Online fraud is on the rise, so staying vigilant has never been more important. Phishing is the fraudulent practice of sending an email which attempts to obtain sensitive information or data, such as usernames, passwords and credit card numbers by pretending to be someone else, for example, a bank or building society.
This common form of fraud may encourage its victims to share personal details, visit suspicious websites, or even download dangerous malware.
Over time, fraudsters have developed their phishing techniques, presenting more complex and clever scenarios designed to catch people out. Scammers will sometimes go the extra mile, by setting up fake websites, email addresses and social media accounts to trick them into believing it’s a legitimate company.
One of the biggest defences against phishing is having prior knowledge of what to look out for, so we’ve covered some top tips below to help you spot a phishing email.
One of the most common and easiest ways to spot a phishing attempt is to check the spelling. The chances of a legitimate company sending an email to its customers with spelling or grammar mistakes is slim; so, it’s important to stay vigilant when it comes to emails that are poorly written.
The email requests sensitive information
No matter how official an email may look, be wary if a company asks for sensitive information. Thinking logically, a legitimate company you’re familiar with and trust would already know your personal details such as account numbers or passwords, so they would never request them from you over email.
Fraudulent companies will target thousands of victims with a single phishing attempt, which means generic welcomes like ‘Dear customer’ may be common. Most companies will address you by your name if they’re legitimate, especially if the contents of the email are specific to you.
The email directs you elsewhere
Sometimes, a phishing attempt can be spotted through an obvious attempt to lead you somewhere else, such as a website. Be wary of hidden links including buttons and highlighted text if you already have your suspicions.
The email is too good to be true
If you receive an email from a company or an unknown sender, who is making big promises, it is most likely a scam – especially if you’re not expecting it. A sense of urgency is a tactic that may also be used to encourage, or even demand immediate action.
What to do if you spot a phishing email
With the rise of phishing attempts, it’s important to stay vigilant online. Fraudulent companies may present themselves as trusted sources to reduce suspicion, such as the HMRC, financial services, or charitable organisations.
The best approach to a phishing email is to simply delete it. Do not click any links or download suspicious attachments. Some email platforms will allow you to block senders, so they can’t continue to target you. If you responded or interacted with a phishing email, and you think a scammer may have your information, the first step is to report it.
If you’ve given away personal details such as usernames or passwords for an account you own, contact the company via an official channel. They should be able to advise you on how to secure your account or make a note to flag any suspicious activity.
If you’ve clicked a hyperlink or downloaded an attachment that you’re unsure about, make sure the anti-virus software is up to date on your computer and run a scan if necessary.
Here at the Marsden, we will never ask you to disclose any passwords for your accounts. Find out more about what we won’t ask you to do on our ‘protecting yourself from fraud’ page.
To find out more or report a suspicious email, please visit the Government’s NCSC website.