Blerim Abedini, Institute for Security Studies and Development, ISSD-NM
‘Phishing’ is when criminals use scam emails, text messages or phone calls to trick their victims. The aim is often to make you visit a website, which may download a virus onto your computer, or steal bank details or other personal information.
By reporting phishing attempts, you can reduce the amount of scam communications you receive, make yourself a harder target for scammers, protect others from cybercrime online.
The purpose of a scam text message is often to get you to click a link. This will take you to a website which criminals use to download viruses to your computer, or steal passwords or other personal information.
Phone scammers will call you unsolicited, pretending to be from an organisation you trust, such as your bank or the police. These scam calls may be automated, or from a real person. They may ask you for your personal information like banking details, or tell you you need to transfer money. Many phone companies offer services that can protect you from scammers and other nuisance callers. These include: caller display, incoming call blocking and anonymous call rejection.
Criminals use information about you that’s available online (including on social media sites) to make their phishing messages more convincing.
Many scammers operate fake websites, which will download viruses to your computer, or are designed to steal passwords or other personal information.
If appropriate security agencies discover activity that is malicious, they may identify this activity. They can then seek to block the address the email came from, so it can no longer send emails. They might also work with hosting companies to remove links to malicious websites. Moreover, they can raise awareness of commonly reported suspicious emails and methods used (via partners).
Many cyber criminals seek to trick their victims using scam adverts. You might see these adverts hosted on websites, or while using a search engine or social media. These adverts will often look genuine. They might try to hook you in using false celebrity endorsements, or by offering goods at a discount. But the aim is often to steal money from you, or sell you goods that bear no resemblance to what was advertised.
By different situations need actions in appropriate way, so:
If you’ve provided your banking details- Then contact your bank and let them know.
If you think your account has already been hacked- You may have received messages sent from your account that you don’t recognise, or you may have been locked out of your account, refer to our guidance on recovering a hacked account.
If you received the message on a work laptop or phone, then – Contact your IT department and let them know.
If you opened a link on your computer, or followed instructions to install software then-
Open your antivirus (AV) software if you have it, and run a full scan.
If you’ve given out your password then – you should change the passwords on any of your accounts which use the same password.
If you’ve lost money then – Tell your bank and report it as a crime to Action Fraud.
Scammers try to quickly gain your trust. They aim to pressure you into acting without thinking.
If a message or call makes you suspicious, stop, break the contact, and consider the language it uses- Scams often feature one or more of these tell-tale signs.
Authority- Is the message claiming to be from someone official? For example, your bank, doctor, a solicitor, or a government department. Criminals often pretend to be important people or organizations to trick you into doing what they want.
Urgency- Are you told you have a limited time to respond (such as ‘within 24 hours’ or ‘immediately’)? Criminals often threaten you with fines or other negative consequences.
Emotion- Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.
Scarcity- Is the message offering something in short supply, like concert tickets, money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.
Current events- Are you expecting to see a message like this? Criminals often exploit current news stories, big events or specific times of year (like tax reporting) to make their scam seem more relevant to you.
How to check if a message is genuine? If you have any doubts about a message, contact the organization directly. Don’t use the numbers or address in the message – use the details from their official website.
Remember, your bank (or any other official source) will never ask you to supply personal information via email, or call and ask you to confirm your bank account details. If you suspect someone is not who they claim to be, hang up and contact the organization directly. If you have paper statements or a credit card from the organization, official contact details are often written on them.
Source: National Cyber Security Center, United Kingdom. What we do – NCSC.GOV.UK
Comments are closed, but trackbacks and pingbacks are open.