Phishing is a fraudulent act whereby an email is sent to a person in the hope to obtain their personal or financial information. This includes passwords, card or bank account details and these details are normally obtained from a link included within the email to a bogus website where the person can then enter their personal details.
Online banking fraud in general hit an all time high in 2009 – with £59.7 million worth of losses – compared to 2004’s losses of £12.2 million this was a sharp increase. This figure has thankfully decreased since the 2009 high – with 2013 seeing losses from online banking fraud at £40.9 million.
Phishing emails received by millions of people a year can sometimes appear to be genuine – the old hat Nigerian business man wanting your help and the Spanish lottery that you have won scam emails have died out over the years but have been replaced with more sophisticated real-looking emails. One of the biggest organisations in the UK which is used in phishing emails is the HMRC, along with the major banks.
37.3 million people in the UK receive phishing emails a year – a number which has slowly risen. Within 2012 there were over 250,000 phishing websites targeting UK banks – a figure which decreased to just over 26,000 in 2013.
Phishing emails are normally sent out at random – all containing a link to a fake site, whereby you are told of an urgent reason as to why you need to enter your details. Any information that is entered onto the bogus website or form will be given to the criminals who will use it for fraudulent purposes.
If we look at the global phishing problem we know that in the world the USA is targeted the most with phishing emails, followed by the UK, Germany, India and South Africa.
There are a number of initiatives that have been put in place to combat phishing – the internet is monitored at industry and bank level to help detect and close down malware and phishing websites. If you suspect you have been sent a phishing email you should not respond or click on any links contained within the email and you should delete the email.
In some email browsers you can report emails as ‘phishing’ at the click of the button – or if the email has come from a specific bank you should be able to find a dedicated email address to send the email too. If you are in any doubt over the legibility of any communication make sure you speak to the organisation directly to establish if it was a true communication.