Phishing scams are still widely used by cyber criminals because they rely heavily on human error to work. Being able to spot one and take the right action is therefore vital to protecting yourself and your organisation.
A typical Phishing scam will use an email to get you to divulge personal information. This information can then be used to e.g. steal your identity, steal money from your account / your company’s account, load malware into your computer such as ransomware, sell your details to other cyber criminals etc. Some phishing scams will also use a telephone call / email and telephone call combination.
Typical Phishing emails use tempting subject lines and look as though they come from a legitimate organisation e.g. your bank / building society and contain a link to re-direct you to a web page / website that has been designed by cyber criminals to look authentic enough to encourage you to part with your personal details.
Some golden rules to avoiding falling victims to Phishing scams:
- If the offer (email subject line) looks too good to be true, and / or if you don’t recognise the sender delete the email without even opening it.
- Your bank or building society is highly unlikely to send you an email requesting any password / personal information. If you see an email like this, delete it immediately.
- If the email looks in any way suspicious i.e. it relates to an order that you have not made but appears to be from a company that you have used delete the email without opening it.
N.B. Always keep your antivirus software up to date and make sure that you have effective email spam filtering in place.