There seems to be a spate of new phishing emails at the moment, and they are getting sneakier.
Which? reports one that pretends it comes from Santander and their analysis is worth a read at https://www.which.co.uk/news/article/scammers-are-impersonating-santander-with-this-sneaky-new-phishing-email-aHuKO3K0phc7
Many banks try hard to make it clear which communications are from them (for example by including a part of your name, postcode or account number) but in the heat of the moment, when mixed with all the other emails we receive, it can be hard to be diligent all the time.
The National Cyber Security Centre (“NCSC”) has some great free resources, including a guide to defending your organisation against phishing attacks. How can you use at https://www.ncsc.gov.uk/guidance/phishing this, and include it in your staff training?