We’re not talking about the dangers of fishing here like falling into the water or getting a hook stuck in your finger... We’re talking about phishing with a ph...

You’ll see it all the time in your email inbox when a scammer sends you emails where they try to look like a “reputable company” to trick you. They might try getting you to reveal personal information like your passwords or credit card details. They also might try getting you to click on malicious links that can extract these credentials from your computer.

Phishing scams aren’t just a problem for emails, they can also be sent through social media, phone calls and text messages.  It’s important that you know what you should look out for! That’s why we’ve written some tips here on what to look for so you can avoid scammers.

If you get a call or text from your bank asking you to confirm your personal details - THINK TWICE. If they are calling you about suspicious activity on your account and ask you to confirm your details so they can investigate - STOP. Maybe they can quote you your card number and need you to confirm your identity by giving them the security code printed on the back - DON’T.

The best practice in these cases is to record their number or ask for their number and say you’ll call them back. Then you can call the hotline for your actual bank and report the scam to them. 

Never update payment details over the phone or from an email. If you fear you’ve been tricked call your bank immediately to change your details. Banks typically leave businesses' old bank details active for months to capture people who have forgotten to update the payment details, so if you pay into the old account, they’re not going to be too worried.

Phishing emails are made to look genuine, copying the format used by real organisations the scammer might be pretending to represent, including their branding and logo. Often these emails will have links in them to a fake website that also looks like the real deal, but has a slightly different website address. Sometimes the malicious emails will have been sent to you from friends who have already had their accounts phished.

So how do you know? Here are some steps you can take to avoid the dangers of email phishing:

• Check the email address the email is from - this can be faked too but it could also give you a hint that it is not legitimate
• If you are unsure you can call the company the email is supposedly from before opening any links or downloads to ensure it is really from them
• If the email contains spelling mistakes and grammatical errors that’s a sign it has not come from the real organisation
• NEVER open or download a file sent to you unless you’re 100% sure it’s safe - especially beware of exe files!
• Check or test any links before clicking on them.
• Most reputable companies have your full name and will use it in the email. The scammers may not have these details so will use terms such as Dear Friend, Dear client or Dear valued customer.
  

Unsure of how to check the links from your email? Here are some ways you can tell:

• Simply hover your cursor over the link and the destination should pop up at the bottom of your browser window. It should match the real URL of the official website EXACTLY (i.e. not have a hyphen in between the words etc.).
• Alternatively, you can right-click on the link and “Copy link address.” Paste this in a text doc and examine it.
• Use a link scanner that will check for suspicious activity and will give you the result of your submitted link. Some antivirus programs come with versions that install in your browser. If you are unsure about checking links yourself you could install one of these to put your mind at ease.
  

If you’re worried about the security measures in place at your business or organisation, you may want to hire a professional. Book a free 45-minute consultation with Identity Computing today!