"Phishing" is one of the most common cyberattacks. You'll get an email (usually), a text or a phone call by someone pretending to be someone else, to try and get confidential information from you.
Perhaps you've had an email from your bank asking you to click to confirm a few details, or from the Inland Revenue asking you to claim an unexpected tax refund? That's phishing.
How can you spot a fake email from a real one?
- The message will often be "too good to be true". Anything that appears to be too good to be true, probably is, and should ring alarm bells.
- There will be a sense of urgency. You'll be persuaded to act now or miss out in some way. Take a breath and think before you click.
- Hyperlinks will be nearly right but not quite. Hover over the link before you click and check that it matches the sender's details exactly.
- The message will include an attachment. Banks and other institutions never send emails with attachments as they know they can be dangerous. So avoid emails with attachments and never save or open files attached to emails unless you know the sender and were expecting the communication.
- The sender isn't someone you recognise or the email is a surprise. Be suspicious and perhaps contact the sender another way to check that the email is legit.