Modern life has afforded us unprecedented conveniences. But it’s also opened the door to deceptive criminality schemes which frequent global headlines. Fraudsters can attack both off and online, hiding behind the façade of phoney emails, letters, telephone calls, text messages and emails.
These crimes, known as ‘phishing’, pose an ominous modern world threat. They keep us on our toes, questioning what we see and hear. Is this person really calling from my bank? Could this email attachment be a virus? Will that link lead to a bogus website?
The big question: How can you be sure what is and isn’t a trusted source? Cyber criminals, usually out to steal personally identifiable information for the purpose of exploiting our wealth and identities, deserve our attention. After all, it can take just a click to get snared.
So how can we stay clear of these shadowy, malicious forces? How can we stay one step ahead, ensuring we don’t get duped into sharing our data and downloading viruses? For starters, since fraudsters are always coming up with new guises to lure victims, it’s wise to keep up to date with scams by following tech news reports.
While there are nuances to each form of phishing, each usually shares common characteristics. It’s imperative to remember that a bank – or any reputable organisation – will never, ever ask for your login details (username, password) or any sensitive information, by email, text message or phone.
If you’re contacted with such a request, treat it as highly suspicious and end the call or disregard/delete the email/text message. The next thing to look out for is the ‘alarm-bell-ringing’ component, designed to frazzle your mind and encourage you to abandon your better judgement.
A prime example of this would be being asked, upon receiving a call from your ‘bank’, to confirm your online logins in order to recover your ‘stolen’ savings. The goal of the caller is to create a situation of extreme urgency, forcing you to panic and become desperate to remedy the ‘situation’.
Phishing scams involving this ‘ticking clock’ could also come from a number of other (hoax) services, again urging you to act fast to save something highly valuable. For instance, an email might say your account will be deleted or your identity compromised if you don’t comply.
But what if you’re unsure about, say, a call from your bank? Well, you could do worse than telling them you’re busy and can’t talk. You could then directly contact your bank using a listed number on their official website. Now, convinced of the agent’s legitimacy, you can confirm whether there was ever an issue. This ‘reassuring practice’ can also be applied to dubious emails and texts.
With phishing emails, vigilance is paramount. Let’s suppose a goods service notifies you that a $200 order has been placed and that you need to click a ‘cancel’ link if you suspect an error. Naturally, you’re suspicious, since you haven’t made any recent purchases.
Scam emails can be more deceptive, true, but there are proven ways to see through many ruses. Firstly, forget the technical and listen to your gut - is it telling you something is just off? Now pay closer attention to the email’s wording. How’s the grammar, spelling, sentence structure? Does it ‘feel’ like a professional email from a trusted source? ‘Dear (Real Name)’ or just ‘Dear Customer’?
Inspect the sender’s email address, noting anything odd. For example, while email@example.com sounds plausible enough, firstname.lastname@example.org raises suspicion. You could also refer back to old (trusted) emails from the goods company and compare sender address.
In a different scenario, let’s say you receive a work email that asks you to open a report from an attachment, but something feels awry. Since it’s possible someone could have hacked your colleague’s email account, you’ve reason enough to tread with caution. To be safe, why not call your colleague to confirm the email was really from them?
Disaster can usually be diverted by simply taking a step back and thinking before you respond to a potential phishing scam. Finally, be sure to regularly monitor you bank accounts for suspicious activity, and ensure that you change your passwords, contact your bank, credit card companies and the authorities if you suspect you’ve become a victim of phishing.