We’ve all received the classic email from a “foreign investor” promising to transfer millions of dollars into our bank account.
These fraudulent attempts to obtain sensitive information – known as phishing scams – are getting more sophisticated.
Athena Turner, brand manager at Hetzner, told MyBroadband that there are several key steps users must take to avoid becoming a victim to a scam and sharing their personal or account details.
These details include email addresses as well as banking details, as phishing scams want to steal your access details because of what this information unlocks.
There are a few telltale signs of a phishing scam. Once you understand the methods used, you’ll be able to guard against them, said Turner.
How to identify phishing scams
A phishing scam essentially works like a con job: someone has to convince you that they’re reliable before they try to steal from you.
This is most often done through fake emails that look like they come from a trusted source and ask you to click on a link to a website.
The website will be designed to look legitimate and from a service provider you’re likely to use. It will also ask for user information.
Once the information is obtained, it can be used for identity theft, financial theft, or fraud.
1. Don’t trust the logo or email address
It’s easy enough for phishers to copy a real company logo, and even fake the “From” email address to look like it comes from a trusted source.
Don’t trust the display name, as those are easily changed to mask the real email address.
2. Be suspicious of urgent requests
Phishers can use links in emails to obscure the actual URL, which takes you to a fake account.
Requests like your bank suspending your account unless you click on “this link” is an example.
A trusted company will give you the full URL in the text, not a link.
The safest thing to do is type out the URL in your browser, rather than clicking on it.
3. Check for typos or spelling mistakes
Reputable companies have copywriters to check their emails, so if you’re noticing bad grammar and typos, be on the alert.
Similarly, check the URL of the company for misspellings or strange versions of the URL (www.hetznerZA.com instead of www.hetzner.co.za, for example).
4. Don’t open unexpected attachments
A common phishing tactic is spreading viruses and malware through attachments, which can damage files or steal passwords from your computer.
Simple ways to prevent being scammed
The best defence, along with following the tips above, is to follow basic security practices.
- Only use a strong password
Here are tips on how to change a mail password.
- Delete emails that ask for personal information
Don’t reply, click on links or call phone numbers in these emails.
- Never email personal or financial information
Email is not a secure enough method to send personal or financial information – rather call through the information where possible, or split it up over email and text messages.
If you’re transferring large sums into someone’s bank account, always verify their banking details telephonically first.
- Review credit card and bank account statements
It’s important to check your credit card and bank statements as soon as you receive them to check for suspicious or unauthorized charges.
- Don’t share your password on the phone
A reputable company won’t cold call you and ask you to give them your password over the phone. This technique can be successful because people will share details over the phone when they’re in a hurry.