Don't Get Scammed - Identifying Phishing Emails

Written 21/05/2009 by Heather Biggs

This article explains what phishing emails are and how to identify them, to ensure you do not get your money stolen.

Introduction

Recently I started receiving a number of emails from the Commonwealth Bank asking me for my information. It was very easy for me to identify this as a phishing email as I am not a Commonwealth Bank customer. But what if I was? Would it have been so easy for me to know it was a scam? I decided to do some research on these types of emails and write an article to help others identify them and avoid getting scammed.

What is a Phishing Email?

Phishing emails are designed to fool you into logging on to a fake website where they can steal your:

  • Credit Card Details
  • Usernames and Passwords
  • PIN numbers

They appear to be from legitimate companies who you trust, such as Financial Institutions, eBay, PayPal or Amazon. The e-mail directs you to visit a website where you are asked to update personal information such as passwords , credit card and bank account numbers, that the legitimate organization already has. The website will usually look very authentic, however, it is fraudulent and set up only to steal your information.

Example of a Phishing Email

Example of a Phishing Email

Identifying a Phishing Email

In the previous example there are a number of things that give away that it is a fake.

  1. They do not say my name. It is addressed to Dear Commonwealth Bank client. If this was truly from the Commonwealth Bank it would say Dear Heather.
  2. The grammar and typos. If you look closely there are a couple of errors that you would not expect to find in an email from such a respected organization. They rely on the fact that most of us don’t read these emails in depth but rather skim over and don’t notice these errors.
  3. You should always check the link that the email is sending you to. You can do this by hovering your mouse over the link without clicking on it. The image below shows the link for the email that I received. Although it has www.commonwealth.com.au in the link it is the first part of the link that is important. So the website we are being directed to is www.fmslnj.com which is definitely not the Commonwealth Bank.

Example of a Phishing Email

Conclusion

If you have your email address on your website, unfortunately you will receive more of these phishing emails. So make sure you stay vigilant and use the techniques above to determine if you are being scammed.

Back to Articles page