Phishing is the favoured method of cybercriminals throughout the year, however, there’s always a massive spike in phishing scams at Christmas.
Cybercriminals send legitimate-looking emails with links designed to steal your personal information or attachments that are likely to install malware or ransomware on your PC.
Phishing emails can sometimes be hard to spot as they usually look like they’ve come from a reputable source. They often create a sense of urgency to encourage you to hand over details that you would normally be wary of providing. Fraudsters rely on making their email look professional enough to gain your trust.
It’s important to exercise caution before clicking on links (e.g. move your cursor over the link to display its address), even if they seem to come from a trusted source.
You should never open an email if you are suspicious about its intent, don’t let curiosity get the better of you! Never click on links or open attachments in e-mails unless you are confident of their authenticity.
You should only enter confidential information (including passwords) on a secure page (for example “https”, rather than “http”). If your browser warns you of a problem with the certificate you should discontinue the session immediately.
Vigilance should be practiced when you receive unexpected emails at any time of the year. Particularly any that stress a sense of urgency, ask for personal information or contain any attachments that you are not expecting.
If you are at work and accidentally or unintentionally click on a link that you think may be a phishing email, follow your compliance management training and contact your IT help desk. It may also be worthwhile contacting your bank to check for any fraudulent charges and you should change your passwords immediately to reduce the chance of other accounts being hacked.