Tip - report phishing, vishing and smishing

Tip 12 from 12 tips of Christmas

This is the twelfth in a series of 12 tips to help you improve your online safety. We’ve seen the inexorable rise of phishing over the years - usually to get you to click a link which either downloads malware, or prompts you to put in personal details into a website. A successful variation in 2017 was to hijack the invitation links to edit a Google Document What are vishing and smishing? They describe “Voice phishing” and “SMs phishing”: A recent report covered a new scam which combines both - targeting young people by sending them a text with a fake phone number in and defrauding them out of student loan money.

What can I do?

  • Don’t assume anyone who’s sent you an email or text message – or has called your phone or left you a voicemail message – is who they say they are.
  • If your bank’s fraud line calls you, insist on calling them back on a number from their website. If the number isn’t on their website, consider taking the approach of Ben Goldacre and write a blog or tweet about how banks train their customers to be bad at security. 
  • In the UK, report it to Action Fraud

Notes

This article was originally published on the Online Safety Alliance