For the next 4 weeks, we’re doing a 4 part blog series to dig into the practical steps anybody can take to promote Cyber Security.
Phishing email scams are messages designed to look like they are sent from an authentic company. They are often clever impersonations from scammers trying to obtain personal information to steal money or data. In recent years, scammers have become undeniably good at impersonating the companies we trust the most.
There are several critical steps to avoiding phishing scams and protect your personal information and your computer from malware.
Part 4: Avoiding Phishing Scams
What to look out for:
- The sender’s email address doesn’t tally with the trusted organisation’s web address
- pay closest attention to whatever is directly in front of the ".com" or ".net"
- The email is sent from a completely different address
- Warning: Sometimes it's only a tiny variation of the top level domain, but hard to spot if you don't look carefully.
- A suspicious display name that doesn’t match the email address
- The email uses an unspecific greeting like ‘dear customer’ as opposed to your name
- The email contains spelling and grammatical errors
- Asking for personal credentials via email - legitimate companies including banks will never request for such details via email
- Contact details on the email signature - legitimate businesses always provide contact details
- The entire text of the email is contained within an image rather than plain text
- Indicates urgent action is required
Tips for what to do if you think it is a phishing scam:
- Don’t open the message if it looks remotely suspicious
- Check the website is legit by hovering your mouse over the link but NOT clicking, usually the link is different to the written text. Links could also lead to malicious software via .exe files.
- Never open any email attachments you weren’t expecting
- Never supply personal information
- Always contact the company prior to taking action to make sure the email is legitimate (search for the contact details online, don’t use the contact details provided in the email)