An explanation of phishing for data

Phishing for Data

There are loads of scams out there. Job scams, romantic scams, extortion, fake charities. The list goes on and on, but none are quite as tricky to navigate as ‘phishing’. It’s a tough nut to crack, and I’m not just talking about the pronunciation (let me help you there: its ‘fishing’… or ‘fushing’ if you’re from south of the Tasman).

What is Phishing?

Phishing for data is basically when the bad guys (scammers, hackers, thieves, naughty boys and girls) pretend to be good guys (financial institutions, telecommunication companies or other legitimate businesses) in order to steal your sensitive information like credit card details, pin numbers, passwords or personal information. They then buy shiny new things on the internet at your expense, sell your information to other parties, hijack your accounts, steal your hard-earned moolah or do any number of other disreputable things.

How does Phishing for Data Play Out?

You can be contacted in any number of ways – social media, email, texts, phone calls. The message will be designed to look as genuine as possible, to the extent that logos will be copied and any web site you’re directed to will look the same as the legit one. They’ll try trick you into filling in your details through scare tactics, the promise of a prize or the use of emotional language such as ‘urgent request’. They might say someone tried to do a massive transfer out of your account, and your password is required to stop it. Or they might say the bank lost some of its records, and they need to verify your details. They might just ask you to confirm your password. Next thing, Mister Scammer is flying first class to the Virgin Islands wearing a mink coat, and you’re paying.

How to Spot Phishing for Data

Phishing scams are designed to catch you at a weak moment. So if you’re vigilant, and look out for the tell-tale signs you should be able to avoid them. Here’s what you do:

– Double check the senders email address. If the origin is generic, misspelled, or nothing like the institution they’re claiming to be, you’re being phished

– Does the message contain poor grammar and spelling mistakes? You’re being phished. No big corporate will send out an email without it being proofread

– If the message has a generic greeting like ‘Dear Valued Customer’, or if there is a blank space where your name should be on email greeting, chances are it’s a scam

– Links are always a bit phishy (see what I did there?). Even if the embedded link looks ok, hover over it and check the hyperlink that pops up. If it’s different, or looks a bit odd, best to ignore the email. And please, for the love of all things cyber, don’t download any unverified PDF or Zip files unless you’re 100% sure of the sender

– Fall back on your intuition and common sense. Prizes don’t fall into your lap, Paypal wont email you for your account details, Microsoft can’t magically sniff out a virus on your computer. Those are all phishing for data scams.

We Can Help

We want to help keep you and your details safe. If you’re unsure of an email or messages legitimacy, contact us here. Our super sleuths will let you know if it’s a scam or not!