What is Phishing?
Phishing is a type of online fraud. Phishing scams can take many forms, but usually start with an email, instant message or pop-up window asking you to update your personal information.
For instance, an email – purportedly from a legitimate company or financial institution – will ask you to “verify” or “re-submit” confidential information by completing an online form or replying to the email. You may also be encouraged to click on a link that takes you to a "copycat" website designed to look identical to a legitimate site.
Once at the spoofed site, you may be asked to enter your username and password, your credit card number and expiration date, bank account details or other personal identification numbers (PINs).
If you inadvertently give these details away, the phisher will now be able to make fraudulent purchases in your name, use your account to send spam, steal your identity, or sell your personal details on to other parties.
How to recognise and avoid phishing scams:
• Trust your instincts. If a message looks fraudulent or offers something that looks too good to be true, it possibly is. Ask yourself why you are being contacted or asked for this information.
• Never provide your personal information in response to an unsolicited email, fax, pop-up advertisement or unexpected website address.
• Regularly review your credit card and bank statements for inconsistencies or problems.
• Be suspicious of urgent requests for personal information.
• Be wary of clicking on a link in an email to visit a website. Instead, contact the company by telephone. It is very unlikely your bank or any financial institution will ever ask you to provide your personal details via email. Rather telephone to report the message, and do not reply with account details.
• If you submit information to a website, make sure the site is secure. Look for the "lock" icon in the status bar at the bottom of your browser window and an "https://..” prefix to the URL or web address. Double click on the "lock" icon and the security certificate should appear. If the name following “Issued” isn’t the name of the site, the site may be a fake.
• Keep your operating system and web browser up to date.
• Install and run anti-virus software and update it frequently.
• Run firewall software on your computer.
What to do if you suspect that you are a victim of phishing:
• Alert the Garda Síochána and the company whose site is being forged.
• Use up-to-date anti-virus and anti-spyware software to keep unwanted or malicious software at bay.
• Notify your financial institutions.
• Change your passwords.
