Phishing scams involve fake emails that try to trick you into giving up personal details. The message is the ‘lure’, but what you’re asked to give up is pretty personal information, like bank account passwords or credit card details. ME will never ask for your password or credentials via email.
Why would anyone share this sort of information? The answer is easy. Phishing scammers make their emails look as though they come from a trusted sources, usually a bank or a government department.
There are plenty of ways phishing emails can catch you out. You may be asked to provide bank account details so a tax refund can be paid to you. Or asked to provide your credit card number to cover the cost of delivering an unexpected parcel. Or the sender may say they need to look into unauthorised activity on your account.
The common thread however is that the emails include a link for you to click on or an attachment to download. Both will take you to a fake website that asks for your personal details.
If you provide the details, you’re as good as opening the door to your bank account or credit card. The damage may not end there. Phishing scammers can infect your computer with dodgy software that harvests even more data, letting the crooks steal your identity.
Picking the fakes
It can seem hard to pick phishing emails from the real thing because the message may include the logos of big companies, the Tax Office or Australia Post. But scratch the surface, and spotting a phishing email can be surprisingly easy.
Before you click open an unexpected email, hover your mouse over the sender’s email address. While the email may appear to be from, say, PayPal, this hovering process may show a very different source – often a junk email address like, say, paypal@notice-access-666.com, which shows PayPal is not the domain name.
If you open the email, it may be addressed to “Dear Customer” rather than greeting you by your first name (like, say “Dear John”), which would be the case if the sender was genuine. Even so, it can be tough sorting some phishing scams from the real deal. To be sure you don’t fall for the scam, always check where a link will take you before clicking on it. Just hover your mouse over the link to see the destination address, which will appear in a small bar on the bottom of your browser. If it looks dodgy, or even if you’re just unsure, call the sender using a number gained from a reputable source – not the email, to check whether the email is genuine.
A bit of extra caution can keep you and your money safe online, and when it comes to phishing emails, aim to be the one that got away.
This article is prepared based on general information. It does not take into account individual financial objectives or needs and is not financial product advice.