Phishing: How to protect yourself to beat the scammers
It is a sad fact of today’s interconnected world that we will all encounter cybercriminals who try to steal our money and identity with phishing scams.
These fraudsters bring misery and frustration to thousands of people every year and threaten financial ruin for the unwary.
But there is hope. Follow the Golden Rules below to reduce your chances of becoming a victim.
Phishing for data
Phishing is one of the most common methods cybercriminals use to steal personal information.
It refers to a form of identity theft where con artists send out fake emails in an attempt to dupe you into revealing passwords or other important personal data.
This information can then be used to hack into your accounts or be sold to other criminals on the Dark Web.
Hackers gain this information by sending emails with links to websites that look like those you can trust. These can include your bank, social media like Facebook or Twitter, or a company and brand you recognise.
Alternatively, the phishing email may try to get you to download an attachment. The email may claim it’s something useful or urgent, such as discount coupons or a tax rebate form.
In reality both links and attachments will contain a virus that could infect your computer with malware which is designed to steal your personal or banking details.
Phishing can hold you to ransom
Sometimes this can involve a ransomware, where the virus will lock you out of your computer until you’ve paid the criminals a fee. One ransomware that regularly crops up is when your screen suddenly displays a fake Metropolitan Police notice demanding you pay a fine to unlock your computer.
According to the US Postal Service there are 156 million phishing emails sent out worldwide every day and 16 million of these make it through spam filters. Research estimates there has been a tenfold increase in phishing in the past five years.
And with the growth in smartphones, we have become ever more reliant on our phones for our primary computing activities, so the cybercriminals increasingly focus on targeting them.
While phishing emails can be used to attack a phone, the most harmful scams come through fake apps.
Another means of infection is ‘click-jacking’, a technique to trick users into giving the cybercriminals access to your device’s administrator account.
With this access, scammers can change collect details about your online use and even the regular passwords you use.
These attacks can be highly sophisticated and convincing. So how can you protect yourself and not fall for these nefarious acts?
Follow the Golden Rules to beat phishing
- The number one rule with phishing emails is: don’t click on links or open attachments unless you are absolutely sure they are from a reliable source.
- Remember legitimate companies never ask for sensitive information via email and banks say they won’t ever ask for your information unless you are the one contacting them.
- Don’t get flustered. Phishers will often use scare tactics, threatening to disable your account or delay services until you update certain information. It is always worth contacting the company named to confirm the authenticity of the email’s request.
- Look out for generic-sounding requests or introductions that say something like ‘Dear Valued Customer’. Fake emails are very rarely personalised. Genuine emails from your bank will often reference a specific account you have with them.
- Instead of clicking on the link open a new browser window and type the company’s URL directly into the address bar. This way you can check if it matches the link in the email.
- Check the spelling and grammar. Many phishing emails come from outside of the UK and will often carry spelling mistakes.
- Always maintain and update your anti-virus software.
- Always back up your files.
- Install specialised anti-malware software.
For smartphones and tablets
- Never buy or download apps from third-party stores. Only buy from legitimate ones such as Google Play or Apple Store.
- Always check the permissions on an app before installing it. If the app is asking for too much, like access to your phone’s Contacts, then they are best avoided.
- Always back-up your personal files and photos.
- Make sure your phone has all the appropriate anti-virus software and firewall protection as you would for your computer.
- As with emails never respond to texts asking for your details.
- Delete all spam. Never answer spam emails. Scammers are just waiting for you to confirm your email address is active and live so they can continue to target you.
Finally, and most importantly, be smart and be safe.