Phishing: Don’t take the bait

Ever received an email that looked like it came from a legitimate company, but something seemed a bit off? Maybe the sender’s email address looked suspicious, there were a couple of spelling mistakes, or the content of the mail raised a few red flags? Chances are, you were on the receiving end of a phishing email.

So, what is phishing anyway?

It’s a scam in which fraudsters send fake emails that appear as though they come from your bank, your cellphone network or some other trusted organisation. They’re designed to get you to part with personal information like your bank details, ID number, passwords and more.

How does it work?

Scammers use different methods to lure people into divulging sensitive information. These often include directing you to phony websites to capture login details like your usernames and passwords, or trying to get you to call fake phone numbers to ‘update your details’. And once they have your information, they use it to try to access your accounts.

Tips to avoid being phished

It pays to be vigilant about protecting your personal information. Here are seven ways to help you do that.

1 Don’t reply to any email that asks you to respond with personal information, even if it appears to be from your bank or another company that you’re familiar with. Rather phone the relevant organisation to check that the email is legitimate.

2 Look out for warning signs like emails that aren’t personalised (i.e. addressed to ‘Dear Sir/Madam’ rather than to you directly), that contain spelling or grammar mistakes, or that ask you to supply sensitive personal information.

3 If you receive an email asking you to update your information telephonically, don’t use the number provided in the email. Rather call the number you already have for the organisation or that’s on their website, to check that the email is genuine.

4 Never (and we mean never) give your login details, like your username, passwords, one time passwords, and pin numbers, to anyone, ever.

5 Unless you are 100% certain that an email is legitimate and from a trusted source, don’t click on links or open or download attachments.

6 If you need to go to your bank’s website, don’t click on a link in an email, or use Google search results or bookmarks. Rather play it safe and type the correct URL directly into your browser, so you know you’re going to the right place.

7 Make sure you use strong passwords to protect your accounts. Aim for at least 12 characters, use a combination of uppercase and lowercase letters, and include numbers and symbols.


Are you a Standard Bank customer?

The Standard Bank website offers the following advice if you think you’ve received a phishing email or have given out your details.

If you suspect phishing
Forward any suspect phishing emails to [email protected] and Standard Bank will investigate. Do not respond to the email.

If you've given out your details
If you have compromised your details, call Standard Bank immediately on 0800 222 050 (Option Internet and Mobile Banking). This line is open 24 hours a day.


If you’d like to find out about cover from Standard Bank’s direct life insurance services, get a quote or request that a customer service agent call you back.

Sources
standardbank.co.za
guardian.co.uk
consumerreports.org

View all articles