Ever had an email from an ‘official’ organisation asking you to disclose personal information, but you were not sure whether to trust it?
Your instincts may be right.
Scammers are sending emails disguising themselves as legitimate organisations, linking recipients to a fake log-in page in an attempt to hijack personal information, known as phishing – and scammers are getting better at it. Whilst some emails are obviously fake e.g. spelling mistakes and poor design, some are not, and have put people and organisations’ sensitive data at risk of abuse.
The Devil in the Detail – How to Sniff Out the Phishes
1. Check the web address of the web page – if the login page is genuine the URL will be the official URL of the company e.g. www.hsbc.co.uk/1/2/ways-to-bank/internet-banking. If you are unsure login from the official website online rather than from your email inbox.
2. Login manually – if you receive any kind of email from a company asking you to confirm your details by logging in, do it manually by visiting the company’s official website, do not click on any link buttons within an email if you are unsure, these will not direct you to the official company page.
3. Don’t ignore security warnings – security notices from your email and web filters, and security software could just be the warning you need when a web page seems official to the human eye, so don’t ignore them.
Serval Tip: take all of these precautions all of the time, one may not be secure enough. If in doubt, call the company directly and ask them.
Note that now it has been publicised that eBay has had a security breach and users should reset their password, scammers may use this to produce eBay phishy emails. To be on the safe side reset your password through eBay.co.uk and not through any email.