The Safeguarding Team are often contacted regarding scam emails that have been received to parish email addresses. The emails usually request money/donations or help to purchase ‘gift cards’ and often contain generic greetings, spelling errors and suspicious links.
As email addresses are displayed on parish websites that are publicly available to access via the internet or social media platforms, scammers can easily identify ways to target an individual or organisation. However, the following points will help to minimise potential risk:
- Never click on links or download attachments from unknown senders or untrusted sites
- Verify the sender’s details which are often different to the name displayed, for e.g. the email sender may indicate a person has sent it but if you hover over the sender’s email this is often a company.
- Urgent Tone – Scammers create a false sense of urgency (e.g., “account suspended,” “invoice overdue”) to force quick, irrational action.
- Unusual Requests – Legitimate companies will not ask for sensitive information like passwords, bank/credit card numbers, or PINs via email.
Actions to take:
- Forward suspicious emails to [email protected]
- Block the email (rather than delete it). While deleting only removes the current email, marking it as spam helps block future phishing attempts and cleans your inbox.
If you become a victim of financial or online fraud – please report it to the Action Fraud team on
0300 123 2040
If you believe your email account has been hacked or compromised –
- Change your Password – Change your email password immediately to a strong, unique password. If you cannot log in, use the ‘Forgot Password’ feature to initiate recovery.
- Sign out of all sessions and on all devices – Use the account security settings to sign out of all devices and active sessions to kick the hacker out.
- Enable 2-Step Verification (2FA/MFA) – Set up 2FA to require a code from your phone to sign in, which prevents future unauthorized access.
- Run Virus Scan – Use reliable antivirus software to scan your computer/phone for malware, as hackers may have installed tools to steal your new password.
- Notify Contacts – Let friends, family, and colleagues know your account was compromised so they don’t click on malicious links or send money.
- Change Linked Accounts – If you used the same password elsewhere (like banking or social media), change those immediately. Jo Pearson
