What is phishing?
Phishing is when criminals send convincing looking, but fraudulent emails to lure you into entering your details at a fake but genuine looking website. Fraudsters use your details to access your accounts and money or to steal your identity. Criminals can also use hyperlinks or attached files within phishing emails as a way to infect your computer or device with malicious software (malware).
Here's how to spot a phishing scam:
When you receive an email you should check it for signs that it may not be from the company it appears to be from.
- Check the email address - Is it the same as the email address you usually receive emails from, or just similar.
- Check the email subject line - anything along the lines of "There is a secure message waiting for you", "Security Alert", "System Upgrade" and so on should be treated as suspect.
- Check the message title - if it reads 'Dear Customer' or 'Dear Valued Customer' or if isn't personalised at all, then you should be suspicious. Phishing emails will not usually include your name.
- Look for an emotive prompt to click on a hyperlink or a button or to download a file, such as 'Verify your account or password' or 'update your security details'. This will likely take you to a copycat website where you will be prompted to enter your full details.
- Be suspicious of any message that creates a sense of urgency, such as 'If you don't respond within 48 hours, your account will be suspended'. A legitimate company will not create a false sense of urgency.
- Check the wording for casual or informal words
- Check the grammar and spelling for mistakes or inconsistencies.
Top Tip! You can hover your mouse pointer over hyperlinks (or buttons) to see the underlying website URL.
Avoiding the phishers
- Tripp will never ask you for any details through an email link.
- Never respond to any unexpected or suspicious emails.
- Don't click on any links or attachments within unexpected or suspicious emails.