Phishing is a cyber attack method designed to steal user data, such as login credentials and credit card numbers. It can be done through telephone or text messaging, but most commonly will be in the form of email.
Often phishing hackers will try to make you think you’re on an official website—when really it is just a fake website that is disguised to match the look and feel of the legitimate site.
The goal is to trick you into thinking the message is from a trusted source. This might be from the government, your bank or credit card company. In crypto, they could pose as a member of an exchange or project.
What to Look Out For?
- Is this too good to be true? Are the emails claiming you have won a new laptop or bitcoin? If so, there is a clear red flag you are a victim of a phishing scam.
- Check the spelling of the senders domain URL: Often phishing scams will have a URL which looks different to the official website. This could be different letters or numbers in the URL or have a slight misspelling.
- Style of the email: Does the formatting look suspicious, and if it is from a company you have received emails in the past, does it have a different format than usual? Sometimes logos might look different or the email is poorly written, which can be a sign of a malicious email.
- Sense of urgency: Do they pressure you by giving you a short amount of time to claim a prize before it expires? This is not how normal businesses operate and will always give you plenty of warnings before they take action.
- Unusual sender: Have you received emails or calls from this person before?
- Posing as a trusted source: Phishing scams will often pose a trusted course, such as your bank or a government worker.
- Message is sent from a public email domain Most organisations will have their own email domain or company accounts. Apart from some smaller companies, it will be rare to see official emails from a company end in ‘@gmail.com’ for example.
- It includes suspicious links or attachments Phishing emails or messages will always have an infected attachment that you are asked to download or click on.
Steps to Minimise Falling For a Phishing Scam
- If you receive a suspicious email from someone you know, do not reply to the email but contact the source directly to verify.
- Limit personal data available on your social media—such as birthday, address or phone number.
- Sometimes you can hover over the link—to see the URL. Be extremely careful not to accidentally click the link.
- Always use antivirus and malware protection.
- Check the subject, sender and email address.
- Avoid replying to fraudulent messages.
- Ensure you always use a secure website when entering sensitive information by checking your browser begins with “https://” not “http://” and look for the small padlock somewhere close to the address.
- When in doubt contact the company directly through their official website.