Phishing is a scam. Phishing uses social engineering and brand jacking methods to attempt to get your private and personal data from you, such as your bank account details or email system passwords – this can often lead to cases of identity theft.

Unfortunately, setting up a phishing/scamming site is much much easier than it should be, and can be done quite quickly, so you need to remain vigilant. Phishing attempts regularly appear in electronic mail as warnings from your bank to verify your account details amongst other things but they may also appear as phone text messages or telephone calls too.

Here are some tips for protecting yourself against phishing attacks.

Do not click on links in emails

As convenient, and tempting, as it might be to click on a link in an email you can go a long way to protecting yourself by paying close attention to the link itself and finding your own way to a particular site instead of clicking through a link. Many email systems now automatically disable embedded links in emails – always treat email links with extreme caution. The same goes for links contained in phone texts (SMS) as this is the new playground for phishers. You can often hover over a link (simply move your mouse pointer over the link) and a pop up will show where that email is really destined – if the two don’t match up then treat with caution.

Look at the information carefully

Many, but not all, phishing attempts contain inaccuracies and errors as the sites are often set up quickly with little attention to detail. Obvious spelling mistakes, out of date information, missing images, or strange names or email addresses should indicate something about that email is not quite right.

Ignore messages embedded in the email insisting the message has been scanned and is safe – always trust your own security measures first.

Unexpected or Unusual Behaviour

Think about the pattern of email communications in the past – have you ever had a communication in this way from the person or entity before? Does the wording ring true or are you being asked for something unusual? Banks will never ask for your password through email so be very wary if you are asked. If the information has come out of the blue from a stranger or unusual business entity then take the position of better safe than sorry.

Use The Telephone

If you are in any doubt then pick up the telephone and speak to someone. However, do not use telephone numbers contained in the email – double check telephone numbers in your usual way. Call the customer service line of the business entity that has apparently contacted you and explain your concerns – this may also help them realise that they need to take action too.

Safety Steps

Always ensure you log off your computer when you leave it unattended. If using a public computer limit the sites you go to and always check the sign-in options that indicate it is a public computer – this avoids any data trails. Change your passwords, and your PIN numbers, regularly and make sure you don’t share them with other people. Be wary of writing passwords or PIN numbers down as you might lose them.

You Never Get Something For Nothing

If someone is promising you, a total stranger, the world for next to nothing in return treat it with extreme caution. You can get easily scammed this way by being lulled into a false sense of security as you feel you might potentially gain something – especially if the whole thing seems to be some kind of big secret – the only winners will be the scammers and the phishers.

Do not give out any personal information about yourself under these circumstances – better still delete the email altogether.

Use Your Tools

Ensure your anti-malware phishing protection facilities are enabled. Check your browser – for example Internet Explorer has the Smart Screen Filter , and Firefox has the Phishing Protection feature, which can check a website against a list of screened websites to ensure it is a valid site. These services cannot always be right up to date so don’t rely on them completely – if in doubt … choose the safe option. Always keep your anti-malware tools and utilities up to date and allow them to perform routine scans on your system.

Watch Your Social Media Profiles

A little information given out here, a little given out there, can soon add up to quite a lot of information. If you have a tendency to use children’s or pet names, vehicle information, or phone numbers for passwords then beware – these are the first things phishers and scammers will use to try and access and compromise your account.

If you use the same password on different services then just a single compromised account can quickly compromise all your accounts – vary your passwords.

What To Do If You Have Been Phished

The first thing you should do is change all your available passwords and contact the necessary entities to put holds on your accounts. Consider cancelling any account that you feel has been compromised as it may become the target for repeated attacks. Ensure you have signed up with a credit checking agency to notify you of any major alerts on your big accounts – this can help give you a bigger picture as to what is happening, as well as help the authorities track the phishers activity down.

Head to a site such as http://www.identitytheft.org.uk/ for more advice.