Phishing

Find out what phishing is and how to spot a phishing email. Visit the APACS website to have a look at the latest phishing scams that have been reported.

• Phishing is when random emails are sent to an individual or business, pretending to be from a genuine company or bank, in an attempt to trick customers into disclosing their personal account information
• If customers do disclose this information, it is in fact entered into a bogus website operated by fraudsters. The criminals have subsequently captured your personal information to use for fraudulent purposes
• These phishing emails usually claim that it is necessary for customers to 'update' or 'verify' your customer account information, by clicking on a link from the email which takes you to the bogus website

How to prevent yourself from becoming a victim of phishing

• Be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a reliable source
• Although your bank may contact you by email, they will never ask you to re-confirm your log-in or security password by clicking on a link and visiting a website
• Stop to think how your bank normally contacts you
• The email address in the 'From' field of an email is not a guarantee that it came from the person or organisation it says it did. It is very easy for phishers to create a fake entry in the 'From' box
• The fraudsters will almost certainly not know your real name or anything else about you, so they will often address you in vague terms, e.g. 'Dear valued customer'
• An email from phishers will often contain odd "spe11ings" or "cApitALs" in the subject box, as well as grammatical and spelling errors (this is an attempt to get around spam filters)
• Never log-on to your online banking account by clicking on a link in an email. Open your web browser and type the bank's address in yourself
• If you doubt the authenticity of an email purporting to be from your bank, contact them on an advertised phone number
• If you visit a website after clicking on a link from an email, there are many ways that phishers can disguise the true location of a fake website in the address. The website address may even start with the genuine site's domain name, but even this doesn't guarantee that it's taking you to the right website. Phishers may use numerical web addresses or register a similar address to a bank address
• Phishers have also been known to display the correct web address in the link from the email to a website, but also display a fake pop-up window on top. In this instance, you can see the real website in the background, but any information you type into the pop-up window will be collected by the fraudsters
• Top access your online banking account, type the web address into a new window yourself.
• Find out how to report a scam on APACS' Bank Safe Online website

To have a look at some of the latest phishing scams that have been reported, visit APACS' Bank Safe Online website