What is Phishing Attack and How You Can Protect Yourself

If you have been reading the news lately, you must have known that there are increases in phishing attacks these days, and it could be a bit scary. (Remember those old emails from the “Prince of Nigeria” and that he’s looking for an heir? Those types of people are still at it). According to Kaspersky Labs, Australia is now the most targeted country for phishing attacks so all of us should be more vigilant. This post aims to help you recognize them and what you can do to prevent these scammers ripping you off and putting you in debt.


What is Phishing

Phishing is when an unknown scammer attempts to get your personal information like name, age, birthday, credit card number, access to online payment sites like Paypal, username and passwords. Then they use that information to gain access and steal money and charge unwanted goods and services.


How they do it

Even if people already know logically that they shouldn’t give their personal information, these scammers still manage to get the information out because they are so skilled at doing it they just sound so believable. If you see these methods, run away fast (or put down that phone or delete that email).


Usually, these scammers pretend to be from a bank, internet service provider, credit card provider, telephone, and others.


Take note of the following phishing styles:


  1. They will contact you (or your family) either using a phone, social media or text message.

What they will tell you as an excuse:

  • There are bank errors and you need to verify your account
  • There are technical difficulties
  • Someone ordered an item and charged to your credit card, so you will need to confirm your bank or credit card details. This method seems to be the most convincing for many people, as they don’t want unknown charges on their card.
  • Sometimes, they already have your credit card number so they will ask you to confirm by asking you to tell them the codes sent on your phone. Then they will be able to access your details and your account.
  • You have won something and you need to give out some details in order for you to claim your prize.
  • They will threaten the child that they will tell their parents what they are doing online unless they give the information they want.
  • They say you have an unpaid credit card balance and you have to settle.


What can you do:

  • If you get these calls, ask them to give you a name and contact number, then check online if the number is legit. (However, be careful and do not trust them yet even if they seemingly gave you the legit number, because they can exploit the algorithms to make it seem that the number they gave you is legit.)  They will try to gain your trust, but don’t let that sway you. Get off the phone fast.
  • Do not answer calls from unknown number. If it’s legit they will likely leave you a message on voicemail.
  • Always verify the numbers they give you. There are scammers who would register their number close to the legitimate number. For example, the legit number is XXXX1234, they will register it as XXXX1243.
  • These people will likely get mad and threaten you, but do not cave in.
  • Focus and be alert. Sometimes they get to call you when you are busy like when you are with your friends, you are drinking or you’re on a party. When that happens, do not answer calls from unknown numbers.  
  • Let your children know how to be careful with scammers because they can also contact kids and threaten them.  
  • Make sure your phone have passcodes, especially if you are the type to have note apps and you put your login information there. Install note apps with passcode as well as double protection, or better yet, do not save your sensitive information on your phone. So in case, your phone gets stolen, you have enough time to call your banks before they can bypass all your passcodes.  
  • In case you won a prize, call that company instead if you really did join a contest. If not and you were randomly picked out of nowhere, then it’s most likely a scam.
  • If you were asked to join a contest, do not give out your address, birthday and other important information. Or better yet, ignore.
  • If you have been victimized, call your card or bank immediately to let them know that you’ve been scammed.


  1.  They will contact you through emails. Their phishing messages look as real as the official ones you get from the banks or online payment sites like Paypal and Amazon. They have the same format, branding, logo, even font, like the one below from “Paypal”.

If you happen to click on something like this, they will take you to a fake website that looks like a real deal. If you give in and type all your information on the fake website, they will use that information to use your credit cards and steal money.

An old-school style:

They will email you and say you have inherited a huge amount of money and you just need to give them some details so they can wire you your inheritance before they “die”, signed by a “lawyer”.


What can you do:

  • Take note of the email address. For example for the Paypal image above, it came from the address “ppl-sup@ga.wmq”, when the official email has “@paypal.com” at the end. If you see a weird discrepancy, delete that email.
  • If you already happened to click that email, take note of the site address. For example, if your bank’s site is “westpac.com.au”, the fake site can be “westpak.com.au”. So be careful of misspellings and weird names.
  • Search online using the names and exact wording used in the email. You might already see posts that this is a scam.
  • Sites that ask for personal information are usually secure. Take a look if they used “https://” and NOT “HTTP”.
  • Ignore those emails, especially if they say you have an inheritance from someone you don’t know from a country you’ve never been (or never heard).
  • If you have entered your details already, immediately contact your bank or credit card provider.


  1. Others are more “techie”. You happen to visit a fake site without your knowledge and then your computer got infected with malware. This usually happens when you watch or download stuffs online and together with your download, you also get malware and viruses for free.


What can you do:

  • Install an antivirus
  • Do not download from sites that look like scam itself. They are usually poorly designed sites that have a lot of “Download” buttons. (Those fake buttons that direct you to other sites). You also have to be careful with torrent sites.
  • Update your Windows or Mac systems


  1. Phishing can also target businesses, like hotels. They will contact you to ask for your information (pretending the hotel needs you to rebook or something) and they will appear legitimate because they seem knowledgeable enough about the business they are targeting.

What can you do:

  • Do not give any information
  • Get their contact information and tell them you will contact the business yourself to verify.


So there are our top tips on how you can get yourself protected from the phishing attack. Stay alert and let your family know what to do too in case they get these kinds of calls.


If you have been a victim and you need help, you can visit this page for more information. Don’t forget to share this post with your friends and family to increase awareness.