This Alert is about phishing (pronounced FISHING)
Phishing is the most common form of cyber-attack. It is defined as ‘the fraudulent practice of sending e-mails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.’ Criminals who carry out phishing attacks try to trick you into providing your information so they can use it for their own means. They typically use e-mail, social media platforms, text messaging and phone calls but could use any form of communication to persuade you to share sensitive information.
How can I spot a phishing e-mail?
There are some common signs to look for to help you identify a phishing e-mail:
• Poor grammar, punctuation and spelling
• Inconsistent design and quality compared to genuine corporate e-mails
• No use of your name, but rather a reference to you as ‘friend’, ‘valued customer’ or ‘colleague’
• A veiled threat, asking you to act urgently such as ‘send these details within 24 hours’ or ‘click here immediately’
• Unusual sender name, or an incorrect impersonation of someone you know.
If it sounds too good to be true, it probably is. It’s most unlikely that someone will want to give you money, or give you access to a secret part of the Internet. Your bank, or any other official source, should never ask you to supply personal information from an e-mail. Please see the attached guide at the bottom of this Alert for further information.
More information can be found here:
http://surreynhw.org.uk/pages/4290/1/Downloads_Collateral.html