Menu
Spam/Junk mail banner

Phishing

What is phishing?

Avoiding phishing scams

Example of a phishing attempts at UCL

Interactive anti-phishing tutorial

What is Phishing?

Phishing is a form of internet fraud (typically carried out by email) designed to steal valuable personal data such as usernames, passwords and credit card/bank details. The most common examples of this are emails purporting to come from companies such as PayPal, eBay and Online Banks which ask you to send them your account information by replying to an email or by directing you to a website:

Phishing example

More Phishing Scam examples is available from The Anti-Phishing Working Group

Avoiding Phishing Scams

Phishing Scams are now becoming more sophisticated making it difficult to differentiate between what is genuine and fraudulent. Many phishing emails will consist of standard company logos and official sounding language. However, no credible organisation will ever ask you for personal or account information by replying to an email or sending you to a website.

Here are some recommendations from The Anti-Phishing Working Group that can be used to avoid getting hooked by one of these scams:

  • Be suspicious of any email with urgent requests for personal financial information.
  • Do not use the link in an email or instant message to get to any web page if you suspect the message might not be authentic.
  • For more information try this Flash game which demonstrates how to spot malicious URLs.
  • Links in html format emails can be be diguised so that it looks like a legitimate url but will actually link to a phishing url. The real destination will normally display on the status bar, at the bottom-left of your screen, if you point (do not click) the mouse at the link.
  • For more information try this Flash game which demonstrates how to spot malicious urls.
  • Avoid filling out forms in email messages that ask for personal financial information.
  • Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser.
  • Ensure that your browser is up-to-date and security patches are applied.