Spot A Scam
Identifying whether a website is real, or fake can be challenging.
We've created the ‘CheckNetsafe’ Anti-Scam Tool, which helps you determine the legitimacy of a website or link.
Phishing, also known as email scams or email fraud, is a deceptive tactic used by cybercriminals to trick individuals into divulging sensitive personal information like bank account numbers and passwords.
Last Updated30/07/2024
Phishing, also known as email scams or email fraud, is a deceptive tactic used by cybercriminals to trick individuals into divulging sensitive personal information like bank account numbers and passwords. It often involves scammers contacting a large number of individuals in an attempt to have them disclose confidential information, such as passwords, bank account numbers, and other financial information.
Scammers use this information to impersonate and/or defraud people. Phishing scams can seem like they’re specifically targeted at you, but in reality the scam is being sent to hundreds, if not thousands of people at the same time – only some of these people need to fall for it to make it profitable. Understanding more about phishing scams can help you recognise these scams and safeguard you against potential identity theft and financial exploitation.
If you think you’ve been the target of a phishing scam you can contact Netsafe for advice and guidance. Our helpline is free, confidential and available 7 days a week.
If you think you've received a phishing email it's important that you:
- DO NOT open it
- DO NOT reply to it
Some phishing emails look obvious, others are not. Email scams are becoming increasing difficult to spot as scammers become more sophisticated and develop their techniques.
Below are some basic rules to follow to help keep yourself safe online. If you’re still unsure if an email is legitimate or not, you can contact us for guidance and advice.
Be cautious of emails that:
Scammers often source contact details like names, email addresses, and phone numbers from various online platforms. This information can come from data breaches or be publicly accessible, such as through online business registrations or social media profiles.
Scammers gather information about a large group of people and send out a bulk email to many in the hope that a few will respond. These emails are crafted to mimic those from legitimate entities like banks, charities, or known businesses by using similar branding, logos, and language.
These emails often include requests for personal information under the guise of needing confirmation or verification. This request may come in the form of:
Sometimes, phishing scams may involve the installation of malware(/online-safety-at-home/anti-virus-software) on the recipient's device if they click on a link or open an attachment. This malware can then be used to steal personal information or cause other harm.
Phishing emails will typically ask for highly sensitive information like bank account details, credit or debit card numbers, account credentials, or even drivers’ licence or passport details.
Scammers often create 'spoofed' emails that are designed to look like they are from the legitimate business or organisation being impersonated. This includes manipulating the sender information to appear authentic.
If you suspect there may be malware on your device, it is advisable to consult with a professional IT specialist who can identify and remove the malware for you.
The scammers make contact at random, with claims to need your details to authorize a fake transaction or dispute a fake charge or invoice. They lead people to realistic websites for you to input your personal information, or direct people to websites which download viruses on to your computer.
This is the same as regular phishing but is very targeted. Scammers will focus on a specific organisation or individual and customise the phishing email. These attacks are more likely to deceive due to the time spent on researching and personalising the message that may appear as coming from legitimate senders.
A whaling attack is similar to spear phishing, except the scammer will target high-level management. Whaling attacks will attempt to scam more valuable targets or more classified information.
This is identical to phishing but is sent on mass scale via text message (SMS). These may impersonate a:
Phone call or voice message phishing scams typically involve direct communication with a scammer through phone calls. Sometimes, these scams manifest as automated messages, which play when the target answers the call or when it goes to voicemail. These messages often mimic legitimate business directories, instructing the individual to press an extension number to dispute a supposed charge or make changes to an account.
If you think you’ve been targeted by a phishing scam, inform your friends and family to help them avoid falling victim.
You can contact Netsafe seven days a week for free, confidential and non-judgmental advice about an online issue impacting you or someone you know.
Whilst we cannot investigate or track scammers, we can provide advice on steps you can take to stay safe and what to do if you think you’ve been scammed.
Identifying whether a website is real, or fake can be challenging.
We've created the ‘CheckNetsafe’ Anti-Scam Tool, which helps you determine the legitimacy of a website or link.
Here are some options for Malware scanners from well-known, reputable companies.
For PC: ESET online scanner(http://www.eset.com/int/home/products/online-scanner/) or Kaspersky Virus Removal Tool(http://www.kaspersky.com/antivirus-removal-tool?form=1). After this scan has been completed, you can run Malwarebytes Anti-Malware(https://www.malwarebytes.org/) free edition.
For Mac: Bitdefender Antivirus for MAC(https://www.bitdefender.co.uk/solutions/antivirus-for-mac.html?icid=UK_mac2017&irgwc=1&clickid=3luy%3ABTmiW3KT9IwPkx%3AeR3qUkmzsBRtt3R-Ro0&cid=aff%7Cc%7CIR) or ESET Cyber Security for Mac(https://www.eset.com/uk/home/cyber-security/) or AVG Antivirus for Mac(https://www.avg.com/en-gb/all-products?utm_source=CJ&utm_medium=CPA&utm_campaign=3641069#platform=mac) are also good alternatives.
Download our handy guide to stay vigilant and be ready to spot common scams.