Tip – report phishing, vishing and smishing

This is the twelfth in a series of 12 tips to help you improve your online safety.

We’ve seen the inexorable rise of phishing over the years – usually to get you to click a link which either downloads malware, or prompts you to put in personal details into a website. A successful variation in 2017 was to hijack the invitation links to edit a Google Document

What are vishing and smishing? They describe “Voice phishing” and “SMs phishing”:

A recent report covered a new scam which combines both – targeting young people by sending them a text with a fake phone number in and defrauding them out of student loan money.

What can I do?

  • Don’t assume anyone who’s sent you an email or text message – or has called your phone or left you a voicemail message – is who they say they are.
  • If your bank’s fraud line calls you, insist on calling them back on a number from their website. If the number isn’t on their website, consider taking the approach of Ben Goldacre and write a blog or tweet about how banks train their customers to be bad at security. 
  • In the UK, report it to Action Fraud