Phishing scams can come from many sources, including phone calls, text messages, emails, or social media. The scammer’s goal of a phishing scam is to trick someone into volunteering sensitive personal information, including credit card numbers, account passwords, or bank account numbers.
A phishing scammer will contact you out of the blue posing as a legitimate business, like a bank, telco, or internet provider. The scammer will ask you to provide personal details to confirm your identity, usually offering a tall tale as to why they’re contacting you. Alternatively, a phishing email may direct you to a website that appears legitimate but has slightly different spelling in the web address.
Whichever way a phishing scammer receives personal information, these details will be used to perform fraudulent activities. For emails, keep an eye out for spelling or grammatical errors. Also pay close attention to the sender’s email address. Don’t click on any links or email attachments asking you to verify your details; either delete them or forward these emails to the corresponding legitimate organisation (if they have a dedicated phishing email address).
You can also search for the exact phrasing of an email to identify scams online. Also keep an eye out for the padlock symbol or ‘https’ in the full website address, as legitimate websites tend to have these things, which indicates a secure site. If you’re unexpectedly contacted and asked for personal details, ask for the caller’s name and contact number, then search online to see if that contact number matches the actual contact number of the organisation you’re with. Actual representatives will understand the importance of user security and won’t mind you being diligent in calling them back, whereas phishing scammers may get upset, hang up on you, or try to convince you to stay on the call.