#Spotting the signs of phishing phone scams

Phishing is a type of cyber crime whereby cyber criminals attempt to extract sensitive information through email messages, website or phone calls appear to be legitimate. This does not just happen to individuals on personal telephones, but to businesses too.

If you are using a business mobile phone and receive a scam phone call but don’t recognise the signs, you could expose your business to a cyber attack. Scammers will often try and fool the victim into believing that the message or call is from a trusted source, sometimes even pretending to be someone you know. The aim of this is to typically get you to share your passwords or other personal data, or to trick you into downloading computer viruses. Imagine this... One woman had a mobile call telling her that there was an ongoing court case against her over an unpaid tax bill. The judge and jury were on the line, the scammer told her, but if she immediately transferred payment of £999, the case would go better for her. She panicked and paid but was told it was not enough. So she went to the bank, with the scammer still on the line, and sent another £4,000. Spotting the signs of a genuine and scam phone call can be tricky, here are some key things to be aware of:

  • No-one should be asking for your password A reputable company will never ask for your password or bank PIN, either over the phone or by email. If they need you to reset your password, they’ll send you a link to a secure page on their official site, which will allow you to do it safely. You also shouldn’t have to give any individual person your password or PIN number.

  • Using threats to frighten you In order to try to spur the victim into action, scammers may include threats in their calls. For example, they could say that your bank account will be permanently deleted if you don’t reset your password through a link that they’ve provided.

  • They are evasive if you have questions If you ask to speak to a supervisor or ask for proof of where that the caller is calling from, they’ll either change the subject or make you feel at fault for asking for more information.

  • You can’t call the company back on their official number Call phishing has become increasingly sophisticated. Nowadays, scammers can either hide their caller IDs, or they can mimic phone numbers, so it looks like you’re being called by a genuine company, such as a bank or utility company.

Instead of taking the chance of falling victim to a cyber attack like this, why don't you sign up to core membership today and receive FREE guidance like this on a regular basis. You will also receive regular, local threat updates so that you can strengthen your business's resilience. Visit www.secrc.co.uk/membership for more information.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.

South East CRC White copy.png

USEFUL LINKS

CONNECT WITH US

  • LinkedIn
  • Twitter
  • YouTube

© 2021 - The Cyber Resilience Centre for the South East

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.