One of the most common types of phishing email scams are ones that attempt to trick victims into handing over the information to their online banking accounts, or other sensitive financial information.
Email phishing scams work by tricking a victim into unwittingly giving up information about themselves. Typically, the crook will send the victim an email that appears to be from an entity or person that the victim trusts, for example, their bank. In most cases, the email will contain a link for the victim to click, and when they do, the victim is taken to a spoof webpage that is designed to steal any information the victim types into it.
So, for example, the victim may receive an email that appears to be from their bank. The email urges the victim to click a link to, for example, verify their details. That link leads to what appears to be the bank’s login webpage. It is, however, a spoof webpage owned by the crooks and will steal the victim’s login information when the victim types it in.
Phishing email scams that appear to be from your bank do have tell-tale signs that can expose them as fraudulent, however. We discuss them here.
Phishing emails that appears to be from your bank want you to do two things – click on a link in the email, and then enter your login information on the resulting webpage.
The most important part of a phishing email scam is the ability to trick recipients of the email into clicking the link. This is called the social engineering element of the scam. Some scams work better than others, meaning the more successful scams are the ones you’ll most likely encounter and need to be aware of.
These include emails that attempt to alarm the recipient by (ironically) claiming someone was attempting to gain unauthorised to the recipient’s bank account, and the recipient needs to click a link to verify their identity.
Another example will claim the recipient’s bank account has been disabled due to “suspicious activity” and the recipient needs to click a link to reactivate their bank account.
Another successful example claims the recipient needs to click a link as the bank has introduced more stringent security protocols that requires the recipient to confirm their identity.
These examples have one thing in common – they seem important enough to alarm the recipient into action. In this case, those actions (clicking a link and entering information into a webpage) are exactly what the crook wants the recipient to do. It is this action that will put the recipient’s bank account at risk.
Knowing what the typical phishing scams looks like and how they operate is a good defence against falling for them.
Sponsored Content. Continued below...
It will come as no surprise to anyone that your bank knows your name. And if they ever do email you, they’ll almost certainly greet you with your name. However when crooks send out email scams to thousands of email recipients, they’ll use generic greetings, such as “Hello Customer” or Dear Account Holder.
Bottom line – emails that use generic greetings should not be trusted.
Of course, perhaps one of the biggest giveaways is that you receive an email from “your bank” but it isn’t your bank. It may even be a bank in a different country!
This is because crooks typically send out their emails to thousands of recipients, without really knowing what bank those recipients are with. Statistically, at least some of the recipients will use that particular bank, which the crook is banking on!
Sponsored Content. Continued below...
Banks like to maintain a professional appearance. Since you’re trusting them with your money, it does help, after all! As such, the emails that banks send will be written by professionals and proof-read by professionals.
Such scams often originate from non-English speaking countries, which accounts for the spelling and grammar errors. So if an email from your bank is laden with spelling and grammar errors, then something is up and you should be deleting that email pretty quickly.
A typical phishing email scam that appears to be from your bank will contain hyperlinks that lead to webpages. These are spoof webpages. If you’re on a laptop or PC, hover your cursor over the link to see the actual destination of the link. If it doesn’t appear to lead to your bank, then it’s most probably a scam.
If you do happen to click the link, don’t panic just yet. If it’s a phishing scam, it’s not too late. If it’s a phishing scam, you’ll be directed to a webpage that looks like your bank’s login page. Check the URL (web address) at the top. Does it belong to your bank? If not, then close the webpage. Anything you enter onto it will be stolen.
The best advice is to simply avoid clicking on emails from your bank that contain links, unless you know those links lead to a safe source. If in doubt, close the email and open your browser and go to your online banking website directly.
With these tips, you should never fall for a phishing email scam from a bank. If you think you could do with some extra help, you can install a security program with anti-phishing protection. For our recommended security software, click here.
And remember, if you’re ever in any doubt, seek help before clicking.