Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
A phishing attack happens when someone tries to trick you into sharing personal information online.
Phishing is usually done through email, ads or by sites that look similar to sites that you already use. For example, someone who is phishing might send you an email that looks like its from your bank so that youll give them information about your bank account.
How to identify Phishing emails
Phishing emails or sites might ask for:
Usernames and passwords, including password changes
National Insurance numbers
Bank account numbers
PINs (Personal Identification Numbers)
Credit card numbers
Your mothers maiden name
Your date of birth
How to avoid phishing attacks
Be careful any time that you get an email from a site asking for personal information. If you get this type of email:
Dont click any links or provide personal information until youve confirmed that the email is real.
If the sender has a Gmail or Yahoo address, report the Gmail abuse to Google or Yahoo.
When you get an email that looks suspicious, here are a few things to check for:
Check that the email address and the sender name match.
Check whether the email is authenticated.
Hover over any links before you click on them. If the URL of the link doesnt match the description of the link, it might be leading you to a phishing site.
Check the message headers to make sure that the from header isnt showing an incorrect name.