HOOK, LINE AND SINKER – HOW TO AVOID PHISHING SCAMS
Over the last few months, phishing scams have been on the rise due to an increase in home working and potential compromises in online security.
But while most people are familiar with the term, it’s vital that you understand what phishing – and ‘vishing’ – mean and the dangers involved.
Please do share this with friends and family, especially elderly relatives who are currently more tech-reliant due to COVID and may not be familiar with this type of online fraud.
PHISHING AND VISHING EXPLAINED
Both phishing and vishing are forms of ‘social engineering’ – the use of deception to persuade people to divulge confidential or personal information that can then be used for fraudulent purposes.
Phishing is an attempt to obtain your information – usernames, passwords and banking details – by pretending to be another person/organisation in electronic communication. This usually takes the form of email spoofing or instant messaging/text. Vishing – also known as voice phishing – is criminal phone fraud, when someone calls to gain access to your personal and financial details. It’s often a caller pretending to be from a company, and then directing you to a website where they ask you to reveal personal and financial information online.
HOW TO SPOT IT
The look, feel and tone of phishing emails is usually a giveaway. Is this how the person/organisation they are pretending to be usually communicates with you? Is it spelt correctly? Is the branding right? And sound the alarm bell if there is a veiled ‘threat’ or urgency about the message – this is a classic trait of online fraud. Again, with vishing it’s often the tone of the caller that raises suspicions – telling you that it’s urgent and you need to take action immediately.
Recent examples of widespread phishing and vishing are spoof emails, texts and calls from HMRC, directing people to websites or asking them to open/download documents. The tone, presentation and overall feel of these messages gives rise to suspicion, but many people have still fallen victim.
HOW NOT TO BE REELED IN
Always make sure your anti-virus software is up-to-date and running properly – speak to us if you’re unsure. As well as general good practice, this can mitigate some software based phishing attacks.
Never open anything that looks suspicious and never forward it on. If you are unsure if it is genuine, call the person/organisation who it’s supposedly from on a number already known to you for verification.
All information is valuable – never divulge anything online or on the phone if you suspect the sender/caller. That includes your name, date of birth and address, as well as the obvious financial details. These kind of attacks are often piecemeal and although the information you are being asked for may seem harmless, it is useful to the attacker.
Make sure security settings on social media – Facebook, Twitter, LinkedIn – are robust to prevent fraudsters gaining your details and whereabouts. Always remember to shred personal mail – names and addresses may seem innocuous but they are useful in the wrong hands. And finally, don’t be rushed or pressured by the sender or caller – this is often a tactic they use to get you to comply.
REPORT AN INCIDENT
To access the Lifeline IT support portal and log an incident, please click the button below or phone us on 020 8238 7838.
Unit 8 Stirling Industrial Centre, Stirling Way, Borehamwood, Hertfordshire, WD6 2BT