Chances are, if you've spent any time online, you'll know that there are lot's of scams about, but what is Phishing and how can you avoid it?

We’re super-connected in the age of the internet; there’s an expectation to answer messages instantly and keep your social media accounts up to date. But what about the way we use the internet to shop and handle money? Can the emails we get be trusted? The online network is rife with untrustworthy and unsecured sites, so it’s important to stay savvy with your personal details, to avoid the potential for phishing.


What is phishing?

Chances are, if you’ve spent any time online, you’ve heard of Phishing, but what does it mean? Phishing is a term that’s used to describe attempts via fake emails to gain access to your personal information. You might recognise some of our examples.


‘Your account has been blocked.’

Ever had that email from ‘PayPal’, telling you that your account has been limited because of unrecognised activity? It looks legit – the logo’s there and the contact details at the bottom seem correct. All you have to do is follow the provided link to sign in, and you’ll get your account reactivated. Easy.

Yet, as soon as you click that link, you’ll be diverted to a scam site, unaffiliated with PayPal, and only interested in collecting your username and password so they have access to your account.

Never click on email links that ask you to enter your details. If you’re concerned, go to the company’s website directly, and find contact details.


‘Dear Sir/Madam, we need to verify your details.’

The emails you might get that start with ‘Dear Sir/Madam’ may seem professional, but be careful. These types of correspondence are only addressed to you this way because they don’t know who you are. They’ll ask you to click on a link or reply with some or all of your details – email addresses, passwords, PIN numbers – so that they can gain access to your account, and you might find yourself blocked.

Most legitimate companies will address you by name. They know who you are, because they already have your details, securely stored.


Poor grammar or spelling.

Perhaps the most prevalent phishing emails you’ll see are easily identified by their poor use of grammar and terrible spelling. Trusted companies have professional people to check their comms before they’re sent out, so even if the email you’re reading seems otherwise legitimate, be wary of spelling mistakes and bad grammar.

Contact the company directly to let them know, and don’t click on any links you’ve been sent.


Top tips to avoid getting scammed.

1. Never give out any passwords to anyone, over the phone, in person, online or via email.

2. Your bank, network provider and many other companies that handle your money will usually ask you to enter select characters of a password or login number. If you’re asked for your full password or login number by one of these companies, it’s almost certainly a phishing scam, and you should contact your bank or network provider immediately.

3. Never click on links in emails or texts that ask you to sign in to your account. Close the email and go directly to the company’s website.

4. Install good virus protection on your personal computer. You can buy trusted anti-virus software from companies like McAfee and Norton, or you can download free software from well-respected places, such as Avast and Kaspersky. Make sure you research the software you choose.

5. Make sure you’re visiting secure websites. You can look for the padlock icon in the address bar to check if a website is secure.

6. Remember, grammar and spelling are important to respectable companies like your internet or network provider and your bank, so if something reads really badly, it’s probably a scam.

7. Your bank, phone provider and money management companies know you. They’ll address you by name.

8. If you’re worried about the security of your personal details, you can find out more on our Fraud and Security page. Keep your details protected, stay safe online, and stay connected.