We are sharing this update from ACCA, our professional body, for the interest of clients and contacts. The content is (c) ACCA

How to stay off the hook when it comes to phishing attacks

Depending on which report you read, phishing accounts for 20%-30% of all malicious activity on the internet. ‘Phishing’ is when criminals use scam emails, text messages or phone calls to trick their victims. The aim is often to make you visit a website, which may download a virus onto your computer, or steal bank details or other personal information.

To help keep you safe here are some general principles you can apply:

  1. If it looks too good to be true, it almost certainly is. You have not won a dream car/holiday/house, no wealthy royal is planning to make you rich if you help them get their money out of the country and those dating tips are probably not going to help you find your dream life partner.
  2. Be wary of any emails that ask for information or include documents or links that you are not expecting, even from what looks to be a knows source and particularly from an unknown contact. If you’re not sure don’t click! It’s always better to seek advice if you have doubts.
  3. Watch out for emails that try to inject a sense of urgency – criminals rely on a cheap psychological trick to try and undermine your decision making and have rush into an action for fear of something bad (an increase in a fine of some kind is a common one, as is a delivery that will be returned to sender without swift action).
  4. Pay attention to URLs included in emails, they can easily disguise the true destination. Common tricks are to use link shortening services or to spoof a legitimate website. You can usually spot the latter by hovering over the link.
  5. Check the sender. Criminals will often spoof an official looking sender name like Amazon or your preferred bank, but genuine organisations will often show you the actual address that sent the email. If it doesn’t come from their official address, it’s not them.
  6. Watch out for poor spelling and grammar; if it doesn’t look professional, then it probably isn’t.

Next steps

If you believe you have received a phishing email, you can report it to the National Cyber Security Centre (NCSC). The NCSC is a UK government organisation that has the power to investigate and take down scam email addresses and websites.

Reporting a scam is free and only takes a minute.

Reporting a scam means that you can help protect yourself and others from cybercrime online.