Phishing - Phishing is the use of bogus emails and websites to trick you into
supplying confidential or personal information.
Typically, you receive an email that appears to come from a reputable organisation, such as a bank. The email includes what appears to be a link to the organisation’s website. However, if you follow the link, you are connected to a replica of the website. Any details you enter, such as account numbers or passwords, can be stolen and used by the hackers.
---------------------------------------------------------------------------
You should be suspicious of any email that asks for your password or account details or includes links for that purpose. Banks or e-commerce companies do not usually send such emails.
Phishing emails usually use a generic greeting, such as “Dear valued customer”, because the email is spam and the phisher does not have your name. They may also make alarming claims, e.g. that your account details have been stolen or lost. The email often includes misspellings or substitute characters, e.g. “1nformati0n”, in an attempt to bypass anti-spam software.
Don’t follow links embedded in an unsolicited email. Phishers often use these to direct you to a bogus site. Instead, you should type the full address into the address bar in your browser.
Regularly log into your online accounts and check your statements. If you see any suspicious transactions, report them to your bank or credit card provider.
Check the web address in the address bar. If the website you are visiting is on a secure server, it should start with “https://” (“s” for secure) rather than the usual “http://”. Also look for a lock icon on the browser’s status bar. This tells you that the website is using encryption, but doesn’t necessarily mean that the website is legitimate.
Look at your bank’s advice on carrying out safe transactions. Don’t let anyone know your PINs or passwords, do not write them down, and do not use the same password for all your online accounts. Don’t open or reply to spam emails as this lets the sender know that your address is valid and can be used for future scams.
Anti-spam software will prevent many phishing emails from reaching you. A firewall also helps to keep your personal information secure and block unauthorised communications. You should also run anti-virus software to detect and disable malicious programs, such as spyware or backdoor Trojans, which may be included in phishing emails. Keep your internet browser up to date with the latest security patches.
If you receive an email you suspect isn’t genuine, forward it to the spoofed organisation.
(Many companies have a dedicated email address for reporting such abuse.)
