Phishing email scams – don’t take the bait!

Phishing email scams – don’t take the bait!

According to Collins Dictionary ‘Phishing’ is The fraudulent practise of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers online.

Phishing is used to obtain information which may allow the phisher to commit fraud. Although the majority of phishing attacks target individuals, sometimes they also target large international organisations.

There are two main approaches that phishers use to induce you to part with your personal information.

Malicious links

The first is a ‘malicious link’ received in an email that appears to be sent from a bank or online retailer. Once you click the link, you are directed to a phishing website which looks genuine, but it aims to trick you into entering your login details, or it can automatically install ‘malware’ (malicious software designed to access your computer). Fraudsters do this to get your login details so they can make transfers and purchases.

These links can be disguised to appear as genuine within the body of an email, or they could be embedded in an image which you are asked to click on.

To identify a ‘malicious link’, hover over it and check whether the address it is pointing to matches the company and if it begins with https://. This is the standard opening for most website addresses. Phishers can replicate websites but the beginning of the web address will be http:// without the ‘s’. Often the address will have subtle differences, such as a ‘1’ instead of an ‘l’, but takes you to an entirely different website.

Attachments

Attachments are another way that phishers try to tempt you. If you open them, you may allow malware to enter your computer. If you are not sure of the origin of the email, then DO NOT open the attachment.

Other tips to remember are:

  • Up-to-date security software generally does a good job of blocking phishing and spam emails from being delivered to you
  • Phishing emails often call for urgent action, for example suspicious activity has been reported on your account and you must logon to provide your details to stop this
  • Reputable companies will not ask for financial or personal information by email
  • If it seems too good to be true then it probably is
  • Phishers sometimes give themselves away with poor spelling or grammar.

Remember, always check before clicking on any link or opening any attachment. If you’re still not sure, then check the telephone number of the business who sent the email using an independent source and ask them to confirm if it’s genuine.

29 May 2018

Paragon Bank PLC is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Registered in England number 05390593. Registered office 51 Homer Road, Solihull, West Midlands B91 3QJ. Paragon Bank PLC is registered on the Financial Services Register under the firm reference number 604551