Protecting Yourself from Phishing Scams Online
Government statistics have revealed that phishing scams were the most common cyber security threat in 2022, targeting both personal and work emails, phone calls, and text messages. Typically, phishing attempts rely on various methods to convince you they are from legitimate organisations and trusted individuals, with the intention of pressuring you to provide sensitive information or click on links. Some signs to watch out for include:
- Check the email address and phone number: Many scam emails and texts attempt to mimic a company’s email domain or name, but often contain slight differences such as numbers or alternative letters.
- Look out for spelling and grammar mistakes: It’s common to find grammatical errors and spelling mistakes in phishing emails. Make sure to read the email carefully and look for inconsistencies.
- Using pressure and time sensitivity. Urgency is often used by scammers to put you under pressure. Look out for ‘Do this now or you’ll not be able to…’ messaging.
- Consider the purpose of the email: Official organisations should not request sensitive information to be shared via email and should never ask for bank details.
- Examine links and attachments: Suspicious links won’t match the usual organisation’s URL and may include deceptive spelling errors or replacement letters. Phishing links and attachments often request that you share personal information.
How to Deal with a Phishing Scam
With phishing scams occurring so frequently, knowing what to do when you encounter one is essential. In general, there are a few key steps you can take to make sure you protect yourself online:
- Do not give out private information.
- Do not download or click on any links.
- Do not respond to any messages.
If you’re unsure about whether you have been involved in a phishing attempt, you should always contact the organisation by the details on their official website, and avoid clicking any links or responding, until you are sure.
If you do believe you’ve fallen victim to a phishing attempt, there are several steps you can take to help in the situation:
- Contact your bank. It’s important to contact the bank as soon as possible if your bank details have been taken.
- Change passwords and log ins. You should change all of your passwords, even if you think they may not have been affected.
- Document what has happened. Write down and screenshot everything that’s happened.
- Contact the police or Action Fraud. Find out how to contact Action Fraud here.
- Contact the organisation. Report the incident or any scam account to the organisation or social media platform.
- Get Support. Talk to others, whether it be a friend, family, or emotional support services. You can find a list of support services from Report Harmful Content’s website here.
To find out more about phishing attempts, you can visit SWGfL’s knowledge base on Phishing, which gives all the guidance you need on what to look out for and how to prevent a phishing attempt.