鈥淧hishing鈥 is what happens when someone manages to get control of your username and password through pretending to be in a position of authority. It can take many forms, from fake phonecalls to emails inviting you to a website where you鈥檙e told you need to 鈥渞e-enter username and password鈥, and all it does is report these back to the phisher.
We鈥檝e talked in the past about staying safe online, but phishers use tactics specifically designed to get around the defences you build up. Here鈥檚 our top tips for avoiding getting caught out:
- Always be wary of links in emails.
It doesn鈥檛 matter who sent an email, always be wary of anything within it. It鈥檚 very possible that the person sending you an email might have had their account compromised, so you can鈥檛 trust anyone! - Don鈥檛 download strange attachments
Traditionally, people looking for your details might have sent attachments as program files which can harm and monitor your computer. These days, they鈥檙e sneakier – a common tactic is to send a Microsoft Word document which, when opened in preview mode, invites you to enable Macros – this will let the virus take control of your machine. Unless you know the person sending you something, don鈥檛 download it. - Make sure you鈥檙e on the right website
One of the most common methods of stealing your username and password is to create a fake website to collect your data when you try to login. For example, if a real URL is https://mail.google.com/mail, a spammer might attempt to use https://mail.googlecom-mail.com – at first glance it doesn鈥檛 look too strange, but it鈥檚 a trap – the domain here is googlecom-mail.com, not google.com/mail! - Use HTTPS
When browsing websites, you might have noticed a little green padlock to the left of the address bar on some websites. This means that the website you鈥檙e on is secure and encrypted – no-one can sniff out your details. You shouldn鈥檛 send login details over non-secure websites; in fact this is one of the easiest way to tell a 鈥渇ake鈥 website from a real one.
Remember, the point of phishing is creating things that are not as they seem. Remain vigilant – techniques are constantly evolving and changing, and you really can never be too careful!
