Phishing Guide

What is Phishing?

Phishing attacks use a mixture of technical know-how and old-fashioned trickery to steal your personal data.

Seemingly genuine emails from your bank or a well-known website may ask you to confirm your financial details, to part with information or even to log-in to fake websites.

Some phishing attempts contain keylogger spyware, which capture and send any information you type to the phisher. Over a few weeks, the phisher could acquire your usernames, passwords, bank details, address, credit card numbers, etc.

Your personal information can then be used by criminals to impersonate you, open new bank accounts or loan accounts in your name, steal your money or put unauthorised transactions on your credit card. Thieves could use your eBay or Amazon username and passwords to order and pay for goods in your name. You have to know how to protect yourself.

How to Avoid Phishing Attacks

Every month the number of phishing scams increases. And every month the criminals get smarter, sending out ever-more convincing emails.

  • Be suspicious of emails with urgent requests for personal financial information
  • Be suspicious of emails that have terrifying or exciting statements - phishers often use these to get people to react immediately
  • Do not reply to requests for information such as usernames, passwords, credit card numbers. Phishers usually ask for these
  • Don't click any links in an email if you suspect the message isn't authentic
  • Be suspicious of emails that do not address you by name. Phisher emails RARELY address you by name, but your bank or e-commerce company ALWAYS should
  • Never fill in forms in email messages - you should only send information such as credit card numbers or account information via a secure website
  • Always check that you are on a secure website if you click a link To do this, look at the beginning of the Web address in your browsers address bar. It should be "https://" NOT "http://"

If in any doubt, contact the bank or organisation that has allegedly sent the email to check if it's real. DO NOT reply to the email you were sent - go online and get an address from the authentic website.

What to do if you've been hooked!

Depending on what information you shared, you will have to take several different actions.

If you have given out your bank account information

  • Report this to the bank as quickly as possible
  • Follow your bank's recommended procedure

If you have given out your credit, debit or ATM card information

  • Report the theft to the card issuer as quickly as possible
  • Follow your card issuer's recommended procedure
  • Check your statements thoroughly

(continues...)