Email security

‘Phishing’ or bogus emails are used by fraudsters to trick you into divulging information about your account or even paying them money. In the UK, an average of 8,000 phishing scams are reported a month. It may be hard to tell the difference between a phishing email and an email from us, but remember:

  • We will never send you an email requesting any personal or security details, including your username, password or security details, or asking you to send money to a third party
  • We also use standard email addresses to send information to you. These will end in, or

If an email to you fails to deliver, we will try again once and then stop sending emails to you. We will contact you to ask you to confirm your email address so that we can contact you in future.

  • They might appear to come from a bank or financial institution, a company you regularly do business with or even from your social networking site
  • They may request personal financial information, and use sensational language asking for immediate action. Banks and financial institutions will never ask their customers for account details or passwords by email
  • They might appear to be from a contact in your email address book or even someone from within AJ Bell. Check the email address matches the domain of the company i.e. it comes from an address ending, or
  • They might ask you to make a phone call. Phone phishing scams direct you to call a phone number where a person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data
  • They might include official-looking logos and other identifying information taken directly from legitimate websites, and they might include convincing details about your personal history that scammers found on your social networking pages
  • They might contain a file attachment you are not expecting. Attachments such as a Word document can be used to deliver malware onto your system. Unusual file extensions such as .exe should raise your suspicions, but even attachments such as Word documents can be used to deliver malware onto your system
  • They might include links to specially created websites where you are asked to enter personal information, called spoofed websites. These may look very professional and even exactly the same as a legitimate company
  • They may use generic greetings and may contain misspellings or grammatical errors, although not always. It is highly unlikely that an email from a well-known company will contain spelling mistakes or grammatical errors