Business Crime - Phishing & Pharming

e-Crime Wales

27 Mar 201501:51

Summary

TLDRThis video provides essential tips on how to identify phishing and pharming scams. Phishing often involves fake emails, tricking recipients into providing personal information, with scammers imitating legitimate organizations. Key signs of phishing include unsolicited requests for sensitive data, suspicious email addresses, and spelling mistakes. Pharming fraudsters create fake websites to steal data, often disguised as official sites. Indicators of a pharming site include unusual web addresses, poor grammar, and incorrect spelling. To protect yourself, always verify contacts and check websites for 'https'. Stay vigilant to avoid falling victim to these online threats.

Takeaways

😀 Phishing emails trick victims into giving personal information by impersonating legitimate organizations.
😀 Banks will never email multiple recipients or ask for sensitive details like card numbers, PINs, or personal information.
😀 Well-known organizations avoid using free email services (e.g., Gmail, Hotmail) and ensure proper grammar in their communications.
😀 Hover over email links (without clicking) to reveal the true website address, helping identify phishing attempts.
😀 If you suspect a phishing email, search online to see if it's reported as a scam or contact the organization directly using verified contact details.
😀 Pharming involves fraudsters creating fake websites that closely resemble official ones to steal personal or bank information.
😀 Be cautious of websites that use 'http' instead of 'https', as the latter indicates a secure connection.
😀 Be wary if the website's address ends with something other than a standard domain like '.co.uk' or '.com'.
😀 Look for spelling errors and poor grammar on websites to spot potential phishing or pharming scams.
😀 Always verify the legitimacy of websites or emails by contacting the organization directly using known, trusted details.
😀 Report fake websites and phishing attempts to Action Fraud to help protect others and combat e-crime.

Q & A

What is phishing and how does it work?
-Phishing is a type of scam where fraudsters use fake emails to trick individuals into providing sensitive information. These emails often appear to come from legitimate organizations, making them difficult to spot.
How can I identify phishing emails?
-You can identify phishing emails by checking for certain red flags: Banks will never ask for card details or PINs via email, legitimate organizations won’t use free email services like Gmail, and emails will often contain spelling or grammar mistakes.
What should I do if I receive a suspicious email asking for personal information?
-If you receive a suspicious email asking for personal information, you should never respond or click on any links. Instead, contact the organization directly using verified contact details to confirm the authenticity of the email.
How can hovering over links help identify phishing emails?
-Hovering over links (without clicking) in an email can reveal the true URL of the website. If the URL is different from the legitimate site, it’s a clear indicator that the email is phishing.
What is pharming fraud and how does it work?
-Pharming is a type of fraud where scammers create fake websites that closely resemble legitimate sites. These fake sites are designed to trick individuals into entering sensitive personal or financial information.
How can I spot a pharming website?
-To spot a pharming website, check if the web address begins with 'https' (not 'http'). Also, be wary of addresses ending in unusual domain suffixes like '.xyz' instead of '.com' or '.co.uk'.
What should I do if I suspect a website is fake?
-If you suspect a website is fake, do not enter any personal information. Contact the legitimate organization directly using verified contact details and report the website to Action Fraud if it’s a scam.
What are common signs that a website might be fraudulent?
-Signs that a website might be fraudulent include misspelled names in the web address, incorrect spelling or grammar on the site, and a lack of 'https' in the URL. These should all raise red flags.
Why is it important to check the security of a website before entering sensitive information?
-It’s important to ensure that a website is secure before entering sensitive information, as fraudsters often create fake sites to steal personal or financial data. A secure site is indicated by 'https' and a valid SSL certificate.
How can I protect my business from online scams and fraud?
-To protect your business from online scams and fraud, stay vigilant by educating employees on recognizing phishing and pharming attempts, using secure websites, and verifying emails before taking action.