How to recognise phishing scams online 

June 13, 2018

phishing scams

The age of the internet has us super-connected and it’s completely changed the way we do things. We’re expected to answer messages instantly and to keep social media feeds up to date.  Even the way we shop and handle money has changed – everything’s gone online.

Paperless is the new norm too.  And with more companies choosing email over letters, our email inboxes are fuller than ever.

But can all the emails we get, be trusted?

We’d love to say yes, but there are loads of untrustworthy and unsecured sites out there. We all need to be careful and watch out for any potential scams, like phishing or smishing.

What is phishing?

Chances are if you’ve spent any time online, you’ve heard of phishing, but what is it? Phishing is a term used to describe attempts to get your personal information through fake emails. You might recognise some of these examples:

‘Your account is blocked.’

Ever had an email from a company like ‘PayPal’ telling you that your account’s been restricted because of unrecognised activity?  It looks legit – the logo’s there and the contact details seem correct too.

And to reactivate your account, all you need to do is follow the link they’ve sent and sign in.  Easy, right?

But all is not as it seems. Chances are, as soon as you tap that link, you’ll be sent to a scam site. All scammers are interested in is collecting your username and password so that they can access your account.

Never click on email links that ask you to enter your details. If you’re not sure, go to the company’s website directly, and look up their contact details there.

‘Dear Sir/Madam, we need to verify your details.’

Emails that start with ‘Dear Sir/Madam’ might seem professional – but be careful. They may only be addressed to you this way because they don’t know who you are.

And they’ll ask you to click on a link or to reply with personal details – like passwords or PIN numbers. They’ll then use this information to access your account, and you might find yourself blocked.

Most legitimate companies will address you by name. They know who you are, because they already have your details, securely stored. And so are unlikely to ask you for these details over email.

Poor grammar or spelling.

Some phishing emails are really easy to spot, with poor spelling and grammar.  Trusted companies have professional people to check communications – like emails – before they’re sent out, to avoid silly mistakes. So, if the email you’ve received seems legit, be wary of spelling mistakes and bad grammar.

What should you do? Contact the company directly to let them know. And don’t click on any links in the email.

Top tips to avoid getting scammed.

1. Never give out any passwords to anyone, over the phone, in person, online or via email.

2. Companies like your bank or network provider may ask you to enter characters from a password or login number. If you’re asked for your full password or login information in an email, it’s almost certainly a phishing scam. If you get an email like this, you should contact your bank or network provider immediately.

3. Never click on links in emails or texts that ask you to sign in to your account. Close the email and go directly to the company’s website instead.

4. Install good virus protection on your personal computer. You can buy trusted anti-virus software from companies like McAfee and Norton. And you can download free software from well-respected places, such as Avast and Kaspersky. Make sure you research the software you choose.

5. Make sure you’re visiting secure websites. Look for the padlock icon in the address bar to check if a website is secure.

6. Remember, grammar, and spelling are important to respectable companies like your internet or network provider and your bank. So, if something reads really badly, it’s probably a scam.

7. Your bank, phone provider and money management companies know you. They’ll address you by name.

8. If you’re worried about the security of your personal details, you can find out more on our Fraud and Security page. Keep your details protected, stay safe online, and stay connected.