Sales Hotline
0845 026 0237
Customer Care
0871 230 9297

You are here: Home > Tutorials

Protect yourself online

What is phishing?

Phishing has become an increasingly common type of spam that in the worst instance can lead to theft of personal details such as credit card numbers or online banking passwords.

Phishing attacks are carried out by a scam artist who sends out "spoof" emails that appear to have come from a legitimate website. The "spoof" emails are usually from a source that you recognise - it could be a credit card company, a bank, or even your ISP, in fact it could be from any site which requires users to have a personal identity or account.

A typical "spoof" email may claim that you need to update your account details online. Phishing emails may also direct you to a website or pop-up window which looks exactly like the real site, don’t be fooled, this site will have been set up for the sole purpose of stealing personal information. Remember banks and other organisations will not ask you to disclose confidential information via email or by linking to a site through email and will certainly never ask you to reply to the email disclosing credit card numbers, passwords or other details.

You may think this sounds simple enough but phishers are able to convince up to five per cent of recipients to respond! How can you protect yourself?

Be aware of your surroundings
If you are using the Internet in a public space, be aware of anyone monitoring you. Even (CCTV) can capture personal details.
Check the website you are visiting is secure
Check the web address in the address bar. If the website you are visiting is on a secure server you can recognise this by the web site address at the top of your screen, which should start with 'https' ("s" for security) rather than the usual "http://". Also look for a padlock icon on the browser's status bar, this indicates that the website has been issued a certificate by a trusted third party company and lets internet users know that the web site is secure. To check the certificate, click on the yellow padlock symbol displayed at the bottom of your browser screen. Check that the name on the certificate matches the site you are in and that it has a valid date.
Visit websites by typing the URL into the address bar
Phishers often use links within emails to direct their victims to a spoofed site. The website address they are directing you to may look genuine but there are several ways this can be faked. Avoid links and instead opt for typing in the URL in to the address bar or contacting the company directly.
Avoid opening emails from unknown senders
If you don't recognise the sender, or if you are in doubt about the source of an email, it's best to delete it without reading the content.
Emails are often used to spread viruses or provide an entry point for a hacker to access your computer. This also applies to email attachments
Always report suspicious activity
If you receive an email you suspect isn't genuine, forward it to the organization that the email should have come from, many companies have a dedicated email address (anti-abuse) for reporting emails in these instances.
Clear your cache
It's a good idea to clear the cache on the computer you are using when you have finished, especially if it is a shared computer or you were using a PC in a public place. The cache (or Temporary Internet Files) store the web pages you have viewed, in your computer's memory. Clearing the cache will prevent others from calling up the last page you visited. When you have cleared your cache and history, close down the web browser itself.
Keep your PC secure
Install anti-virus software and keep it up to date, this willl help detect and disable malicious software.
Using anti-spam software will stop phishing emails from reaching you. It is also important, particularly for users with a broadband connection to install a firewall, this will protect against unauthorised remote access to information held on your PC.
Always log-out
Never leave your computer unattended while connected to any site you are using, especially if you are shopping or banking online.
Log-out correctly when you have finished working online to ensure that the connection is dropped, before disconnecting and leaving your computer.