THINK BEFORE YOU ACT
Be wary of communications that implore you to act immediately. As many phishing attacks attempt to create a sense of urgency to catch the recipient off guard, by making them fear their account or information is in jeopardy. So always take time to stop and think carefully before you engage with any communications you’ve received, especially if there’s a deal involved that seems too good to be true.
BE WARY OF HYPERLINKS
Avoid clicking on hyperlinks in any communications without checking them first. You can do this by hovering over the link with your cursor on a desktop or laptop device, which will reveal the full URL address at the bottom of your browser. Alternatively, you can check links on mobile or tablet devices by pressing and holding down on the link with your finger to view the full URL address before proceeding.
DON'T BE FOOLED
Phishing attacks use email addresses, sender names, phone numbers, or website URLs that are disguised as a trusted source, such as a financial institution or government agency. Tell-tale signs that communications you’ve received may be “phishy” are if they contain bad spelling or grammar, come from an unusual email address or number, or feature imagery, branding, or design that feels ‘off’.
THINK ABOUT CURRENT EVENTS
Cybercriminals often exploit current news stories, big events, or specific times of the year (like tax reporting), to make their scams seem more relevant to you. It’s important to bear this in mind, as you don’t want to drop your guard just because you’ve received a message that appears to be relevant.
REVIEW WHAT YOU SHARE
Criminals use publicly available information about you to make their phishing attacks appear convincing, so it’s always good practice to review your privacy settings and think about what you post. As information about yourself that you share online, such as where you go to school, where you work, and when you’re on holiday, could help cybercriminals gain access to more valuable data.