When criminals go phishing, don’t get hooked!

Phishing is the number one delivery mechanism for malware and ransomware. It will trick you into installing software that compromises the security of your computer and enables others to obtain user passwords, personal information, credit card details and other confidential information.

Phishing emails rely upon a human making a mistake. They will often ask you to take an action by:

• pretending the recipient is in trouble
• pretending that someone else is in trouble
• pretending to give the recipient an unmissable opportunity
• pretending to be from a trusted source

How do you spot phishing emails?

By being a detective and looking for a CLUE:

• Critical thinking
• Learning to hover
• URL inspection
• Emotional ploys

Critical thinking

• Was I expecting this email?
• Do I know the sender?
• Is it plausible?
• Is the email accurate?
• Is the offer too good to be true?

Learning to hover

Hover your mouse over links and images to look at the website address they go to. If it looks different to what you expect, don’t click.

URL inspection

Again use your hover. Is it what you expect? Or has it been designed to look correct? For example rather than google.co.uk does it say goo.gle.co.uk, goog.le.info, gooogle.biz?

Emotional ploys

Finally, look out for overly emotional language or language which causes you to become emotional. If it fills you with fear, anxiety or excitement, that is a red flag. They are trying to play to your emotions to get that click.

So remember CLUE whenever you receive an email you are not sure about and hopefully you won’t swallow the hook.

If you need more information and support on what to do and where to access help, then go to Risk Management on the CILEx Regulation website.