How to Spot Phishing, with Examples

Title: How to Spot Phishing, with Examples

Table of Contents:

1. What is Phishing?
2. Common Types of Phishing Attacks
   1. Email Phishing
   2. SMS/Text Phishing (Smishing)
   3. Phone Call Phishing (Vishing)
   4. Pop-Up Scams

3. Key Signs of Phishing
4. Tips to Protect Yourself from Phishing
   
5. Conclusion

1. What is Phishing?

Phishing is a type of cyberattack where attackers pretend to be trustworthy – imitating a company, financial entity, or someone you know to trick you into providing sensitive can happen through email, text messages, phone calls, or pop-up ads.

2. Common Types of Phishing Attacks

Email Phishing

This is the most common form of phishing, and involves fake emails that seem to come from legitimate sources like banks or online services, aiming to get you to click on malicious links or download harmful attachments.

SMS/Text Phishing (Smishing)

This type uses deceptive text messages that seem legitimate, whether from a company or family member, to prompt you to click on links or call numbers that compromise their security.

Phone Call Phishing (Vishing)

This involves calls from scammers posing as representatives from banks, tech support, or government agencies, attempting to extract confidential information.

Phone Call Example:

“This is Revolut Customer Service. An online purchase of 79.99 was made with your Revolut card. Please press 1 to be redirected to a representative, or hang up if you consent to this purchase.”

Pop-Up Scams

Fake alerts on websites can claim your computer is infected with a virus or needs “urgent” action, leading you to download harmful software or call fake support numbers. Legitimate antivirus software won’t ask you to call through a browser pop-up.

3. Key Signs of Phishing

Unusual sender addresses: Look out for messages from emails or website domains that imitate or do not match legitimate companies. Make sure to inspect sender addresses and hover over links before clicking to see where they lead to.

Urgency or threats: Be wary of urgent language like “Act now!” or “Your account will be locked!” Take a moment to verify any unusual or pressing demands, especially those related to finances or sensitive information.

Requests for personal information: Real companies rarely ask for sensitive information this way. Be especially wary of unsolicited calls asking for personal information.

Spelling and grammar errors: Poorly written content is a common red flag.

4. Tips to Protect Yourself from Phishing

Verify the sender and contact the source directly if you’re unsure about a message. 

Double-check unknown calls, texts, and emails, especially those from unknown senders or with unexpected attachments.

Be wary of unsolicited calls asking for personal information. If you receive a call from your bank asking for information, for example, verify they are calling from the official number provided on the back of your credit card.

Consider enabling Multi Factor Authentication (MFA) / Two Factor Authentication (2FA) on your accounts, which can add an extra layer of protection by asking you to confirm log-ins with an email or text code.

Don’t click on suspicious links, hover over them to first check their destination. If in doubt, don’t click. You can also use our CheckMyLink website to verify the authenticity and safety of links.

It is managed by Cyber Skills, in partnership with ScamAdviser and An Garda Síochána. You can use this to check that the website you are using is genuine by copying and pasting the website URL (link).

5. Conclusion

Phishing scams are evolving constantly, but by recognising the signs and adopting safe practices, you can protect yourself. Always remain vigilant and verify before sharing sensitive information – remember, Stop, Think, Check!