Phishing scams are a type of fraud where cyber criminals try to steal your sensitive information, such as passwords and banking details, by pretending to be a legitimate source. They may contact you through emails, websites, or phone calls that look or sound trustworthy, hoping to trick you into sharing personal data or downloading computer viruses. Here’s a guide to help you spot phishing attempts and protect yourself from becoming a victim.
How to spot a Phishing Phone Call
Phishing phone calls can be tough to spot because scammers often use tactics to seem legitimate. Here are a few warning signs to remember:
- No one should ask for your password or PIN
Reputable companies will never ask for your password or bank PIN over the phone or by email. If you need to reset your password, they’ll direct you to a secure page on their official site, which will allow you to do it safely. Don’t share your password or PIN with anyone, just in case.
- Cyber criminals will use threats to frighten you
Scammers often try to scare you into acting quickly. They may say your account will be deleted or frozen unless you follow their instructions immediately.
- Evasive when you ask questions
If you ask to speak to a supervisor or ask for proof of where that the caller is calling from, they’ll either change the subject or make you feel at fault for asking for more information.
- They don’t want you to call back on the official number
Scammers can disguise their caller IDs to look like they’re from trusted organisations like the bank. However, legitimate companies won’t mind if you hang up and call back using their official contact number.
What to Do:
If you’ve received a call from a genuine source, they shouldn’t mind if you hang up and call back using their official contact channels. If they give you a number to ring, Google the number and see what comes up; if it’s not the company’s number, call the company to check when they last wanted to contact you over the phone.
Beware of a caller who doesn’t want to end the call, or tries to put you off from calling back using the official number.
If you’re worried, get the name of the person you’re speaking to, hang up and call the organisation directly. If you can, call them from a different phone as scammers can keep the phone line open. This means they can stay on the line and still hear you, even if you’ve ‘hung up’ on them. If it’s not possible to use another phone then wait for at least 10 minutes before you make another call.
Recognising a phishing email
Phishing emails can look almost like real ones, but certain clues can help you spot them. Look out for these warning signs:
- Strange email addresses
Be cautious if the sender’s email address looks suspicious, with extra letters, numbers, or an unusual domain name.
- Poor grammar and spelling errors
Legitimate companies usually don’t make frequent spelling and grammar mistakes in their emails.
- Urgent requests to take action
Scammers use urgency to push you into clicking a link or sharing information without thinking. Be wary of emails that demand immediate action.
- Low-quality logos and images
Authentic company emails use high-quality visuals. If images look pixelated or stretched, it might be a phishing attempt.
- Unusual tone or language
If the email’s language or tone feels off, like a financial company greeting you with “Hi, how are you doing?” it may be a scam.
- Too-good-to-be-true offers
Scams often promise things that seem overly generous, like huge refunds or prizes. If it sounds too good to be true, it probably is.
- Requests for payments you’ve already made
Be suspicious if a company asks for a payment you believe you’ve already made.
What to do if you’re targeted by phishing
If you think you’ve been a victim of phishing, take these steps to protect your accounts and identity:
- Change your passwords
Immediately change any passwords that may have been compromised to prevent further unauthorised access.
- Contact your bank or credit card company
Use the contact number on the back of your card to alert your bank or credit card provider. They may take steps like freezing or replacing your cards to protect your funds.
- Notify credit reference agencies
Contact credit agencies if you suspect your personal information has been stolen. This can help in disputing fraudulent activity on your credit report.
- Monitor your bank accounts
Regularly check your account activity and report any suspicious transactions to your bank immediately.
- Report the incident
You should report fraud and cybercrime to Action Fraud (the National Fraud & Cyber Crime Reporting Centre): Action Fraud. If you are in immediate danger, dial 999 for emergency services instead.
Stay Alert and Protect Your Information
Phishing scams can happen to anyone, no matter how careful you are. Being aware of the signs and acting quickly if something seems suspicious can help you avoid these scams and secure your personal information.