The internet has revolutionised our lives. Unfortunately, the world wide web has had the same effect on crime as fraudsters have caught on to the power of cyberspace. If you have an email account, you will have likely received phishing emails at some point, even within the last week. Phishing refers to being sent a fraudulent email designed to fool the recipient into thinking it’s from a legitimate organisation. The email will use threats or promises to encourage the recipient to click on a link to what seems to be a genuine website and provide their bank details or other personal data. The waiting criminals either use this information to commit fraud or sell the data on to other criminals.
We might like to think that we would be able to spot a phishing email, but our confidence may be overstated: computer security software firm Intel Security have warned that 94% people, who took part in a survey, were unable always to spot the difference between a real and phishing email. It’s not surprising then that fraudsters persist with phishing emails: one out of twenty might just work. Fraudsters have set up thousands of websites masquerading as major businesses: even HM Revenue & Customs has been impersonated. The real Revenue worked to shut down a staggering 8,877 scam websites in 2014 – how many more they have closed in 2015 remains to be seen. Clearly, phishing is a wide-spread crime. How can we protect ourselves?
While the Revenue does email information to taxpayers, Nick Lodge, Director General of Benefits and Credits at HMRC, stated categorically, “HMRC will never ask people to disclose personal information by email.”
Phishing emails pretending to be from the Revenue and other government agencies may be popular with criminals as they play into the fear honest folk have of breaking the law or being fined for not paying their taxes. Conversely, a friendly email from a government organisation promising a tax refund can seem innocuous. Do not trust any email from the Revenue that asks you click on a link and provide information. If the Revenue believe you are due a refund or you are late with your taxes, they will write to you.
Phishing emails also tend to avoid using your name, as the sender doesn’t know it. Be aware phishing emails might use the first part of your email address as your name in the hope that will fool you into thinking the sender knows you and is, therefore, genuine.
Be wary of emails that make threats which are out of proportion to the alleged misdeed, particularly if you know, the offence is impossible. Sending the bailiffs round to seize assets due to non-payment of a £126.38 store credit card bill you never had just doesn’t make sense.
Ask yourself whether the information being asked for is realistic: why would a bank ask you to confirm your account number? They already know it!
The above is by no means an exhaustive list. If you have any doubt as to the legitimacy of an email, many of the major businesses have dedicated “phishing” email notification addresses to whom you can forward the suspicious email. They will then inform you whether or not the email is genuine.
We hope this blog has been useful to you and will help keep you safe online.