This week I want to talk about Phishing Scams. Phishing is a way in which fraudsters try to obtain your computer user names and passwords, and from there be able to access the rest of your online life. Most of these scams come in the form of emails, although they can also arrive via text message, instant message, posted letters or phone calls. They will claim to be from organisations such as Internet Service Providers, banks, PayPal, eBay, Google or Apple. They will look genuine with the all the right icons, trademarks, copyrights and fonts that you’d expect to see. The emails and text messages normally contain genuine-looking links to the relevant, but of course bogus, websites, asking you to simply login to the secure page of the website with your email address and password. Some may ask you to install a piece of software to do a security scan (installing viruses or keystroke loggers along the way). Once your details have been “phished”, crooks can then use this information to commit crimes such as identity theft and bank fraud. They may even use your details to target you deeper by earning your trust in such a way as to convince you that they are from organisations such as the police or the fraud office. This is called “Spear-Phishing” because they already know their target. Phishing isn’t restricted to just individuals - businesses are also targeted using specific requests for information or quite often legal or tax threats. What can you do to stop it? The short answer is not a lot - crooks use systems that work. So, while you can’t stop them sending you the email in the first place, you can be aware and proactive. If you receive an email from, let’s say, PayPal that looks suspicious, you should forward it onto their fraud team who will inspect it and try to stop the crooks from using that email server. Almost all big companies will have an anti-fraud team that you can contact. Other things to be aware of are:
When responding to emails, phone calls or texts, never give your login or personal details.
The email address that appears in the ‘from’ field of an email is not a guarantee that the email came from the organisation that it claims to have originated from.
Contact the organisation that has sent you the message by using a phone number that you have personally sourced. Speak to them directly to confirm if the message is genuine.
Use the spam filter in your email program to mark the message as spam and delete it. This ensures that the message cannot reach your inbox in future.
Never respond to a message from an unknown source. Take care not to click any on links to web pages. Even unsubscribe links can be bogus.