Phishing scams are among the most prevalent forms of cybercrime, especially in the UK. Although phishing is widespread, it is beatable. Apart from ensuring you install security software, the best way to combat scams is to learn what phishing looks like.
What is Phishing?
Phishing (pronounced “fishing”) is a kind of identity theft which is growing in popularity amongst hackers. By using fraudulent websites and false emails, perpetrators attempt to steal your personal data – most commonly passwords and credit card information.
Criminals gain this information by sending you links to sites that look like sites you trust, such as your online banking provider or social networks, and are able to steal your data as you enter it. Some of the sites spoofed most regularly include PayPal, eBay, Yahoo! and MSN, as well as financial institutions – so don’t think that an email is guaranteed to be safe when it’s not from a bank.
How to protect yourself against phishing
- Be wary of emails asking for confidential information – especially information of a financial nature. Legitimate organisations will never request sensitive information via email, and most banks in the UK will tell you that they won’t ask for your information unless you’re the one contacting them.
- Don’t get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
- Make sure you familiarise yourself with a website’s privacy policy. The majority of commercial websites have a privacy policy, which is usually accessible at the foot of the page. The most useful thing to look for is the website’s policy on whether it will or will not sell its mailing list.Most of the spam you receive on a daily basis – as well as potentially dangerous phishing emails – is coming to you because a site you have signed up to has sold your email address to another company. If you’re not ok with this happening, it might be worth reconsidering whether you want to sign up to the site.
- Watch out for generic-looking requests for information. Fraudulent emails are often not personalised, while authentic emails from your bank often reference an account you have with them. Many phishing emails begin with “Dear Sir/Madam”, and some come from a bank with which you don’t even have an account.
- Never submit confidential information via formsembedded within email messages. Senders are often able to track all information entered.
- Never use links in an email to connect to a website unless you are absolutely sure they are authentic. Instead, open a new browser window and type the URL directly into the address bar. Often a phishing website will look identical to the original – look at the address bar to make sure that this is the case.
- Make sure you maintain effective software to combat phishing, this includes keeping windows & anti-virus programs up to date.