Phishing – don’t get hooked!
While the emails may look genuine, they will try to convince victims to click on a link that takes them through to a fake website; which also looks convincingly like the real thing. Examples of organizations used to convince victims include fake banks, tax authorities, eBay, PayPal, Hotmail or any other account that belongs to the victim.
The phisher will ask for ‘confirmation’ of your security details or prompt you to enter personal information. You type in your details as requested, thinking it’s secure, and that is it – you have handed your information to a fraudster.
Avoiding phishing attacks
- Treat all emails with suspicion – the email contents as well as the sender’s address or return address can be forged, and the email header and URL can be manipulated to disguise its source.
- The address link (URL) in a phishing email may include the name of a legitimate organization. But when you hover the mouse over the link without clicking it, you may discover in a small pop-up window that the actual URL differs from the one displayed. It may show the organization’s name but is mixed in with other characters. Similarly, you can hover your mouse over the address in the ‘from’ field to see if the website domain matches that of the originating organization.
- Be suspicious of any attempts to obtain a user-ID and password by email.
- Many fake emails start with ‘Dear customer’ or they may address you by your email address – if an email is genuine it will always address you by your name.
- Beware of unsolicited emails, or those from unknown senders, with attachments, links or requests for specific actions from you.
- Don’t click on a link in an email to get to a webpage; just clicking on it could download malicious software. If you know it, type the site address (URL) directly into your browser’s search/address bar.
- Watch out for grammatical errors and spelling mistakes – many scam emails are riddled with them.
- Phishing emails may tempt you into providing your details in exchange for offers, freebies or entry into a prize draw. Others may ask you to log in to an account to receive a refund.
- If it seems too good to be true, it probably is.
If in doubt, delete it!