What is phishing?

No, I didn’t spell fishing wrong! Phishing emails often claim there's an urgent problem with your service or account, such as paused payments or payouts. 

The point of these emails is to scare you into providing sensitive information that can be used to steal your money or data.  

Phishing can happen over the phone as well, such as a call from someone who claims to be from the bank, Telstra, ATO or another government agency. 

These institutions will never call you unexpectedly, when it is actually them on the other end of the line or email. When in doubt, hang up and reach out to support via official channels, such as their main advertised hotlines, or your local bank branch.

How to identify phishing attempts and protect your data, and your money.  

Validate email addresses and websites - Make sure emails come from the correct channel, and be suspicious of email addresses that contain any unusual characters, dashes, underscores, misspellings, or numbers. 

Always verify that you're on an official website. It takes mere minutes at the most to double check, and being cautious can save you stress, heartache and money.

Sign in with a bookmark - Add bookmarks to official websites and only sign in using those bookmarks. 

This helps ensure you’re always accessing authentic webpages.

Use strong authentication methods - Strengthen the security of your account by requiring two-step authentication with a security key or authenticator app.

Check browser extensions - Only install browser extensions from companies you know and trust. Malicious browser extensions can read passwords and compromise your security.  

Phishing is a major concern due to its potential to cause significant harm. For individuals, falling victim to phishing can lead to financial losses, identity theft, and personal data breaches. For businesses, phishing attacks can result in compromised sensitive information, financial loss, reputational damage, and operational disruptions.

Educate yourself - Stay informed about the latest phishing tactics by attending security training sessions and reading about cybersecurity trends, news, incidents, and best practices. Because the sophistication and various types of phishing are constantly growing and evolving, staying informed on current threats is critical. 

Be vigilant and suspicious - Consciously question the legitimacy of each email, text message, and phone call. If you receive an unexpected email from a coworker, financial institution, government agency, or vendor, look out for these tell-tale signs of phishing: 

• Spelling or grammatical errors.
• Urgent demands for sensitive information.
• Suspicious links.
• Spoofed email addresses. 
• Unexpected attachments.

Stay cautious on public Wi-Fi - Avoid accessing sensitive information when using public Wi-Fi. Hackers may easily steal data from unsecured networks. 

There seems to be endless way you can get scammed these days, but taking the time to make sure your security is at the highest level possible, regularly change your passwords, keep your malware and antivirus up to date, and stay informed is the best way to prevent loss and heartache.