The latest phishing scams and how to avoid falling victim to them
Share This Article:
Phishing scams can be a real headache, but luckily there are a few ways to identify them.
With the influx of online scams in recent years, we’re no longer experiencing the predictable strange messages asking to send or transfer money across the world in order to receive a huge pay-out. We’re now receiving scam emails pretending to be our banks and even fraudulent texts fitting seamlessly in with the genuine ones. So now is the perfect time to ensure we’re clued up on what exactly a phishing email looks like, and how they seem to be evolving.
To determine the British public’s attitudes to online fraud and knowledge of scams, a study was conducted by NatWest, which found 16% of the public had personally experienced online fraud, and nearly 1 in 10 had been a victim of a phishing scam.
Surprisingly, it was the 18-24-year-olds who were the least savvy when it came to online security. 84% felt comfortable sharing personal information with people they know online and were twice as likely as the over 55s to share their data with brands online. Unfortunately, full-time students were also revealed to be the least knowledgeable when it came to dealing with online fraud, as over a third wouldn’t know what to do if they were a victim.
So how are phishing scams changing? We’ll discuss latest phishing techniques, ways to spot red flags, and what to do if one appears in your inbox.
The BBC broke the news of the latest way scammers were manipulating the public. They were creating ‘lookalike’ sites, just by altering the domain slightly with multilingual character sets. This new form of fraud was targeting smartphone users in particular who don’t see the URL as clearly and are therefore more likely to fall victim to this scam.
But here are five several simple ways to determine whether an email is genuine:
Check the email address
A quick way to check if the email you’ve received is really from the company or bank you know is to check the email address. Tapping on the name might give you the answer you need without even having to read the email. If you tap ‘PayPal’, for example, and the email doesn’t end in ‘@paypal.co.uk’ but instead is a random name and address unrelated to PayPal – you know it’s fake.
Check the Greeting
Does the greeting feel generic and impersonal? A genuine email will greet you by your full name, so look out for ‘Dear loyal customer’ or ‘Hello’ followed by your email address.
Check the language
You wouldn’t expect a member of the company to speak to you using slang or sloppy language in person, so don’t expect the same via email. Careless spelling or poor grammar are immediate red flags and signs of a phishing email, such as the misuse of ‘their/there/they’re’. Also look for consistency within the format and logo, and check it matches up with previous genuine emails and the company website.
Check the content
When reading the email, do you feel under pressure or threatened? Scammers can evoke emotion, both negative and positive, to encourage us to act. Scare tactics are used by telling us our account is under threat, or they’ve detected suspicious activity so we must act at once to recover our money. We’ll be sent harmful links to “log on immediately”, or asked to send our financial details within the hour to prevent further harm.
At the other end of the scale, we might be reached out to and informed we’ve won a prize, perhaps a holiday or a new car, but we must act quickly or they’ll have to give the prize to someone else. This sense of urgency encourages us to act without thinking.
Always be mindful, most companies will never ask you for personal information or answers to your security questions. So never give your details away or respond with any sensitive information.
Check the URL
In order to overcome the manipulation of domains and avoid stumbling upon a lookalike website, double check the URL. This is particularly important when on your mobile phone. The big three things to remember are to check the whole URL to make sure it matches the trusted site, and to check for ‘https’ before the ‘www’ plus the padlock symbol, which both show the website is secure.
In addition to this, check for a link embedded in the email, possibly telling you to download a protective software. Hover over the link before clicking on it to see if it’s taking you to a trusted site. It’s safe to presume the majority of links sent in emails asking you to enter information or download something are harmful, as malware and viruses can infect your devices.
What to do if you recieve a phishing email
If you receive an email which looks suspicious and meets any of these criteria, it’s important to report it. Forwarding the email to the genuine company can help them prevent other people from falling victim to the scam, and make others aware that phishing email is circulating. You can also report any suspected fake emails to Action Fraud to help fight phishing scams.
- Article continues below...
- More stories you may like...
- MENtal Health: An interview with Ben Edwards about male behaviour, relationship advice and stress management
- What's it like to work at Hilton?
- Freshers' week: how to make a good first impression
Once you’ve forwarded the email, delete it from your inbox.
Words by Sophie Proctor.