How to Spot a Phishing Email
The way we do our banking and spending has changed drastically over the last few years, with the use of internet banking rising by 33% from 2007 to 2017. The way we handle our finances has affected a lot of things in the financial services industry. From how people interact with bank branches and ATM’s, to the way people shop, make payments, and even check their bank balance. However, the way banking has altered has led to other changes – the way fraudsters operate. There are many methods fraudsters now use in order to gain access to your information and one of the most prevalent is called ‘Phishing’.
What is Phishing?
Phishing is a method used by fraudsters in an attempt to gain access to your personal information such as usernames, passwords, card numbers, and account details, usually with malicious intent and the purpose of financial gain. Phishing often takes the form of an email or other electronic communication, in which the fraudster will pretend to be a legitimate organisation or service. Communications sent may often contain attachments or links to websites which are intended to infect your computer or mobile device with malware or spyware. Often criminals doing this will attempt to gain your trust by using personal information, in an attempt to gain your trust and convince you of the legitimacy of their message.
How Do I know if it’s a Phishing Email?
It can often be hard to know for sure if you have received a phishing email. Communications sent may be of very high quality, and bear an extreme likeness to legitimate emails sent by many well-known organisations and companies. However, as long as you exercise caution, and look out for the following list of tell-tale signs, there are ways to avoid falling victim to these scams.
If you are ever being asked for personal information by an organisation that you are already affiliated with, then that may be a sign of a scam. Companies will usually have your information already, your bank for instance would never ask you to login or submit your account information – they have it already. Likewise, a fraudster may not necessarily have any of your information, so if you are addressed as ‘Dear Customer’, ‘Dear User’ or referred to by your email address, then it could well be a phishing scam.
Poor Spelling & Grammar:
It is probably one of the first things you would spot in a phishing email. Fraudsters often tend to make spelling and grammatical errors so read your emails very carefully – if you spot a spelling mistake for example ‘sing in’ instead of ‘sign in’, or anything similar it is likely to be a sign of phishing. Organisations take their communications seriously, and most emails would be checked by an editor before being approved – so consider spelling and grammar mistakes a probable tell-tale sign that the message is from an illegitimate source.
Often URLs will look like the real thing, but by hovering your mouse over the top of the URL or checking the info on it, you should see the actual address. If this address differs from the one displayed – it’s likely something isn’t quite right. You can also do this with the ‘from’ address, check if the domain name is associated with the company or institute it claims to have been sent from. For instance if you receive communication from a bank but the email domain is Gmail, or the name is misspelt in any way, it’s probably a scam.
Requests for Urgent Action:
This is one way fraudsters attempt to trick you into clicking their links and entering details – so exercise caution because once you’ve clicked through, fraudsters can steal information within minutes. Usually phishing emails will urge you to take an action, telling you that your account has been closed, locked, or that you have been billed for an item you likely wouldn’t have bought (even small amounts for things like app-purchases). Although it might be possible you receive a genuine email regarding account security or purchases for example, it is best not to click the links in the email and instead log into your accounts directly on the official website.
You Suspect Something:
Simply put, if you suspect it might be phishing or a fraudulent communication, it probably is. Go with your instincts on this one, and if you are in any doubts about the legitimacy of a message or contact, speak directly to the organisation about the matter and never share your personal information online.
What to do if I receive a Phishing Email?
If you think you’ve received a phishing email, or other form of fraudulent communication then it is usually a good idea to report it, so that it may be investigated and prevented in future, this also means you’ll be given a crime reference number should anything have gone wrong.
You can report suspicious communications to Action Fraud via an online form: http://www.actionfraud.police.uk/report_fraud. You can also find more information about reporting Phishing scams on the government website here: https://www.gov.uk/report-suspicious-emails-websites-phishing
Just remember, that although it is not always possible to avoid receiving a communication that’s a phishing scam, by remaining vigilant and considering these points, you can reduce your chances of becoming a victim.
- Infographic: What is a money mule?
- What is money laundering?
- What is a Ponzi scheme?
- How to report identity theft
- How to protect older people from being scammed
- Using contactless mobile payments and apps
- Safeguard your personal data when using smart home assistants
- Safeguarding your family’s personal data on smart toys
- How your identity could be stolen offline
- Protect against ID theft when making mobile payments
- Online Fraud Terminology
- What is anonymous browsing?
- Distributed Denial of Service explained
- How secure is your email?
- Identity theft and fraud explained
- Financial fraud explained
- Best practices for avoiding identity theft
- Stay safe online: Creating a secure password
- Scam avoidance: A few ways to help stay secure
- Are smart gadgets putting you at risk of identity theft?
- Helping your children stay safe online
- Should you share your location on social media?
- Safeguard your personal information on video game consoles
- Would you do internet banking on your smart TV?
- How fraudsters use Wi-Fi hotspots to steal data
- How to avoid email fraud
- Preventing your child’s identity from being stolen
- Keeping your personal information secure when moving home
- Protect yourself from becoming a victim of SMS phishing
- Protect against identity theft when sharing photos online
- Safeguard your identity on mobile apps
- Your social media profile and identity theft
- What is credit card fraud – can you prevent it from happening to you?
- How fraudsters can hijack your browser
- Safeguard your identity on Facebook and other social media sites
- Going on holiday - keeping your identity safe
- How to prevent smartphone identity theft
- Shopping online – staying safe against identity theft
- How to spot and avoid romance scams
- Facial recognition and identity risk
- Dealing with phishing phone scams
- How cyber attacks happen
- Safer Internet Day – protecting children online
- 7 Signs of Identity Theft
- How to avoid contactless card fraud
- What Are Data Breaches?
- ID Fraud Overview
- How Financial Crimes Are Hidden in The Dark Web
- How much do you know about the Dark Web?
- Are you losing your identity?