Topics / Security / Phishing

Phishing

Phishing is the attempt to gain personal and sensitive information (usernames, passwords, financial details) for a malicious purpose.

Phishing scams usually involve the receipt of a spoof email where the criminal impersonates a trustworthy and reputable business or organisation such as a bank, online store or social media website.  In the fake email, the criminal will try to trick the victim into clicking on a link that will take them to a website that is either infected with malware or to a convincing clone of a real website where they freely give their private details away without realising.

How to spot a phishing scam

  • Hover over ALL the links on the email and look at the URL.  Are any misleading? (e.g. apple.strangedomain.com)
  • Poor spelling and grammar
  • The message asks for personal information
  • Generic greeting – the message doesn’t contain your name (e.g. dear valued customer)
  • You didn’t initiate any action to cause the email
  • You are asked for money
  • The message makes threats (e.g. account closure if you don’t act now)
  • The message says urgent action is required
  • Unofficial ‘from’ address
  • Attachments by email

Finally

Don’t be fooled just because a website looks realistic and contains official company logos.  If something doesn’t feel right, it probably isn’t.

Topics / Security / Phishing