I’m sure that by now you’ve heard of it, but what exactly is “Phishing”? No, phishing doesn’t have anything to do with an American rock band that can't spell, or casting rods off a riverbank trying to reel in your dinner. It is an increasingly sophisticated way for criminals to try to get you to divulge your personal information in an effort to defraud you.
Spot the difference
An e-mail arrives in your mailbox. At first glance it looks like it comes from a trusted source or institution. It will normally have a logo you recognise. It will seem legitimate, but on closer inspection, there are ways of determining whether an email is from a valid source, or is trying to reel you in and turn you into a victim.
Firstly, phishing emails are invariably riddled with spelling errors. The example below does not even get the name of the institution right; “First Natinal Bank” instead of “First National Bank”.
In the first line there’s another clue: instead of reading, “their” account info, it reads “there”.
Huge institutions like FNB know to hire professional editors to avoid obvious errors like these.
The phishing attempt below even uses the institution’s logo and seems to originate from This e-mail address is being protected from spambots. You need JavaScript enabled to view it , but once you click on the log-in link, it takes you not to the FNB website, but to another link entirely!
This is an immediate give-away. If you do click on a link in an e-mail that is asking for your personal information, always check the URL to make sure that you are on a legitimate, trustworthy site.
Also, know that banking institutions will never ask you for your login info via e-mail. If an e-mail from your bank requires you to enter your banking details, know that it is an attempt to scam you.
But I don't even have an FNB account?!
Another sure way to recognise a phishing e-mail is the use of words like URGENT, or IMPORTANT. Scammers try to get you to respond without thinking things through - they threaten suspension of your account if you don’t respond within a given time frame.
This “masterpiece“ which arrived in my inbox only minutes ago, is a classic example of phishing. Your banking institution will not send you an e-mail addressed to “undisclosed –recipients”. If there were an issue with your account, the email would be addressed directly to you.
Once again, there is an emphasis on time constraints, “ensure that your service is not interrupted” as well as threats of “account suspension”. I’m urged to “Save Time, Update Online!” Exclamation mark!!!
Quick Recap
If you think an e-mail from your bank/financial institution seems dubious, look for the following which ought to confirm your suspicions:
- Spelling/grammatical/formatting errors.
- The e-mail is addressed to “Recipient”, “Dear member”, “Dear Customer”, etc, and not directly to you.
- The e-mail threatens suspension/cancellation/service denial if you do not respond within a given, usually short time-frame.
- The log-in link provided takes you to a website which has nothing to do with the institution.
Follow these guidelines and hopefully it will ensure that you don’t wind up dangling off some phisher’s hook in the ocean that is the world (wild) web.
Good surfing and good luck out there!
(Disclaimer: the screen-grabs above just happened to be ones that landed in my in-box and are in no way associated with the institutions mentioned.)
