Learn how to recognize and protect yourself from the increased volume of email phishing scams
The coronavirus pandemic has shifted our everyday lives and has forced people online to perform many tasks we may have previously done in person. Cybercriminals have reacted to this behavior change, too, developing scams that might catch out online novices. So now, in addition to adjusting our lives to cope with coronavirus, we also need to protect ourselves from this new wave of cyber scams.
The attacks we are observing in the UK are best described as phishing scams, in which the attacker tries to trick the reader into opening a malicious attachment, clicking a malicious link, or giving away personal information. This is done through outright lying and trickery, but fear not – there are ways to both recognize and combat these scams.
Examples of recent phishing scams
To understand how to avoid these kinds of scams, let’s look at the most common types of scams hitting inboxes across the UK in recent months.
TV Licensing email scam
This one began to circulate in April and scammers continue to try to catch out TV licensing customers with variations. You will see that in the first payment reminder email below, it looks very professional in terms of logos, design, and layout, even referencing license numbers and costs to make it look like an authentic reminder. This phishing email clicked through to a branded web page with form fields in an attempt to capture the victim’s payment details and personal information. Fortunately, it has since been reported and removed.
In this second example, we see an equally convincing email with a different design trying to suggest that a payment has failed. Although there is a lot of information referenced here, it should probably raise a few flags to the reader - however, the threat of debt collection is made in the hope that they will take hasty action.
What to do if you suspect an email is a phishing attack
Be skeptical. Err on the side of caution with an email prompt you weren't expecting and before clicking on any links. Perhaps check the information referenced vs previous emails which you know were authentic.
Go direct. Rather than via the email, go to the company or organization yourself, using the contact information provided on their legitimate website. That way, you can check out the email that you allegedly received.