14 September 2020
A graphic representing a phishing scam

Phishing and smishing

No, these aren’t made up words! However, you may have heard these types of scams are on the increase during the COVID-19 pandemic.

Phishing – this is a fraudulent attempt to get your personal data such as usernames, passwords and bank details. They typically take the form of an email which is disguised as a trustworthy form of communication. Internet scammers are very clever and use them to ‘fish’ for your information.

Smishing – this has exactly the same idea as the above, but are text messages instead. They’re becoming more common and are a growing threat to the world of online security. They may look like the real deal but always be aware.

How to spot them

There are various ways to recognise them. Take a look at the most common mistakes the con artists make.

  • An urgent tone - messages are designed to scare you into clicking on their links;
  • Grammar and spelling – they are clumsily written, have typos and no spaces after commas;
  • No name - legitimate emails from services you have accounts with will always address you by name. Phishing emails and smishing texts usually start with ‘Dear Sir’ or ‘Dear Customer’;
  • Fake domains - scammers often set up website addresses that look authentic in order to trick you. Security researchers Digital Shadows say that more than 1,400 domains linked to the COVID-19 pandemic have been registered in the past few months. While many of those may well be real, others will almost certainly be used to mis-lead anxious consumers into thinking they’re genuine; and
  • They can end up going straight to your spam/junk folder – if that’s the case, then just delete them straight away.

What to do if you get one

If you do receive something suspicious and you’re not sure what to do, contact the company directly using a trusted telephone number or website instead. Make sure you delete the email or text without clicking on any of the links. It’s definitely worthwhile reporting scams like this to the Government as well.

If you are scammed by something like this, it’s important to report it straight away to Action Fraud online or by calling 0300 123 2040.

Always remember – if it seems too good to be true, it probably is!