Have you ever received a message from your bank asking you to share private information, move money from one account to another, or perform some other eyebrow-raising task? Chances are the sender isn’t actually who they’re claiming to be, but how can you be sure?
These days, phishing messages seem to be an unavoidable part of living in the digital age. While many of us can recognise the telltale signs of a scam, cybercriminals (and the tools available to them) are getting more sophisticated by the day.
Below are some ways to help tell a phishing scam from a legitimate message, along with some steps to consider taking if you’re unlucky enough to fall victim to one.
What are phishing messages?
These are messages that resemble communications from a trusted source (such as your bank, insurance company or super fund) but are actually ploys by cybercriminals to obtain your personal information.
They often contain suspicious looking links or attachments that can install malware onto your computer once clicked. This might allow scammers to make changes to your device remotely and without your knowledge.
Other giveaways can include typos, poor grammar, and urgent calls to action (such as calling a number, claiming a prize, or entering your login details). Generally, if your first impression when reading the message is that something’s off, there’s a good chance you’re right.
What to do if you receive a phishing message
What you can do if you click on a phishing link
Even the most cautious of us can unwittingly click on a malicious URL. If you find yourself in this position, whether due to a slip of the finger or a lapse of judgement, don’t panic. Below are a few steps that might be able to minimise the damage.
You will also need to alert your bank or service provider so they can put the appropriate controls in place. Depending on the nature of the scam and how recently it took place, they might be able to block any suspicious activity.
What else do you need to know?
Scammers can go to great lengths to impersonate people or institutions that you trust. These days, phishing messages can appear in the same message thread as actual communications from your bank. And a single phishing message might conceal an entire team of scammers, with people ready to pick up the phone to ‘confirm’ a claim once a victim calls the number in a message.
If you receive a text or email that raises alarm bells in your head, stay calm and try to avoid making any hasty decisions. Remember that a real organisation wouldn’t put you in a position where you’re under pressure to act — and if you’re still uncertain, go directly to the source to confirm.