,

A Short Guide to Spotting and Reporting Phishing Scams

October 21, 2024
Jenny Mezie-Nwagbo

A Short Guide to Spotting and Reporting Phishing Scams

Imagine this: You receive an email offering a free shopping voucher for a limited time. Excited, you click the link, and suddenly, your computer starts acting strange. Chances are, you’ve just been phished.

Phishing attacks are one of the most common methods cybercriminals use to gain unauthorised access, spread harmful content, and steal sensitive information.

What is Phishing?

Phishing is a type of scam where attackers send fake emails or set up fake websites to trick people into sharing personal information, such as passwords or bank details. These emails often contain links or attachments that can infect your device with malware or lead you to a fake site designed to steal your information.

What makes phishing so effective is its ability to closely mimic legitimate communication channels such as email, SMS, and even phone calls. Cybercriminals pose as trusted entities like banks, service providers, or even friends to trick unsuspecting users into taking harmful actions.

How to Spot Phishing Attempts

Scammers use various tricks to lure you into their traps. Here are some telltale signs:

  • Suspicious Email Addresses: Always double-check the sender’s email. Scammers often use addresses with small misspellings that can be hard to notice, like replacing a capital “I” with a lowercase “l.”
  • Poor Grammar and Spelling: Many phishing emails contain errors in spelling and sentence structure. While some scammers are getting better at this, legitimate organisations typically use professional communication. While this feature might have lost its relevance due to the widespread availability of artificial intelligence tools that can correct grammar mistakes, look out for the accuracy of any facts presented in the message to you. E.g. “You have been selected to win 10 million Dollars in our weekly raffle” If you never submitted a raffle ticket/entry, why are you receiving a “selection message?”
  • Urgent or Threatening Language: Be wary of emails or messages that urge you to act immediately or threaten consequences if you don’t. Scammers try to create a sense of panic to trick you into making hasty decisions. 
  • Requests for Sensitive Information: Legitimate companies will rarely ask for personal information like passwords, Social Security numbers, or banking details through email. Be cautious if you receive such requests.
  • Generic Greetings: Emails that start with “Dear customer” instead of using your actual name are often phishing attempts.

How to Avoid Phishing

Here’s how you can protect yourself from falling victim to phishing:

  • Keep Your Software Updated: Regularly update your operating system, browsers, and apps to safeguard against the latest threats. An easy hack for this is to turn on “automatic updates” for all your devices to avoid missing important updates once you’re connected to the internet.
  • Use Multi-Factor Authentication: This adds an extra layer of protection to your accounts. Even if a hacker gets your password, they’ll need the second factor to gain access. 
  • Avoid Clicking on Suspicious Links: If an email contains a link, don’t click it right away. Instead, visit the official website directly by typing the URL into your browser.
  • Verify Through Trusted Channels: If you receive an unexpected message from a bank or a friend, contact them directly using official communication channels to verify.
  • Enable Anti-Spam Filters: Many email services offer filters to catch phishing emails before they reach your inbox.

How to Report Phishing

If you think you’ve received a phishing email or message, it’s important to report it. Here’s how:

  1. Forward the Email: Send the phishing email to your email provider or the service provider being impersonated. Many companies have dedicated teams to handle phishing reports.
  2. Use In-App Reporting Features: Most email services like Gmail and Outlook have built-in options to report phishing. Use them to flag the message as suspicious.
  3. Report to Government Agencies: You can also report phishing scams to government agencies like the Nigeria Police Force – National Cybercrime Center at https://nccc.npf.gov.ng/ereport/  or your country’s equivalent.

By reporting phishing attempts, you’re not only protecting yourself but also helping others avoid these traps.

Sources 

Related Posts

Scroll to Top