How to Prevent Phishing
Phishing is when an attacker tries to trick a person into revealing their sensitive information, usually through email or text message. They will pretend to be someone they are not, such as a colleague from work or your bank, and create messages with the aim of getting you to click on links or provide information on fake websites. The information can include passwords, account numbers, credit card details or even Social Security numbers. Once the scammer has your information, they can use it to access your accounts, or even sell it. They may also install malware on your computer, such as keystroke loggers or viruses.
One way that phishing emails can be identified is by spelling or grammatical errors. Additionally, if the email requires you to take action such as clicking on links or downloading attachments, it is likely to be malicious and should be deleted immediately. Other indicators to look out for are the use of urgency or fear, or if the message does not match the tone of your contact’s usual writing style.
NCSC is encouraging organisations to set up DMARC, which can help to reduce phishing attacks and prevent your data being harvested. You can find out more about DMARC on our webpage.