What is phishing

Phishing is a form of fraud which is aimed at gaining access to your account and/or sensitive information.


Phishing usually involves phony emails or direct messages on social networks asking you to visit a link, download a file or open an attachment.

If you take any of these actions, it may result in infecting your device with malicious software that an attacker will use to steal your personal data like login credentials, bank account information, credit card numbers, etc.

You can protect yourself against phishing by carefully reading every message that hits your inbox and refraining from any actions you are asked for if you notice signs of phishing.

Keep your firewall and security software up to date

Make sure your firewall and antivirus software are updated regularly and working properly. Although it can’t guarantee complete protection, updated security software and firewall protection is the first line of defence.

Make sure your connection to a website is secure

When you open a website where you can be asked to provide a username and password or any other sensitive information, make sure that the website is using a secure HTTPS connection. Your browser will indicate an HTTPS connection with a green lock icon that is displayed before the URL.

Be extremely careful when clicking on links you receive via email

If you’re about to click on a link inside of an email, you have to be absolutely certain who the email is coming from. In case you want to test the link, you can open a new browser window in incognito mode and type in the URL instead of clicking on the suspicious link.

Beware of email attachments

Don’t interact with attachments, unless you are expecting them and know what they contain. They might infect your system with viruses and malware that can damage the files on your computer, steal your passwords or spy on you without your knowledge.

Clear up your concerns using the alternative methods of communication

You can resolve your concerns about a suspicious message by talking to someone at the organization that has probably sent it. In this case you’d rather use a phone number you have on file or that appears on multiple reputable online sources, than the contact details from the email.