Skip to main content

What is Phishing?

This is a cyber attack to deceive individuals (like you) into revealing sensitive and confidential information, such as usernames, passwords, card numbers, etc; which can be typically associated with someone pretending to be an individual or company of trust such as a bank, government etc. Information gathered can be used for malicious intent such as and not limited to; financial fraud, unauthorised access to accounts and data.

Phishing Techniques

Attackers will use a variety of phishing techniques, such as;

  • Emails:

such as; Attacker sends an email appearing to be from a legitimate company containing messages for an urgent action for example, pay an invoice. In the hopes you, the individual will respond by clicking on a link to a fake website where you need to enter details such as login information, card details. Opening attachments which will infect your device with malware, ransomware.

  • SMS (Smishing);

Similar to Email phishing but communication will be in SMS format that is sent to your mobile device

  • Voice (Vishing);

Similar to Email phishing but communication will be over the phone to your telephone or mobile or business contact numbers

  • QR codes (Quishing):

Similar to Email phishing but communication will be in the format of a QR code.

Signs of Phishing

Below are a couple of alarm bells associated to phishing

  • Urgency or Threats for something to be done immediately
  • Suspicious Links - fake and malicious urls are different to the legitimate company, usually hovering overlinks can uncover the links
  • Unexpected Attachments - usually contains malware to infect your device, network, etc;
  • Grammar and Spelling - many phishing emails contain spelling and grammar errors
  • Requests for Sensitive or confidential information - legitimate companies will not request this information through email or sms

Ways to protect yourself and others

  • Be cautious of any unsolicited emails, texts, calls or messages asking for personal, confidential and sensitive information
  • Verify the Source: An email could be convincing that it is from a legitimate company or trusted person, but contacting the company or individual using a different communication method, such as; go to the official company website and use the contact number to verify the email or contact the company with a saved number on file rather than using any contact numbers in an email.
  • Check URLs carefully
  • Ensure you have an up-to-date antivirus software
  • Reporting Phishing Emails
  • Awareness and education can help to spot phishing attempts and can help you avoid falling victim.