With the increasing amount of email scam, cyber attacks and the sophisticated phishing that we are now experiencing, we thought we should write an article to help clarify what to look out for and what to do if you suspect you have been targeted by email scam.
As the name suggests, phishing is like trying to catch a 'trophy fish'. In this case scammers will attempt to get your personal details such as your banking information - logins, user names, passwords and email account details. They can come in the form of impersonating your bank, a personal friend or business organisation and look just like the genuine article, by using the correct logos and icons to make the email appear authentic.
They also target Facebook users, by hacking into their account and then taking on their identity and contacting all the user's friends in Messenger. These messages will appear genuine as they look identical to 'your Facebook friend'. They will start by asking how you are and then after a casual chat posing as your friend, they alert you to a great offer that they found and received in the hope that you will fall for their scam.
Scammers will contact thousands of people in the hope that a few 'fish' will be caught in their net. They often pose as legitimate organisations offering some sort of bargain. These fraudsters may email you about your so-called 'prize win' and to acquire your winnings you would need to provide confidential banking and login information.
Other cyber attacks use threats or scare tactics threatening to shut down your computer or close an account if payment is not made or if you do not provide details. We have found emails claiming that online accounts or subscriptions have been cancelled or have expired because details needed to be updated. These scams usually come in the form of emails but can also be phone calls which appear totally legit.
Phishing attempts usually appear real due to the fact that the scammer is impersonating a trusted individual or organisation. They could be pretending to be your phone or internet company, a law firm, your financial institution, one of your trusted suppliers or perhaps the government. The fraudster asks you to upgrade your information, give more information, complete a survey, make a settlement or another demand that gives them access to your personal confidential info.
There are various other types of phishing scams including:
Spear phishing is similar to normal phishing, but there is a specific reason why certain individuals have been targeted for a cyber attack.
Whaling is a type of cyber attack that is highly targeted to a particular person or organisation that the scammers feel they can gain a lot from – for instance, top-level business executives, politicians and famous celebrities.
In brief, the answer is NO. Some phishing email scams are easy to recognise while others are not. Scammers have become increasingly sophisticated and clever with their online scams and are increasingly difficult to spot. The best advice is not to click on any links in the email or open attachments without first making sure it is from a legitimate source and one that you were expecting to receive. Also don't reply to an email that you don't recognise or are not sure about.
1. Be wary about emails asking you to update your information online
2. Be suspicious if emails say you are a winner and you have no recollection of entering a competition
3. Be on your guard if emails threaten you with the loss of an account or with legal action
4. Mark emails as spam and ignore them if they ask you for personal details such as passwords or your bank details
5. Banks will never ask for your password via email
6. If in doubt about the legitimacy of an email, try searching online using the exact email subject or wording followed by the word 'scam?'
7. Alert organisations when you think you have received a phishing email supposedly from them
8. If you are concerned that you might have been scammed contact your bank or organisation immediately
9. You can forward suspicious emails to the relevant organisation or bank to alert them about the scammer
Use the following email links for forwarding a phishing email to the relevant legitimate organisation:
Waka Kotahi (NZTA): firstname.lastname@example.org
For help if you think you have been scammed in a phishing email or are not sure whether you have been targeted, and if you have experienced harmful content online, you can report an email scam or suspected phishing attempt to www.netsafe.org.nz/report.