We had a corker of a scam email land recently, supposedly from DocuSign, but actually coming from something called palmwineboys.com (I kid you not). It even had a lovely big red REVIEW DOCUMENTS button, linking off to a sketchy tracking service.

Now, the knee-jerk reaction when something like this hits your inbox is: “My email’s been hacked!” But hold your horses, just because you’ve received a scam email doesn’t mean someone’s broken into your account. It’s no different to takeaway flyers coming through your letterbox. The bloke with the leaflets hasn’t got a copy of your front-door keys.

Spam is just digital junk mail. And just like real junk mail, you’ll sometimes get:

  • A pizza menu when you’re trying to eat healthy.

  • A conservatory flyer even though you live in a third-floor maisonette.

  • A stair-lift catalogue when you’re still running marathons.

So why does spam still get through?

Because there is no magic pill to stop it. Even with proper business-grade services like Microsoft 365 or Google Workspace — which filter out mountains of rubbish every single day — some emails will still sneak through. Why? Because it’s a computer, not a psychic.

Spammers are constantly evolving. They’ll:

  • Spoof addresses so it looks like it’s from someone you know.

  • Hack into Mailchimp or another marketing platform and use those real servers.

  • Exploit dodgy contact forms on insecure websites.

To a filter, some of these look close enough to legit that they squeeze through. And if the filters were any stricter, you’d start missing genuine emails because, let’s be honest — not everyone sets their email up properly. (Looking at you, bargain-basement GoDaddy and IONOS users).

The important bit:

Receiving a scam email does NOT mean you’ve been compromised. It just means your address is on a spam list. The scammers chuck out millions of these, waiting for a few unlucky souls to click.

But how did they get my email in the first place?

  • From someone you’ve emailed before who got hacked.

  • From a sloppy “CC all” on a group message instead of using BCC.

  • From databases of old logins that get leaked and sold on.

  • Or — brace yourself — because you run a business and your email address is literally meant to be public.

What should you do?

  1. Don’t panic.

  2. Don’t click.

  3. If in doubt, forward it to services@tlmartin.ltd.uk and we’ll take a look.

(Pro tip: don’t forward it to your manager or CEO — they’re just going to forward it to us anyway. Save everyone the time and cut out the middleman).

TL;DR:

  • Spam happens — it’s digital junk mail.

  • Microsoft 365/Google Workspace catch most of it, but not all.

  • Receiving a scam email ≠ being hacked.

  • Your address gets out there via leaks, mailing lists, or just being in business.

  • If you’re not sure, don’t click — forward it to us.

Final Thought

Scammers will always try new tricks, but you don’t have to play their game. Just like you don’t buy a conservatory for your third-floor flat, you don’t click on random DocuSign buttons from palmwineboys.com.

Instead, bin it, laugh at the attempt, and if you’re ever unsure — let us check it for you. That’s literally what we’re here for.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.