A Phishing scam is an email that appears to be legitimate but is, in fact, an attempt to steal money or trick an individual into disclosing personal information.
The email will be designed to trick the recipient into entering confidential information, such as an account number, password, pin or by clicking on a link.
As soon as users click on a link, they may be directed to a website that will steal their sensitive information or their computer may be infected with malware. Cybercriminals will then use this information to commit identity fraud or sell on to another criminal third party.
In recent years, there has been a massive increase in phishing scams as criminals find it one of the easiest ways to defraud people and con them out of money.
Our increasing reliance on the internet to conduct much of our day to day activities has provided the ideal platform for criminals to launch targeted attacks and dupe unsuspecting users into falling for their online scams.
Unfortunately, this massive increase in phishing scams has meant that we’ve all been on the receiving end of having one of these dodgy emails come into our inbox.
Steps to reporting a phishing scam
If you open an email that you believe to be a phishing scam, you may be wondering what to do next.
The first and most important step is to make sure you don’t click on any links or open any attachments contained within the email. The next step is to report the phishing email to the relevant authorities to try and stop the scam from targeting more victims.
The following authorities should be contacted:
1. Internet Service Provider
If you’ve spotted a phishing email in your inbox, it’s important to report the scam to the internet service provider that was used to send the email.
– If the scam email came from a Yahoo account, you should send it to firstname.lastname@example.org
– If the email was sent via Gmail, press ‘Report Spam’ button
– If the email was sent via Hotmail, press ‘Report Phishing’ button
As soon as you report the phishing email, the Internet Service provider will close the account that the email was sent from.
2. The Company spoofed in the email
If you receive a phishing email that purports to be from an official company such as a bank, or online retailer, it’s important to notify the company so they can warn other people about the scam.
Companies will often create a dedicated page on their website that will inform customers what signs to look out for and what steps they should take if they fall victim to the scam.
3. Report to Action Fraud
Action Fraud is the UK’s national reporting centre for fraud and cyber-crime. It provides a central point of contact if you have been scammed, defrauded or experienced cyber-crime in England, Wales and Northern Ireland.
Any reports of fraud will be forwarded to the National Fraud Intelligence Bureau run by the City of London Police for analysis. This will help develop crucial intelligence that may disrupt the criminals in their tracks and enable preventative action to be taken.
Phishing emails are becoming increasingly more sophisticated and difficult to detect, but there are a number of signs we can look out for that may alert us to a dodgy email.
Signs of a phishing email include:
- A generic greeting such as “Dear Customer” – Official correspondence from companies will always include your name
- Poor grammar and spelling mistakes
- Urgent or threatening language -The email may warn that you must make payment immediately or your account will be closed down
- A request for information such as login details or banking info – Legitimate businesses will never send emails requesting you click on a link to enter or update personal data
- A mismatched URL – The web address does not match the address listed
- Unexpected correspondence – An email may notify you that you’ve won a prize for a competition you’ve not even entered
Despite the increasing sophistication of phishing attacks there are a number of ways you can protect yourself online. MetaPhish has been designed to provide the first line of defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.