Have you been the victim of a Phishing scam? Or do you know anyone who has? Here are some easy ways to spot the scam:
- Be suspicious of anyone who sends an email asking you to verify or update your account details by clicking on a link. E.g. If an email purporting to come from Paypal tells you your account has been suspended, manually type in the address of the Paypal site to check if indeed your site has been suspended. No legitimate organisation will send you an email with a link asking you to login.
- If you do happen to click on the link of a phishing site, there is any easy way to spot that it’s fraudulent. Going back to our example of Paypal. If the sender way from Paypal, the “Top Level Domain” (the bit that shows after the “http://www”) would be http://www.paypal.com. But if it’s a phishing site, this address will be something else. More often than not, it’s an address consisting of a series of numbers. Examples are:
http://signin.paypal.com@10.19.32.4/
http://83.16.123.18/pp/update.htm?=
And even then, the address really can look like it’s from Paypal, https://www.paypal.com/=cmd_login_access so don’t risk it, open a new window, and manually type in the Paypal address. - But the real give away that you’re on a phishing site is that you can type in any gobbledegook you like into the username and password box and it will still log you in! A website that accepts any username and password is a scam!
If you think you’ve spotted a phishing scam, make sure you report it straight away. In the first instance you should inform the organization who have been used for the scam. You can usually search for the appropriate contact details on Google by using the search keywords: “Report [Company name] phishing scam”. Paypal have a specific email address for reporting scams: spoof@paypal.com
You can find more useful anti-Phishing resources here.
