Security software: How to spot an online scam
How to spot a phishing scam
Phishing, (not to be confused with fishing) scams are one of the most common scams online at the moment. The scammers impersonate legitimate websites or emails in order to try and trick you into supplying personal information, such as passwords, or infect your computer with malware.
Phishing scams can convince even the most sceptical surfer, so be extremely careful. The emails are typically designed to look like they need a response, and appear to come from a company you regularly use, such as paypal (see the graphics below), your bank (if you do online banking), Amazon, Ebay. These are the main sources of the phishing scams.
How to spot a phishing scam
Phishing scams prey on your trust of a familiar household name. There are however a few tell tale signs that will help you identify a scam email from a legitimate one.
What to look for in a phishing scam email
There are a number of warning flags to look out for in the email above:
Phishing scam with a familiar name as bait
Phishing scamm emails may look like they’re coming from a service you use as above. However any logo from a company is easy to fake. Just a simple copy and paste in most cases. So please do not be taken in just because the email or website looks like you should expect it to.
Who was the email sent to?
Look at the names in the ‘To:’ field of the email header. In the example above, no email address exists. This is a sure fire indication that this is an attempted phishing scam. The scam artistes are attempting to garnish any information from anyne who is unwary enough to respond. Especially by clicking on the link at the bottom of the email.
If there are ‘undisclosed recipients’, it usually means that it has not been sent directly to you and you alone, but to a whole host of potential victims.
Your own name?
Legitimate company emails address you by name, often including postcode details to confirm the relationship.
Emails that start ‘Dear customer’ can usually be deleted, though many phishing emails are canny enough to autofill your first name from your email address.
If your name’s not mentioned, it’s a another sign that you should be wary.
Check the links
Links that lead to sites serving malware or set up to steal passwords look like they take you to a legitimate company. Hover your cursor – but don’t click – over the link to bring up a pane showing the actual destination.
If it’s different from the link it claims to be, or has a strange suffix, other than .co.uk or .com, don’t click on it.
If in doubt, navigate manually to the official website to check your account for recent transactions – by typing www.paypal.co.uk into a new browser window, for example.
Phishing emails are often written by people whose first language is not English. So watch out for bad spelling, poor formatting or words that are wrongly capitalised.
What you should do
- If you think you have found a phishing email, the safest thing to do is delete it immediately. Never follow a link on a suspicious looking email, even if it seems to be coming from a trustworthy name.
- If the rogue site snaffles any details you input, you’ll give the phishing scammers all they need to break into your account.
- To check if the email is genuine, rather than following the link, open your PayPal or online banking account in a new window by typing in the official address, and check your account for corroborating information.
If you think that you are a victim of a phishing scam contact us below, for how we can help you.