The scams can be delivered via emails, websites or even phone calls and are ultimately designed to steal money. The scammers can achieve this by installing malicious software on your computer or by using social engineering to convince you to hand over personal information or even the money itself.
Phishing – scams delivered via email
Vishing – scams delivered by phone
Smishing – scams delivered by SMS text messaging
How can you recognise a phishing phone call? (otherwise known as Vishing)
Phishing phone calls can be hard to spot; the caller will seem friendly, they will know your name and they may claim to work for a company you trust.
If you get a call from someone trying to sell you something you had not planned to buy, or someone claiming to know that you have been in an accident or that your computer has a virus say ‘no thanks’ and hang up.
If, after the call, you are unsure as to whether it was a scam or a legitimate call then you can phone the company that they are claiming to have called from. Always get the number from their website or from any marketing material that you know is legitimate. It is not difficult for scammers to mail out fake literature or to produce a fake website.
Things to look out for:
Language: Telemarketing scammers often use language intended to make you trust them – beware any callers that use the following:
- You’ve been specially selected (for this offer).
- You’ll get a free bonus if you buy our product.
- You’ve won one of five valuable prizes.
- You’ve won big money in a foreign lottery.
- This investment is low risk and provides a higher return than you can get anywhere else.
- You have to make up your mind right away.
- You trust me, right?
- You don’t need to check our company with anyone.
- We’ll just put the shipping and handling charges on your credit card.
https://www.consumer.ftc.gov/articles/0076-phone-scams
Requesting personal information: Scammers will often pretend to be from a bank or building society and will ask for information such as internet banking details, card details and account details. This information should never be requested over the phone.
What can you do if your company is used in a phishing scam?
You may find that your company has been used in a phishing scam and that your customers have received emails that appear that come from your company or even a specific member of staff. Unfortunately, as these emails are being sent from outside your company, there is nothing that can be done to stop this.
To minimise the risk to your customers if your company was ever to be mimicked by a phishing scam we recommend that:
- you brief all staff on phishing scams and what they need to do if a customer calls querying an email/ phone call that they have received
- you regularly remind your customers to be vigilant when checking emails
- you let customers know what you will and will not request from them via email or phone call
If you are made aware that your company is being used in a phishing scam then we would advise that you contact all customers immediately, by both email and phone if possible, to warn them of the scam and to suggest that they contact you if they receive an email that they suspect may not be legitimate.