Phishing - What you need to know
Do you believe that you may be at risk from fraudsters trying to dupe you into sharing their personal information? These types of scams are known as phishing – a form of fraud which impersonates a company in order to steal sensitive information such as login details. Unfortunately, in today’s world, these scams are all too common, generally targeting individuals and large organisations across different sectors by imitating all kinds of company communications. Here is some information to help you identify these scams and keep your information safe.
What is it?
Phishing is when fraudsters attempt to get hold of sensitive information such as usernames, passwords and credit card details by pretending to be a trustworthy source in emails or texts. These scams work by sending you an email or text that looks like it’s from your bank, service provider or other company. The email/text will ask you to visit a fake website that looks real. The site will have a form asking for personal information like usernames, passwords and bank account or pin numbers.
What am I looking for?
As with many scams, it begins with an email or text. The notification can, in some instances, purport to be a bill notification from us and can look very credible. It may detail an unusually high balance and include a link to ‘view your bill’. This messaging is designed to panic recipients into clicking the link to see how they’ve run up such a large bill. Instead, clicking the link will either direct you to a fake website or in some cases, download Malware to your computer. The most common type of phishing email will direct you to a fake website and ask you to enter your login details. Malware can be used for a number of things – for example, it could record your keystrokes, enabling fraudsters to piece together personal information and login details for other sites.
Signs of a Phishing Scam
It’s often easy to spot a scam. Be on the lookout for:
A ‘from’ email address that doesn’t match the company or organisation, or a text sent from an unfamiliar sender, such as a mobile number
Demands that you take action straight away or risk having your account suspended
A generic ‘dear customer’ header
Suspect links with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter ‘O’ with the number zero
Requests for sensitive data like usernames, passwords, D.O.B etc.
What to do
If you’re suspicious about an email you’ve received DO NOT click on any links. It’s important that we see examples of phishing emails and websites so we can investigate and shut down scammers. To report a suspicious email or website:
If you got a phishing email, forward it to the FTC at email@example.com and to the Anti-PhishingWorking Group at firstname.lastname@example.org. If you got a phishing text message, forward it to SPAM (7726).
Report the phishing attack to the FTC at ftc.gov/complaint.
You can report spam texts directly to your mobile phone provider free of charge by forwarding the text message to 7726.