Reassura Guide: Phishing, Vishing, and Smishing Explained

Phishing, vishing, and smishing refer to fraudulent attempts to obtain sensitive information by impersonating a genuine organization via email, fake websites, a phone call or text message. The goal of these fraudsters is to persuade you to part with money or personal information.

In 2017 ActionFraud had 34,000 cases reported with an average loss of £600, the average victim was 62.

The Most Common Frauds

Emails

Phishing emails can look incredibly convincing.  They are designed by fraudsters to entice you to click the links within.  It could be from your bank saying your account has been compromised, from the HMRC demanding payment or Apple Music asking you to confirm your subscription.

Unsolicited calls

Vishing refers to ‘cold calls’ to either your landline or mobile phone. Fraudsters will often pretend to be calling from a legitimate organization, such as a government department, British Telecom, or your bank. Their goal will be to acquire important personal information or for you to take some form of action that may either result in you transferring or providing them with access and therefore control over your computer and everything you do on that computer during and after the call has ended.

Text messages

Smishing is the term used to describe unsolicited text messages requesting you either reply with personal information or call a premium rate telephone number to benefit in one way or another (often to claim a prize you have won or to claim a very special… and often time-limited offer). Sadly, we get very little for nothing these days and in these instances the only winners are the criminals.

Malware and computer viruses

Viruses are designed to wreak havoc, steal your personal information, track your internet browsing activity (spyware) or copy your login details and passwords (keylogging). In many instances viruses operate in the background and individuals are unaware of their existence and the harm that is being done.

Reassura recommends the following tips to avoid fraud

  • Check the senders email address- To check the authenticity of an email address simply double click on the sender’s name or click reply to see whether the email address looks legitimate or not, an email from Microsoft.com is very different to one from Microsoft-support.org
  • Don’t click- Avoid (clicking) any links in emails that you receive and don’t recognize.
  • Hang up! When you receive any cold calls, or if you are not sure if the caller is genuine, hang-up, find the number from Google and call that company yourself.
  • You’ve haven’t won! – The email, text or call that promises a prize for a competition that you never entered should be deleted immediately
  • Bin it! – Delete unsolicited text messages you receive and never respond to them. If you think they may be genuine, either call the company you have received them from but be sure to use a number you have sourced from either the official company website, a trusted directory, major search engine (Google/Bing) or official company letterhead.
  • Caution attachment- Always be very wary about opening any attachments and never open a .ZIP folder as these are commonly used to infect your computer with viruses or malware; which once downloaded onto your computer can be harmful, extremely difficult to remove and be used to steal your personal information
  • Remote access caution! – Only ever allow remote access to your computer if you initiated the call with a trusted genuine supplier, never give it to a cold caller.
  • The Microsoft Lottery does not exist!
  • Too good to be true? – That’s a big sign that it’s a scam, don’t respond
  • Protect your computer – keep your anti-virus software up to date and always switched on.
  • Computer running slowly? – this can be a sign of a virus, run an anti-virus check or take it to a trusted technician to check it out.
  • Still unsure? Reassura’s Fraud Advisors are trained to helps members avoid fraud. Call on 0800 888 6400

What to do if you’re the victim of a phishing, vishing and smishing crime

If you think that you may have been a victim of either a phishing, smishing, or vishing scam:

  • Report it to Action Fraud, you will need a crime reference number to help pursue any lost funds from your bank.
  • If the fraudsters have your bank account or credit card information, contact your bank or credit card provider and speak to their fraud department.
  • If you are unfortunate enough to get a virus or malware on your computer, visit a trusted computer technician /PC repair shop to thoroughly check for and remove any viruses or malware on your device.
  • Visit https://reassura.com or call 0800 888 6400

See also: The Reassura Video Guide to Vishing

and The Reassura Video Guide to Smishing