Although the Internet brings many advantages, it also provides an avenue for unscrupulous individuals to attempt to scam innocent people.
One of the ways this can be achieved is through phishing: sending a fraudulent electronic communication to an individual that directs them to respond with private information (often financial information or personal details).
Once the information has been given, it’s used by scammers to rob or otherwise defraud the victim.
Here we take a look in more detail at phishing meaning, what a phishing scam is and how you can guard against becoming the victim of such a scam.
If you have any concerns about phishing, either from business or from private communications, get in touch and Pherrus Financial Services will be happy to help guide you on what you can do to avoid these scams.
What is a phishing scam?
A phishing message will, at first sight, appear like a normal message from a legitimate business: typically one that you do business with already, such as a utility company, Internet Service Providers, phone providers, banks or similar.
Messages may be texts, through social media, in the form of an email or a phone call. The message will contain a compelling reason for you to contact the business in question.
Typical reasons may be: unusual activity in your account that needs to be verified or your account has been suspended due to suspicious activity. In some instances, the scam may be presented in the form of an invitation to enter a promotional event (such as a competition or giveaway).
An email or text will usually include a link you can click on, or a download, that you will be urged to action in order to resolve the matter.
Rather than taking you to a legitimate site, the link or download will take you to a fake site, where you will be asked to input confidential information.
Once inputted, the information will be used for criminal purposes. A phishing phone scam may involve asking for credit or bank card information, as well as private information regarding your identity or financial products.
How can you spot a phishing attack?
It’s important to be aware that the communications you receive from phishing scammers can look very authentic.
As a general rule, no financial provider will ask you for financial information via text, email or social media.
If a financial provider calls you, they won’t usually ask for financial information either. If you have any doubts at all regarding the authenticity of an email or similar, call the provider using your usual number and ask for clarification.
Some pointers that a text or email is a phishing scam may include:
- The email address from which the email has been sent isn’t the same as the one in the top bar of the email. Hover your mouse over the email address displayed and a random email, often clearly from outside the country, will be shown.
- The site you’re directed to will have an address that’s subtly different to the legitimate business address. For example: instead of www.commbank.com.au (the legitimate site of the Commonwealth Bank of Australia), the address might be www.combank.com or similar.
- Phishing emails may contain spelling or grammatical mistakes. They may also be oddly worded, as many are written by scammers for whom English is an additional language.
- Sites may have the “s” missing from the “https” in the search bar. This means that the site isn’t secure.
- Some details relating to the business may be inaccurate. For example, if there is a phone number or postal address on an email, it won’t be the same as that of the legitimate business. Cross-checking against the business’s website only takes a minute or two and is well worth doing.
- Check online for phishing examples. Many phishing scam texts or emails are sent to millions of people at a time. There’s often online information regarding particular scams that are doing the rounds.
We cannot stress enough that if you have any doubts regarding the authenticity of a communication from a business, don’t act on it.
Call the relevant business using your usual contact number (if you don’t know the number, you can look it up online) and check the email out.
What happens if I’ve already submitted my financial details to a phishing site ?
If you suspect that you’ve inadvertently responded to a phishing site, call your financial provider to have a stop put on whatever financial information you’ve parted with.
For example, if you’ve handed your bank details across, call your bank and ask them to freeze your account.
Similarly, if you’ve parted with credit card information, call your credit card provider and ask them to put a block on any further transactions until you can set up fresh security information.
Sadly, businesses are used to dealing with phishing victims, and will almost always have suitable processes in place to help protect your financial information and privacy, in the event that its integrity has been compromised.
As a general rule, it’s best to contact a bank, utility provider or similar yourself, using the numbers given on their website (look online for these), rather than responding to an email or text message.
Financial institutions, in particular, take your security seriously and will be happy for you to call or contact them directly, rather than respond to a communication.
Pherrus Financial Services is committed to ensuring that all our customers have a good understanding of how to keep themselves (and their financial information) safe from scammers.
We aim to not only provide a suite of high-grade, professional financial and accounting services but also to empower our clients to operate successfully in today’s challenging climate.
In addition to providing information and recommendations on financial and cyber-security, Pherrus is also able to assist with taxation, wealth creation, business management and growth, and optimising workplace success.
Get in touch to find out more about what we can offer, or to discuss your requirements in greater detail with a member of our experienced team.