Phishing Scams: What You Need To Know

Phishing Scams: What You Need To Know

We have seen a little surge in phishing scams as of late. Lots of people are scammed out of their money, data or private information through these nefarious attacks every day and as long as you know what to look out for, you should be able to avoid being a victim. The FBI reported that $1.7 billion was lost to business email compromise in the USA in 2019 alone. Of this only about 20% was successfully retrieved, so it is really important to understand what phishing is so that you can prevent any unnecessary loss to you or your business.

What are phishing scams?

A phishing scam is some form of technological communication, usually an email or a message, that hackers use to get hold of sensitive personal information such as your usernames, passwords or banking details. This often results in financial loss or identity theft.

How do you recognise a phishing scam?

Scammers are constantly updating their methods to get away with as much as possible. It’s unlikely that the scams you receive now will look like the old:

“Good day, I am a Nigerian Prince in need of your help…”

Scams nowadays are a bit more subtle. They will often appear to be from a company you know and trust, like this fake PayPal notice below:

Fake notice from Paypal, courtesy of Phishing.org

They will use the right logos and branding colours to seem legitimate, but they aren’t. Can you spot the giveaway? It’s in the name. The domain name. This is often the easiest way to catch them out. It will often be a bastardisation of the real company name, sometimes adding a letter, removing one or switching them around.

They will usually create a story, often with a sense of urgency, to get you to click on the provided links or attachments. These can include:

  • Asking you to verify personal or billing information.
  • Claiming that there is a problem with your account.
  • Including a fake invoice.
  • Offering coupons for free products.
  • Wanting you to click on a link to conduct a payment.

How do you avoid being scammed?

What shouldn’t you do?

  1. Don’t follow any of the links in the mail.
  2. Avoid downloading or opening any of the attachments.
  3. Do not respond to the mail.

What should you do?

  1. Check the domain.
  2. If it seems to be from a company you know, phone them to verify the mail’s authenticity.
  3. Install an antivirus. We trust ESET to keep us safe. If you don’t have an antivirus, get in touch with us today.

We hope that this has been helpful and that you feel confident to fish out any and all phishing attempts. If you are unsure about a mail you have received or feel that you have been scammed, please reach out to our support team as soon as you are aware of it.