5 tips on how to avoid phishing




Bear in mind: Viruses, trojans and malicious software attack your operating system (refer to Senwes Scenario article: ’It is time for some digital housekeeping’ available at http://senwes.co.za/DigitalHousekeeping for more information) whilst with phishing attacks, the target is you, the user.

LEARN TO IDENTIFY PHISHING EMAILS
Familiarise yourself with the common phishing language and techniques. Be on the lookout for suspicious emails containing phrases such as: verify your account details; you have won; your account is at risk; your account has been compromised; reset your account; fill in your missing details and/or your account has been closed. These emails will usually urge you to take immediate action in an attempt to trick you into clicking on a fraudulent link and obtaining your personal information.

CHECK THE EMAIL ADDRESS
Phishing emails appear as if they are legit but when you take a closer look at the “From:” field, you’ll pick up on subtle differences. Compare the spelling of the domain of a suspicious email and the format of the email address to the actual domain and way in which the company’s email address is formatted.

THINK BEFORE YOU CLICK OR DOWNLOAD
Don't click links in emails from random people you don't know. When in doubt, hover (without clicking) over the link to see the web address it is linking to. Be alert to misspelled domains and/or unknown web addresses and don’t download any attachments from unknown sources as they might contain malware.

LEARN TO WATCH THE ADDRESS BAR
Even though many web browsers are moving away from a big focus on the address bar, it remains an extremely important part of your browsing activity. The easiest way to identify a phishing scam is to eyeball the address bar. The crucial part of a URL (the website’s address) is the part immediately preceding the .com, .co.za, .net, etc. Be sure that you are on an authenticated website and not a suspicious subdomain.

For example: https://www.fnb.co.za/ is the legitimate URL whilst http://fnb.ineedmoney.co.za is fake. Only enter sensitive data into authenticated and secure websites. Secure websites can be identified by the closed lock icon before the URL and the ‘s’ in ‘https’.

NEVER ACCESS YOUR BANK’S WEBSITE BY CLICKING ON LINKS IN EMAILS
Phishers specialise in creating websites that are visually similar and sometimes appears almost identical to a real business or bank’s website. To be safe, don’t click on banking links in emails, no matter how authentic they seem. Instead, access your bank’s website directly. Also bear in mind that your bank will never ask you to send your password or personal information by email. When in doubt, rather call your bank directly for clarification.