SOMETIMES it’s easy to tell when a message in your inbox has been sent by a crook. The opening line, “Dear valued customer,” purporting to be from a bank with whom you don’t even have an account, is a dead giveaway.
But the practice of phishing – tricking you into handing over confidential bank details – is becoming more sophisticated, and even seasoned users can be caught out.
Not only computers but also mobile phones are now targeted by the criminals who send these messages, and a Yorkshire Post investigation uncovered more than 55,000 cases of personal fraud in this region in the last year alone.
The fraudsters’ modus operandi is to send you a link to a cloned version of a respectable banking website, on some spurious pretext. You’re led to believe your personal details are being sent to your bank, but they actually go to a back room in someone’s house, anywhere in the world. Once armed with those details, the recipient can apply for credit in your name, or pay for goods from your account.
However, you can safeguard yourself by taking a few simple precautions – the first of which is never to reply to an email from a financial institution, and that includes Johnny-come-lately outfits like PayPal. Respectable organisations like these (if you still consider banks respectable) never ask you to input your details except on their own websites, and even then they don’t ask for everything at once. If you get a request by email, it’s a fake. You can quickly tell whether a financial website is genuine by looking at the little address line that appears at the bottom of your browser whenever you hover over a link. It should match exactly the address you’re expecting; if it doesn’t, don’t click it. In any case, if the link is inside an email, ignore it and type the bank’s address by hand instead.
Emails from people you don’t know and which contain attachments are another tell-tale sign. These are often programs which install themselves on your PC and collect information as you type, then send it back to the authors. A decent anti-virus program should stop these at source, and you don’t have to pay for one – AVG Free and Microsoft Security Essentials will do the job.
Look for bad grammar, too. If a message is poorly worded yet claims to come from a reputable company, delete it. And finally, if the sender claims to be from HM Customs or some other government body, be very suspicious. The closing line “Copyright HMRC” is the signature of a forger; a real government publication would claim “Crown copyright”.