Protecting Yourself From Phishing
We've noticed a substantial increase in phishing attempts in the last few months, so we thought it would be worth sharing a few suggestions on ways to minimize your risks.
Firstly, some disclaimers - we are not subject experts, and this article is provided in the spirit of offering some food for thought, not a foolproof protection strategy.
In the unlikely event that you haven't heard of phishing, its the practice of attempting to trick you into revealing sensitive information or downloading malicious software and usually takes the from of an e-mail purporting to be from a reputable organization that you have a relationship with. All the major high street banks, HMRC, PayPal, e-bay and others involved in financial transactions are targets. Some of the emails are very cleverly crafted and can be quite convincing.
Modern e-mail clients and e-mail service providers are pretty good at weeding out spam and phishing attempts, but occasionally they get through, so you need to be alert.
The easiest ones to spot are those that say they've been sent by someone you don't have a relationship with - for example, if it looks like it comes from NatWest and you don't have an account with NatWest, it should be obvious that it's fake.
Anything that encourages you to open an attachment to confirm account details or re-activate a locked account needs to be treated with the utmost suspicion.
A suggestion we'd like to leave you with is to use different e-mail accounts for different purposes. If you have to publish an e-mail address anywhere, or use one to register with websites that have anything less than a 100% unimpeachable reputation, try and use one that is not the same as one you use for critical and sensitive information. Then, when "PayPal" sends a fake message to email@example.com, you'll immediately know it's fake because that's not the address you use for your PayPal account.
We hope you found this useful. If you have additional or better suggestions, we'd love to hear them.