Phishing

=PHISHING = = No, not //fishing...// = == = //Phishing//! ​ =

**So what is phishing?**

Phishing is a way that criminals are able to obtain information by pretending to be someone else. They may seem like the real company, but be warned- they may not be who they say they are! Once the criminals have taken information from you, they can steal your money, put viruses into your computer, or even steal your whole identity!

**Ways that criminals get your information include:** - Sending emails pretending to be a company, such as a bank. - Setting up imitation websites that steal your information. - Telling the victim to call a phone number (in an email, for example) to give them their personal details. - Offering to advertise a business and asking for personal details on the internet or over the phone.

Here is an example of an email, which is actually a phishing email. It is sent by people who are trying to make you give your Paypal (a real company that deals with money on sites like eBay) details away.



**Can you see why this is a phishing email? You do need to look very closely. Here's why:** - The criminals have misspelt 'credit' as 'crdit' on the third line ("//update your **crdit** information on file//"). Real companies make sure that there are no spelling mistakes or punctuation errors in this email. - The blue link is actually linking to a fake website. If you look at the website link down the bottom, you can see that not only is PayPal misspelt as **//'payapl'//**, but the the link is also going to a website with an ending named '//**.com-stz'**//. Real websites only have endings such as '.com', '.au', '.org', and similar endings. - Also, real companies have a website that starts with 'https' instead of 'http'. The 's' means 'secure'. - Companies like PayPal don't provide links that you can click on- instead, you have to copy-and-paste the link into the address bar at the top in real emails.

- Criminals may use a phrase such as **//'Dear customer'//**. Real companies use your real name. However, some criminals are able to find that out before they send the email, so always be careful. - In emails to do with banks and similar companies, they will //__** NEVER EVER **__// send emails requesting that you give them your details or update your details.
 * //Things to look out for in other emails://**

Now here is another example. While the example above was made up, this was a real phishing attempt, which has been stopped. Here you can test yourself. Can you figure out why this email is a fake?