Phishing, a play on the word ‘fishing,’ is a term used to describe the types of emails used to lure people into divulging their user names and passwords for internet banking, Ebay, and other sensitive sites.
Common emails are banks, Ebay and Paypal.
These phishing emails are incredibly sophisticated. I teach courses on how to recognise these emails at our local community house and I have to tell you that some of the more professional scam emails have me double and triple checking.
Banking ones typically ask you to verify your details by clicking on a link. Ebay and Paypal tend to use phrases like ‘your account has been suspended,’ or ‘your account has been fraudulently used and you need to take action.’ The thing all of these emails have in common is the action you are required to do, either click the link or enter your details.
It’s not always easy to spot a phishing email. They can look incredibly genuine. Any email originating from Ebay will always contain your full registered name and your Ebay ID. If you’re still unsure, look at the email address it was sent to, is it your registered ebay email? Look on your ‘my messages’ folder in ‘my Ebay,’ is the message there?
So, what do you do if you get a phishing email in your inbox? The easy thing is to just delete it. Never, ever, and I repeat again, never, ever, click on the link or enter your user name or password.
If you want to help stop these types of emails you can also send them onto the company they are copying. For example, when I get Paypal phishing emails I always forward them to email@example.com Ebay ones I forward to firstname.lastname@example.org You can use your nouse and look up the bank the email is purporting to be from and find their abuse/fraud email contact details and forward it to them as well.
Taking action like this helps stamp out internet phishing scams…I know that it is like stepping on an ant, there’s always 1000 more coming out of the hole in the ground, but at least it’s one ant that won’t be causing any more trouble.
Just remember this golden rule: Never, ever, divulge your username and password just because an email asks you to. Always verify, verify, verify. And if unsure, forward it on to the institution in question and ask them if it’s real.