Phishing scams are attempts by scammers to trick you into giving out personal information such as your bank account numbers, passwords and credit card numbers.
A scammer contacts you pretending to be from a legitimate business such a bank or an internet service provider. You may be contacted by email, social media, phone call, or sms.
The scammer asks you to provide or confirm your personal details. For example, they may say that the bank or organisation is verifying customer records due to a technical error that wiped out customer data.
Alternatively, they may alert you to ‘unauthorised or suspicious activity on your account’. Here is a recent email example that one of our clients received.
Phishing messages are designed to look genuine, and often copy the format used by the organisation the scammer is pretending to represent, including their branding and logo. They will take you to a fake website that looks like the real deal, but has a slightly different address. In the example above it is saying it is from Micosoft, and looks like a Microsoft email. When you hover over the button link it also have Microsoft in the link.
Warning signs to look for…
- The email or text message does not address you by your proper name, and may contain typing errors and grammatical mistakes.
- The website address does not look like the address you usually use and is requesting details the legitimate site does not normally ask for.
- The email address that you see has letter replaced by numbers or other letters, for example instead of firstname.lastname@example.org – it may be sent by email@example.com… they replaced the “L” with and “1”
- Look for the secure symbol. Secure websites can be identified by the use of ‘https:’ rather than ‘http:’ at the start of the internet address, or a closed padlock or unbroken key icon at the bottom right corner of your browser window. Legitimate websites that ask you to enter confidential information are generally encrypted to protect your details.
- Another obvious way to tell is to hover over the “click button”. When you hover over the Recent activity button below the URL link is very long and lengthy and has lots of numbers and letters that are not normal for a legit URL. I have provided an example below of the lengthy URL link that was embedded in the scam email above
If you are ever in doubt you should always send the email through to our support team or call our help line for us to confirm whether it is genuine or not. Do not open the email unless you are 100% sure. Often when you open these emails it gives a hacker access to your machine.
If you think you have provided your account details to a scammer, contact us immediately.