Spotting a Phishing email

Once you know what to look for, a phishing email is relatively easy to detect.

If a message asks you to email your password or account details it is almost definitely a phishing email or from a website that is likely to be insecure.

However, there are other clues:

• The from email address and/or the Reply-to email address are not from legitimate sources (hotmail.com, gmail.com, live.com, yahoo.com)
• The message has poor spelling and grammar
• It has a non-standard salutation such as Dear account user, Dear valued customer
• It uses a lot of capital letters, eg Dear WEBMAIL ACCOUNT USER
• The message carries a disproportionate threat or warning
• The message warns of a big change but has no email address or phone number for further information.

Computer Security

Making sure your computer is up to date can reduce the risk of being caught out in a phishing attempt; however, you should never be complacent about giving out personal information such as your password or account details.

Modern web browsers such as Firefox 3.5 and Internet Explorer will warn users attempting to access known phishing sites.

The example below shows the web page you see when attempting to access a recent Amazon phishing attempt from the Firefox web browser: