What is an email phishing scam?
A 'phishing' (fishing) email is one that pretends to be from a bank or a company like eBay, PayPal, Amazon, etc. and asks you to click on a link in the email to visit their site and enter your account data, such as login details, credit card details, etc. The link will invariably take you to a spoof website that looks like the real site, thus tricking you into thinking you are logging on to a real website. Phishing is a form of identity theft, where fraudsters steal your identity and personal information to gain access to your accounts or commit other crimes using your persona.
What should I do if receive one?
If you do receive a scam email, you should not click on any of the links it contains or believe anything it says. Ideally you should delete it straight away, but it would be useful if you submit it to us and to the bank or institution it pretends to be from.
I have fallen victim to a scam and sent out my details to the phishers, what should I do?
You should take action immediately. Contact your bank or other financial institution depending on what information you have revealed. They will then be able to take action on your accounts and stop them being accessed by the fraudsters. They will also provide you with further advice. Change any login details you may have entered. This will stop the fraudsters accessing your accounts with the information you sent them.
How did the phishers get my email address/name?
You were not specifically targeted. The scammers send out many hundreds of emails at the same time to random email addresses in the hope of reaching a live email address of a customer with an account at the bank or company that is being targeted. They also trawl the web for valid addresses they can use and swap this information with each other. If you have ever posted on an internet forum, signed a guestbook on a website, or published something on the web, there's a very good chance that your address is out there somewhere just waiting for the scammers to find it.
I am suspicious that an email I received is a scam, what should I do?
Search for the email on our site or forward it to us here at Fraudwatchers and we will tell you if it is a scam or not. Remember, banks and legitimate companies will never contact you by email to ask you to enter your password or any other sensitive information by clicking on a link and visiting a web site. If in doubt, contact the institution concerned but make sure you type in the return address by hand!
How can I prevent myself being a victim of phishing?
The key thing is to be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a trusted source. Although your bank or others may contact you by email, they will never ask you to reconfirm your login or security password information by clicking on a link in an email and visiting a web site. Stop to think about how your bank normally communicates with you and never disclose your password or personal information.
Banks will never email you to request that you "confirm" or "update" your password or any personal information by clicking on a link in the email and visiting a web site.
Treat all unsolicited emails with caution and never click on links from within such emails and do not enter any personal information.
To log-on to any site that requires personal information, open your web browser and type the address in yourself.
If in doubt about the validity of an email, or if you think that you may have disclosed information to a fraudulent site, contact your bank immediately or inform us here at Fraudwatchers.
Sites with more information about phishing can be found here: