Phishing is a fraudulent attempt to steal sensitive information by posing as a trustworthy company, often via email or messaging. The threats are real and have previously led to financial loss and identity theft. In the last few months, several councils in the North West were targets of cyberattacks with Burnley Council the most recent victim.
A government report revealed that phishing was the most common cyberattack type, with 84% of businesses affected. Most businesses are likely to experience a phishing attack at some point in their lifetime.
Cybercriminals think they’re smart by posing as a trusted source or scaremongering users into action. However, there are many indicators of a phishing scam. So we want to show you some of the most obvious phishing methods you should look out for.
11 Ways to Easily Spot a Phishing Scam
1. Suspicious Email Addresses
Pay attention to the sender’s email address; phishing emails often use addresses that resemble legitimate organisations you would usually trust but may have small differences, like extra characters or misspelt domains (e.g., “support@applle.com” instead of “support@apple.com”).
2. Urgency or Threats
Phishing messages often create a sense of urgency; they warn that your account will be locked, or you’ll face legal action if you don’t respond immediately. Genuine organisations will never do this.
3. Unsolicited Attachments or Links
NEVER click on unsolicited attachments or links! Phishing scams use malicious links or attachments that can infect your device with malware or steal your personal data. Always inspect the URL before clicking or hovering on a mobile.
4. Generic Greetings
Be cautious of generic greetings; organisations usually address you by name. If the email starts with “Dear Customer” or “Dear User,“ chances are it’s a phishing email.
5. Spelling and Grammar Mistakes
Phishing emails often contain spelling errors or unusual grammar. Many phishing scams originate from non-English-speaking countries; so errors in the email body can be a red flag.
6. Requests for Personal Information
Phishing scams often ask for sensitive information. Companies will never ask for passwords, credit card numbers, or social security numbers via email. Be cautious of any personal information request. Requests for payment in cryptocurrencies, gift cards, or wire transfers are also signs of a scam. These are often untraceable and irreversible payment methods favoured by scammers.
7. Unexpected Emails from Known Contacts
If you receive a strange or unexpected email from someone you know, it might be a phishing attempt. This is especially true if they ask for money or sensitive information. Their account could be compromised.
8. Unusual URLs or Domain Spoofing
Check the URL closely; phishing websites often use domains that look very similar to legitimate ones, with slight modifications like additional words, numbers, or dashes (e.g., “yourbank-login.com” instead of “yourbank.com”). Some of these domains may be included in emails with too good to be true offers. Don’t fall for temptation!
9. Branding Errors
Examine the logo, design, and language of the message: If something looks off or is different from the company’s usual communications, it could be a phishing attempt.
10. Look for HTTPS in Website Links
Legitimate websites, especially those dealing with sensitive information, use HTTPS: Check the URL for “https://” and a padlock icon before entering personal information.
11. Pop-Up Alerts
Phishing emails may include pop-ups asking for personal information. Legitimate websites or services don’t usually request information like this.
When you see an email that doesn’t seem right, you should ask the following questions:
- Is this message claiming to be from someone official?
- Have I been given limited time to respond?
- Am I worried about what the message says?
- Was I expecting a message like this?
It’s essential that you stay vigilant and recognise these signs so you and your peers can easily identify phishing scams. Don’t end up like the 26% of UK businesses that lost money due to a phishing scam, acknowledge these tips and consider them when you see something unexpected.