 

When you’re done, click ‘Report’

Some email clients have a 'Report' buttong for scams; you can click this to report a suspicious email to Microsoft, Google, or whoever manages your email. You can also forward these emails to the National Cyber Security Centre; find out how here. Otherwise, make sure you send it to Junk.


The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
Excellent - problem resolved quickly and efficiently. Barbara Sadler, Samuel Phillips

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Living Wage employer
Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner