The copper switch-off explained for London businesses and building operators | Book your free copper audit

You trust your team, right?

They’re smart, capable, and they know better than to click on suspicious links or open unexpected attachments.

They already know that phishing emails look trustworthy on purpose. To trick them into giving away sensitive data or downloading malicious software.

So, they’re not the type to fall for it.

At least, that’s what they think…

Here’s the problem: Just because someone’s confident they could spot a phishing attack, it doesn’t mean they can. It’s a false sense of security – and it’s exactly what cyber criminals count on.

New research has found that a huge 86% of employees believe they can confidently identify phishing emails… yet over half of them have fallen for some form of scam in the past.

Think about that for a second.

These are people who knew about phishing, felt sure they wouldn’t be tricked, and yet still got caught out. That’s because cyber criminals aren’t just sending out the obvious “foreign prince” emails anymore. They’re using sophisticated tactics like:

• Emails that look like they’re from your bank or suppliers.
• Fake invoices that appear totally legitimate.
• Messages that seem to come from your own colleagues.

Because phishing scams have evolved, they’re much harder to spot. And when someone thinks they’re too smart to fall for one, that’s when they’re most at risk.

Overconfidence in cyber security is a classic case of the Dunning-Kruger effect – a psychological phenomenon where people tend to think they know more than they do.

What’s the problem with being too confident?

Well, when people believe they’re invincible to scams, they don’t take the necessary precautions. Instead of double-checking links or questioning unexpected emails, they just assume “I’d never fall for a scam” and carry on clicking. This is how cyber criminals end up accessing business systems and data.

So, what’s the good news?

You can lower the risk of getting hit by a phishing attack. But it starts with a shift in mindset. Instead of assuming your people know what they’re doing, make sure they’re properly informed. Regular phishing awareness training can make a massive difference, helping your staff to recognise newer and more subtle scams before it’s too late.

Training alone isn’t enough, though. Your employees also need to feel comfortable reporting anything suspicious, or they might stay quiet about a potential scam. And that gives cyber criminals the upper hand. Creating a workplace culture where security concerns are welcomed (not criticised) is just as important as education.

Cyber security isn’t about intelligence; it’s about vigilance. Even the most tech-savvy employee can be caught off guard by a well-crafted scam. The key is to assume a threat is real, remain cautious, and never rely on confidence alone.

The moment someone thinks “I’d never fall for that” is often the moment they do.

Think Your Cyber Security Is Locked Down? Think Again.

Just when you feel confident about your cyber security setup, a new threat emerges to shake things up.

Right now, a fresh scam is making the rounds—and it’s catching out businesses like yours. The most alarming part? Cyber criminals don’t even need your password to break in.

It’s called device code phishing, and it’s gaining traction fast. Microsoft has already flagged a surge in these attacks, and more are expected.

Unlike traditional phishing—where attackers trick you into entering your credentials on fake websites—this method is far more cunning.

How It Works

Attackers send a convincing email, often posing as someone from HR or a colleague, inviting you to a Microsoft Teams meeting. You click the link and land on a genuine Microsoft login page. Everything looks normal.

Then you’re asked to enter a short “device code” provided in the email. It seems routine.

But here’s the twist: by entering that code, you’re not logging yourself in—you’re logging the attacker into your account. And because the login uses legitimate Microsoft infrastructure, it can even bypass multi-factor authentication.

Once inside, attackers can:

• Read your emails
• Access sensitive files
• Impersonate you to deceive others

It’s like handing over your office keys without realising it.

Why It’s So Dangerous

• You’re on a real Microsoft site—not a dodgy clone.
• You didn’t enter your password into a suspicious form.
• Everything looks above board… but it’s not.

Even worse, traditional security tools may not detect this. And if the attacker captures your session token, changing your password won’t necessarily kick them out.


How to Stay Safe

• Pause before entering any code: Ask yourself—did I request this? Is it from a trusted source?
• Verify requests: Use a separate channel (like a phone call or internal messaging) to confirm legitimacy.
• Know the signs: Real Microsoft logins don’t involve someone else giving you a code to enter.
• Disable device code login: If your business doesn’t use it, your IT team should consider turning it off.
• Train your team: Awareness is your best defence. The more your people know, the safer your business will be.
  
  

Need help reviewing your security setup or training your team? Let’s talk

Have you ever sat in a Teams meeting and found yourself gritting your teeth every time someone said, “next slide, please”?

Me too.

And if your business runs a lot of online meetings or webinars, you’ll know the frustration of clunky handovers and awkward pauses when switching between presenters.

Well, there’s good news. And it’s about time.

Microsoft is rolling out a small but mighty update to Teams that’s going to make a surprisingly big difference to how your meetings run.

First, if you’re not too familiar with Teams, let’s quickly cover the basics. It’s Microsoft’s all-in-one communication platform. Video calls, chat, file sharing, and collaboration tools are all combined in one place.

Whether your team is remote, hybrid, or all under one roof, it helps everyone stay connected and productive without needing to jump between lots of different apps.

Back to the update. Microsoft’s introducing a feature that will let multiple people control the presentation slides during a Teams meeting or webinar.

Right now, if you’ve ever tried to co-present in Teams, you’ll know that only one person has control of the slides. Everyone else is stuck asking the presenter to move things along. That’s not only frustrating, but it also breaks the flow of the meeting.

This new feature will let the meeting host hand over slide control to more than one person.

That means if you’ve got a few people presenting different parts of a deck, each of them can take control of the slides when it’s their turn, without stopping the meeting or awkwardly calling out instructions. It sounds like a small thing, but in practice, it’ll make meetings feel much more natural and professional.

This feature has started to roll out already, beginning with the Windows desktop version of Teams. It’ll likely involve the host selecting co-presenters when setting up the meeting. Hopefully, the setup will be as smooth as the presentations will be.

To me, this is one of those updates that should have been added years ago. But hey, better late than never, right?

Alongside other recent improvements like real-time text messaging during calls (great for those who prefer typing over talking), it’s clear Microsoft’s working hard to make Teams more flexible and intuitive.

Need help getting the most out of Microsoft Teams or other tools in Microsoft 365? That’s what my team and I are here for. Get in touch.

Ever opened Notepad and thought, “I wish I could make this text bold or add a heading”?

Probably not.

But Microsoft is quietly giving Notepad a subtle upgrade—and it might just make a difference. Especially if you use it for jotting down quick notes, meeting minutes, or team checklists.

Notepad has always been the simplest of tools. It opens instantly, saves fast, and stays out of your way. That’s exactly why so many people love it.

Now, Microsoft is testing a light touch of formatting features—things like bold and italic text, headings, hyperlinks, and even basic bullet points.

The idea isn’t to turn Notepad into Word. It’s about giving you just enough control to make your notes clearer and easier to scan.


How it works

The formatting is based on Markdown—a simple, widely used way to structure plain text using symbols. For example, wrapping a word in asterisks makes it bold.

It’s clean, lightweight, and doesn’t add any of the bulk you’d expect from a full word processor. And if you prefer the classic Notepad experience? You can turn formatting off completely.

Some worry that adding features like this could slow things down. But in this case, the changes are minimal and optional. It’s like swapping your biro for a fine-tip pen—not turning your notebook into a printing press.


Why it matters

With WordPad now officially retired, there’s a gap for something that sits between “plain text” and “full document.” For smaller businesses or teams without complex documentation systems, this could be a handy middle ground.

Better structure means clearer notes, faster communication, and fewer misunderstandings.

It’s not flashy—but it’s thoughtful. And it’s another sign that Microsoft is modernising even the most basic tools in Windows 11, without losing what made them useful in the first place.

Keep an eye out for the update. And next time you’re scribbling a to-do list, maybe give those bold headings a go.

Would you like help enabling Markdown or exploring other lightweight productivity tools?

Ever felt someone’s eyes on your screen while working in a café or on the train?

That uneasy feeling—like someone’s peeking at your emails or documents—isn’t just paranoia. It’s a genuine privacy concern. Whether you're handling sensitive information or simply prefer to keep your screen to yourself, it matters.

Now, Microsoft might have a clever solution on the way.

A new feature called Onlooker Detection is reportedly in development for Windows 11. As the name suggests, it’s designed to spot when someone’s trying to sneak a glance at your screen—and alert you.

This builds on an existing Windows feature called Presence Sensing, which dims or locks your screen when you step away and wakes it up when you return (it works with Windows Hello for seamless sign-ins).

But Onlooker Detection takes things further. If someone is detected nearby, your laptop could automatically dim the screen to make it harder to read—or send you a warning. Or both.

The aim? Smarter privacy, without any effort on your part.

Of course, this feature relies on specific hardware—namely a Human Presence Detection (HPD) sensor. These are typically found in newer laptops powered by Qualcomm, AMD, or Intel chips. Not sure if your device has one? You can check under Settings > System > Power & battery.

While Microsoft hasn’t officially confirmed the rollout just yet, Onlooker Detection has appeared in recent Windows 11 preview builds. So, while we don’t have a release date, the signs are promising.

Frankly, it’s overdue. With data privacy more important than ever, subtle protections like this could make a real difference—especially for those of us who work on the move.

Would a feature like this give you more peace of mind when working in public spaces? Let us know if you’d like help checking your device compatibility or exploring other privacy tools.

Think twice before opening that email from “Microsoft”.

It’s easy to trust a message that looks like it’s from Microsoft. After all, it’s one of the world’s most recognised and respected tech brands.

But what if it’s not really from Microsoft at all?

Cyber criminals are increasingly impersonating trusted companies to trick people—and Microsoft is currently the most impersonated brand in phishing scams.

Recent research reveals that 36% of brand-related phishing attacks in early 2025 were disguised as Microsoft communications. That’s a staggering figure.

Google and Apple follow closely behind. Together, these three tech giants account for over half of all phishing attempts.

So, what’s going on—and more importantly, how can you protect your business?

What is phishing?


Phishing is when a scammer sends a fake email, text, or message that looks like it’s from a legitimate company you know and trust.

Their aim? To get you to click a link, download a malicious file, or hand over sensitive information—like passwords, card details, or even your full identity.

The consequences can be severe: stolen funds, compromised systems, leaked data—and a major headache for your business.



Phishing is getting smarter


Gone are the days of obvious spelling mistakes and dodgy-looking links. Today’s phishing emails are slick.

Scammers replicate logos, build convincing fake websites, and even spoof email addresses to make it look like the message is genuinely from Microsoft, Google, or Apple.

There’s also been a recent surge in attacks impersonating Mastercard—complete with fake websites designed to steal card details.

It’s a worrying trend, and it shows just how inventive cyber criminals are becoming.



How to spot a fake


The key is to slow down and stay alert.

Legitimate companies like Microsoft won’t pressure you with urgent messages like “Click now or lose access”. That kind of language is a major red flag.

Always inspect the sender’s email address carefully. It might look right at first glance, but a closer look could reveal subtle changes—like “micros0ft.com” instead of “microsoft.com”.

And never click on links in emails you’re unsure about. If in doubt, open your browser and type the official website address manually. It’s a safer route.



Stay protected


Being cautious might feel inconvenient—but it’s nothing compared to the fallout from a cyber attack.

Phishing scams are only going to get more convincing. That’s why it’s essential to:

• Stay vigilant
• Invest in robust cyber security tools
• Use smart protections like multi-factor authentication (requiring two forms of ID to log in)

Remember: the more trusted the brand, the bigger the target!

That email that looks like it’s from Microsoft? It could be a wolf in sheep’s clothing.

We’re here to help you and your team stay protected—and alert—to phishing threats. Let’s talk.