Hook, line and sinker: how to avoid phishing scams

As you may be aware, phishing is a practice that hackers use to trick their targets into sharing confidential information, passwords or access to machines and system by luring them in – hence the name phishing.

Phishing scams are normally deployed via email, but increasingly hackers are turning to social networks, spoof websites and fake online content to attract their victims. Therefore, users need to remain vigilant against falling for such attacks.

Here we share our top tips to avoid falling foul of a phishing scam.

  • Hackers are getting more sophisticated with their phishing scams. We have seen emails that very much look like they’re from Tesco or PayPal, or from a senior member of a company, designed to make you action them immediately.
  • Check the source of these emails. Does the email address (not the sender’s name) look correct? Are there any spelling mistakes or fake URLS? For example: supprot@tescouk.com.
  • Never click the links. If the email is from a bank or service asking you to log in, access the website via the URL bar or Google. This way the hacker can’t get your log in details.
  • On that note, you can check whether a site is secure or not by looking at the top of your browser, where the URL of the site is displayed. If you see ‘https’ or a padlock, you know the site you’re accessing is secure.
  • Protect your computer with firewalls, spam filters or antivirus software. There are many security solutions that can prevent or limit damage caused by phishing scams, so why not include that level of defence?
  • If in doubt, ignore it. The best way to prevent phishing attacks from working is vigilance, so if you spot something you believe to be a scam, don’t worry about opening or replying to the email.

If you want to keep up-to-date with the latest malicious software attacks, advice or information, sign up to our newsletter below. Follow us on Twitter or LinkedIn for more regular advice and insight, too!