How to avoid phishing messages and what to do if you see one

What are they?


A phishing message is a type of online scam where the scammer poses as a legitimate company or person to obtain information or get you to take an action. They can be received via email, phone or through social media.


A phishing message will usually:


  • Ask you to do something like log into a webpage, make a payment or download something (this is different to Spam messages, which are just adverts)
  • Create pressure to do something quickly
  • Offer you an incentive for performing the ask and/or tell you there’s a risk if you don’t
  • Seem very realistic – but there are often clues like the sender’s address not being right or the tone of the message that give away that they’re not who they say they ar


What to do if you receive one?


  • Don’t take the requested action – never click on a link, attachment or phone a number unless you know it is legitimate
  • Contact the sender via another means to check if it’s really from them. For example go directly to the website yourself, rather than clicking or using the link in the email, to see if the requested action is legitimate
  • Always trust your instinct not to act on an instruction if you are unsure about the message being from a legitimate source