Are you cyber-savvy or a complete computer novice? Either way, we look at the main ways you can spot a phishing scam.
There are perfectly legitimate reasons for an organisation like your bank, the NHS or HMRC to contact you. However, there are people out there who will, unfortunately, take advantage of you by posing as organisations you know and trust to steal your personal information and your money.
Let’s take a look at how you can spot fraudsters and avoid being scammed.
Scammers could send you fake emails known as ‘phishing scams’ to get hold of your details. These are quite common – you’ll probably even have a few lurking in your junk folder!
Phishing emails might pretend to be an organisation you know to get you on side. Common phishing emails claim to be from your bank, mobile phone network, or even the government. Typically, the email will have a link you’ll be asked to visit so you can log into your account, or perhaps a document to download.
If you click on these, you could be taken to a fake website to provide your details. The scammers may also use this website to track your activity online or install malware onto your computer; meaning they can access more than the information you give them.
How do I spot a phishing scam?
Even if the scammers are using a familiar organisation’s name and logo, there could still be a few tell-tale signs that the message you’ve received is a phishing scam.
The clue’s in the name
While real emails from an organisation will usually address you by your name, scammers might address you as ‘Dear Sir/Madam’ or ‘Valued customer’, as they’ll be sending the email out to a large number of potential victims.
Look who’s talking
Another clue is the email address – take a look to see who sent the email. If the email address is a jumble of random digits and letters, you’re probably right to be suspicious. Also, the institutions that scammers often pose as won’t use web-based email addresses, such as Gmail or Yahoo.
Spell it right
Email scams often have obvious typos, so keep an eye out for these. Sometimes you might find that as you’re reading the message, it doesn’t make proper sense, too. One trick scammers commonly try is to use odd spellings or use digits instead of letters to fool your email provider’s spam filter. So, take a good look to see if you can spot any mistakes.
What’s in the email?
Above all else, email scams will include a link or document which you’ll be encouraged to open. No organisation that’s getting in touch with you for a legitimate reason will ask you to disclose sensitive information over an email, so you should avoid these at all costs.
“What’s a vishing scam?” we hear you ask. Well, much like phishing scams, they’re a type of scam used to obtain your personal information – but they target victims over the phone.
‘Vishing’ is a combination of ‘voice’ and ‘phishing’. Similar to phishing email scams, this kind of scam is carried out to gain sensitive personal information about you, such as your credit or debit card details, PIN or account passwords.
Vishing scammers can often be convincing, as they’ll use what information they know about you to gain your trust.
How can I spot a vishing scam?
It can be quite hard to spot a vishing scam, but there are ways you can avoid being a victim. Firstly, a scammer on the phone will be rushing you to provide your details, which a real bank would never do. If they seem desperate to know your details, it’s probably a scam.
If you’re not sure, you could suggest phoning them back using an official number provided on the organisation’s website – if they’re calling for a legitimate reason, they’ll have no issues with this. However, scammers can often become aggressive if you ask to call them back, and try even harder to keep you on the line and persuade you to hand over your details. If this happens to you, it’s best to simply hang up and end the call.
It’s wise to never reveal any financial or personal information over the phone unless you’re positive you’re using an official phone number.
How do I report a scam?
If you suspect something’s not quite right, or think you’ve given your information to a scammer, you should contact both the organisation the scammer claimed to be from and your bank – especially if you’ve shared or been asked for payment details. Even if you’ve spotted the scam and haven’t clicked any links or shared any information, it’s still important to let them know, as this allows them to warn other customers and take steps themselves to shut the scam down. Next, report the scam to Action Fraud either online or phoning 0300 123 2040.
Ready for more online security tips? Next, read how to make your passwords completely fool-proof.
Disclaimer: All information and links are correct at the time of publishing.