What is phishing, or online fraud?
Cybercrime is on the up and what we have noticed more recently is the ever increasing present of phishing. We have outlined the key points relating to this type of crime and how to protect yourself and your business. Phishing is an online-fraud technique that is used by criminals to lure you into disclosing your personal information, which then enables the thief to:
- Send spoof emails to authorise fake payments
- Apply for and get credit in your name
- Empty your bank account and charge expenses to the limit of your credit cards
- Remove money from your accounts
- Use a copy of your debit card to withdraw your money from anywhere in the world
It’s likely that fraud is being tried when you are asked to:
- Asking for a payment to be made urgently when payments are not due
- Provide personal information to an unknown source
- Verify your account information with the threat of suspending your account
- Sell an item with a promise of payment that is much more than the item is worth
How to protect yourself
Check the sender’s email address:
A big clue to identifying a fake email is the sender’s email address. Cyber criminals will often create an email account that closely resembles a company’s official email address. They may also mask the original email address with a familiar name to dupe you into thinking it’s a genuine email. Also, be wary of emails that do not provide any other contact information except for the sender’s email address.
High sense of urgency:
To prompt users to submit their information, hackers will often create a sense of urgency to open a link and re-submit your account information with a threat of losing your service. For instance, a phishing email from a bank or another financial institution might ask for you to “confirm your account” and re-submit your payment information or else your account will be terminated.
Link to a fake website:
In order to “confirm” your account information, Cyber criminals will attach a link that often times looks exactly like a link the real company website. Also be weary of hyperlinks embedded in the text. To see the full URL of a hyperlink, simply hover over the link with your mouse. When in doubt, do not click the link or open any attachments. If you do want to visit the site, type the name directly in your browser — especially if you intend to enter your login information on the site.
Since cyber criminals often send hundreds of emails at a time, another great clue to a fake email is the lack of a personalised greeting. Proceed with caution if the email doesn’t include your name or username, or addresses you simply as “Customer” or “Account Holder.”
Be on the lookout for misspelled words and bad grammar in the body of the email.