Be a Smart Online Shopper (Phishing)

Phishing is a method of stealing your financial or confidential information though the Internet such as username, password and credit card details. It is usually carried out through email or instant messaging, by pretending to be someone trustworthy such as a financial institution or other organization.

An example of phishing is when you receive an email or text message from an unknown sender who claims to be from your bank. The message might ask you to click on a link in order to change your online banking password on their new system.

How can I tell whether a website or message is a Phishing attempt?

• They use standard greetings such as “Dear user”
• They usually contain bad spelling and grammar
• They use fake Hover over a link or tap and hold it on a mobile device to see its destination. If the link doesn’t look like a legitimate website, don’t click on it.
• The logo or page design is wrong, out of date or out of p
• They threaten to close your account if you do not reset your
• They request for financial or personal in

How can I avoid falling victim to Phishing?

• Delete email and text messages that ask you to provide personal information such as credit card or bank account numbers or pass Legitimate companies will not ask for this information via email or text.
• Do not reply, and do not click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information so a scammer can commit crimes in your
• If you are worried about your account or need to contact an organization you do business with, call the number on your financial statements or on the back of your credit

This article is part of a series for a campaign run by Brunei Computer Emergency Response Team (BruCERT) which is a team under ITPSS. For more info, do check out their website.