Senwes Scenario Desember - Februarie 2020 | Page 52
DIGITAAL | DIGITAL
5 tips
on how to avoid
phishing
Johan Le Grange
Manager: Corporate Marketing and
Communication
WHAT IS PHISHING?
Phishing is a technique and/or the fraudulent action of sending
emails, purporting to be from well-known companies, in order
to induce individuals to reveal personal information, such as
passwords and credit card numbers.
Bear in mind: Viruses, trojans and malicious software attack
your operating system (refer to Senwes Scenario article: ’It is time
for some digital housekeeping’ available at http://senwes.
co/DigitalHousekeeping for more information) whilst with
phishing attacks, the target is you, the user.
When in doubt, hover (without clicking) over the link to
see the web address it is linking to. Be alert to misspelled
domains and/or unknown web addresses and don’t
download any attachments from unknown sources as they
might contain malware.
LEARN TO WATCH THE ADDRESS BAR
LEARN TO IDENTIFY PHISHING EMAILS
Familiarise yourself with the common phishing language and
techniques. Be on the lookout for suspicious emails containing
phrases such as: verify your account details; you have won;
your account is at risk; your account has been compromised;
reset your account; fill in your missing details and/or your
account has been closed. These emails will usually urge you to
take immediate action in an attempt to trick you into clicking on
a fraudulent link and obtaining your personal information.
CHECK THE EMAIL ADDRESS
Phishing emails appear as if they are legit but when you
take a closer look at the “From:” field, you’ll pick up on
subtle differences. Compare the spelling of the domain of a
suspicious email and the format of the email address to the
actual domain and way in which the company’s email address
is formatted.
THINK BEFORE YOU CLICK OR DOWNLOAD
Don't click links in emails from random people you don't know.
50
SENWES SCENARIO | SOMER • SUMMER 2020
Even though many web browsers are moving away from
a big focus on the address bar, it remains an extremely
important part of your browsing activity. The easiest way
to identify a phishing scam is to eyeball the address bar.
The crucial part of a URL (the website’s address) is the
part immediately preceding the .com, .co.za, .net, etc. Be
sure that you are on an authenticated website and not a
suspicious subdomain. For example: https://www.fnb.co.za/
is the legitimate URL whilst http://fnb.ineedmoney.co.za is
fake. Only enter sensitive data into authenticated and secure
websites. Secure websites can be identified by the closed
lock icon before the URL and the ‘s’ in ‘https’.
NEVER ACCESS YOUR BANK’S WEBSITE
BY CLICKING ON LINKS IN EMAILS
Phishers specialise in creating websites that are visually
similar and sometimes appears almost identical to a real
business or bank’s website. To be safe, don’t click on
banking links in emails, no matter how authentic they seem.
Instead, access your bank’s website directly. Also bear
in mind that your bank will never ask you to send your
password or personal information by email. When in doubt,
rather call your bank directly for clarification.