Phishing and Internet Shopping

What is Phishing?

Phishing is when criminals use fake e-mails or web links to acquire sensitive personal information, such as passwords, usernames, or bank account details. This is used to commit fraudulent or even criminal acts in your name, leaving you responsible for the consequences. Such emails and linked websites often appear genuine but are designed to trick people into entering personal details to access your identity, steal from your bank account or infect your computer with a virus which allows them to control your system.

What kind of things might indicate Phishing?

  • When shopping online, make sure your web browser and internet security is up to date. Look for the padlock in the address line before you enter any card details
  • Be aware of seemingly genuine emails requesting to open attachments – if unsure or not expecting anything, do not open any documents. If in doubt contact the sending company over the phone by using genuine number
  • Be aware of seemingly genuine e-mails advertising a win of some sort – these usually involve requesting the sending of money to ‘release’ the prize or requesting your bank details
  • Be especially cautious of emails that try to upset you into acting quickly by threatening you with frightening information
  • Do not click on links, download files or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender
  • Never email personal or financial information, even if you are close with the recipient. You never know who may gain access to your email account, or to the person’s account to whom you are emailing
  • Beware of links in emails that ask for personal information, even if the email appears to come from a company you do business with. Phishing web sites often copy the entire look of a legitimate web site, making it appear authentic. To be safe, call the legitimate company first to see if they really sent that email to you. After all, businesses should not request personal information to be sent via email
  • Check your online accounts and bank statements regularly to ensure that no unauthorized transactions have been made


Another variation on this type of scam is known as Vishing, when you are contacted on the phone by someone claiming to be from your internet provider or bank for example. The same general rules apply.

  • Don't ever give personal information like banking or credit cards over the phone to someone who has called you
  • If you get a call from someone claiming to be you bank or credit card, hang up, and ring the number on the back of your credit card or your bank using a different phone from the one they called you on
  • Do not divulge personal information over the phone unless you initiate the call


And yet another form of this type of crime is known as Smishing, which is when the source of the scam comes via text message. Text messages from unknown numbers should raise alarm bells, but often banks do text their customers for a variety of reasons. If you receive a text regarding your account details contact your bank using a number found on your bank statement, not the number provided in the text.