Receiving annoying emails or text messages from unknown senders? They may seem harmless, but they can be a scam method cybercriminals use, known as phishing.
Phishing is a common but dangerous form of cybercrime that’s on the rise, with an estimated 3.4 billion phishing emails being sent on a daily basis trying to trick victims into sending personal information, banking details and more.
While some of these scam messages can be easy to spot, it’s getting harder to know the difference between what is a legitimate text message, email or social media post and what is a scam. Hackers are relying on mimicking popular brands and AI to quickly generate mass amounts of messages at scale, meaning one could slip through the cracks.
However, there are several ways to stop phishing attacks and to protect your private data from being stolen.
This guide will help explain what is phishing and how you can prevent getting scammed online.
- Antivirus on Windows PC not working? Follow these EASY steps to remove it!
- ‘Sextortion’ scams explained: What are they and how to avoid them
- Amazon scams: How to avoid these common tricks
What is Phishing?
Phishing is a form of cybercrime where attackers will trick unsuspecting victims into sending sensitive information or installing malware on their devices. It involves contacting victims via email, text message or telephone and posing as a legitimate company or individual seeking information to benefit the victim. Malicious actors will use social engineering techniques to convince unsuspecting victims they are real.
If you received an email that looks suspicious, you aren’t alone. Scammers often send millions of phishing emails, thousands at a time, to trick recipients, with malicious messages being sent to email addresses found through social profiles or via data breaches. These email scams are widespread, meaning attackers cast a wide net to see how much they can reel in.
Phishing attacks commonly use links in messages to dodgy websites or PDF attachments with malware to quickly gain unauthorised access to user accounts or steal valuable information.
With phishing scams on the rise, it’s best to use proper protection to fend off any suspicious messages you receive. This includes Windows 11 Enhanced Phishing Protection, but there are other tools you can use, too.
Common types of phishing attacks
Scammers use several phishing methods to steal information. Sometimes, it’s through email, while other times, it’s through phone calls or texts. Threat actors will also target specific individuals, knowing they can grab a bigger prize if the victim is successfully duped.
Here’s a better look at the most common phishing scams to look out for.
If you have an email address, you’ll likely have received unwanted phishing emails in your inbox. Phishing emails are the most common form of cybercrime, as scammers can easily send emails to millions of people to see if anyone bites.
These scam emails often involve the attackers using a fake email domain that looks similar to an official brand, dodgy links to fake websites and malicious attachments to download.
For example, the scammers may disguise the email as an official-looking message from Amazon. They will use the same brand imagery, language and common messages the company sends.
Look out for misspellings in the message, the email address and URL. In this case, if the URL doesn’t appear to be “Amazon.com” or “Amazon.co.uk” or country-specific, don’t trust it. Cybercriminals may use names that look like they come from Amazon, but they are often misspelt or include periods (“.”) in random points of the address. If it’s from Amazon, it should simply be “[email protected].”
Similar to emails, fraudsters will send fake SMS texts to catch people off guard on their phones. This is known as smishing.
These text messages often include a link to a fake website for customers to enter their login details. However, this allows the hacker to access their accounts instead. Never click on the link if you receive these types of messages.
These text messages often include a link to a fake website for customers to enter their login details. However, this allows the hacker to access their accounts instead. This could be for social media platforms or banks, allowing attackers full access. Never click on the link if you receive these types of messages.
Instead of using a form of text, vishing is when scammers use telephone calls to trick individuals.
Scam callers will pretend to be from retailers, banks or companies to make them sound official. They will often request a call to action to get private information. For example, they will say that you’ve won a prize but need your personal information, request your banking details due to your account being compromised or ask for private information as part of a survey.
As a rule of thumb, no company will request this information out of the blue over a phone call. Don’t give away any personal details to an unknown caller.
Spear phishing and whaling
Phishing can often be random, but spear phishing and whaling are emails or messages sent to specific targets.
Spear phishing is the act of targeting an individual the scammer already has information on. They will use information like the target’s name, job title, email address and more to make the victim think it’s a legitimate message.
For example, scammers will email employees a notice about the company, stating their name and information about their job. They will then request a sly way to be sent personal information or banking details.
Whaling takes this a step further by targeting individuals with senior roles in a company. Attackers will disguise themselves as a senior-level position at a company, like a CEO, and request employees to get something done. This could be a bank transfer or sensitive company information. Scammers take advantage of the hierarchy of positions in a company, with employees often responding to senior-level roles and following instructions.
As with all phishing tactics, always check for suspicious behaviour in emails, text messages and phone calls, and double-check the email address or URL to see if the message comes from an official source.
How to prevent phishing attacks
Follow the steps below to prevent any kind of phishing email or scam message.
Turn on Windows 11 Enhanced Phishing Protection
Windows 11’s Enhanced Phishing Protection can be found in the Windows Security app, and all you have to do is flip the switch. Find out how below:
1. In the taskbar, type in “reputation” in the search field.
2. Click on Reputation-based protection.
3. Under Phishing protection, click the switch to turn on Enhanced Phishing Protection.
4. Select other features you wish to turn on.
There you have it. As Microsoft notes, only the typed password used to sign into Windows 11 can be protected. Regardless, it’s worth turning on to keep your device safe, along with other accounts that may use a similar password.
Block phishing emails
Clicking on a scam email can evoke even more spam crowding your inbox. If you are aware of an email address consistently sending spam, you can block the email address in Gmail.
- Open Gmail on your device.
- In your inbox, check the box beside the spam email of the sender you wish to block.
- Click the three vertical dots located at the top bar of your inbox.
- Click Filter messages like these.
- In the pop-up window, select Create filter.
- Check the Delete it box and click Create filter.
When the email address tries to send you mail, it will automatically be deleted.
Block suspicious phone numbers
To stop receiving scam texts from random numbers, we have just the guides below.
Use scam detection tools
Cybersecurity solutions company Norton introduced Norton Genie, a free real-time AI-powered scam detector available for iPhone and PC, and it lets you know if texts, emails, websites and social media posts are a scam.
The new scam detection tool uses Norton cybersecurity data and AI that’s “trained on millions of scam messages” to identify scam messages, emails, links or posts received online. It aims to make it easier for users to spot scams, phishing attacks and fake websites.
Norton Genie is currently available in New Zealand, Australia, Ireland and the United States and can be downloaded on the Apple App Store or through Norton’s official website. Currently, it is compatible with iOS 14.0 or greater, Chrome, Safari, Microsoft Edge and Firefox.
Use antivirus software to stop phishing
The best antivirus software will stop phishing in its tracks. Many high-standard AV protection offers near-perfect scores when detecting and protecting against malware, meaning even complex malicious software can’t go unnoticed in messages or emails.
Messages from scammers can contain harmful links or attachments filled with malware, which you never want on your device. The good news is you can let one of the best antivirus software services do all the legwork for you, as they have security and privacy features to protect your accounts.
Services such as Avast One, Bitdefender, Norton 360 and more have protection tools that block malicious email addresses, links and attachments. To make sure scams block malware damaging your device or keep you safe from threat actors hacking your phone through texting and more, set yourself up with an antivirus.
- Norton 360 review: Optimal security
- Avast One review: Strong antivirus for free!
- Bitdefender review: All-in-one premium security
Best antivirus for phishing
You can find out the best antivirus software below.
Best overall antivirus
Bitdefender takes the spot as best antivirus, and for good reason. It’s not enough that it boasts near-perfect lab test scores across the board, as it goes the extra mile by giving users access to a plethora of advanced security features.
Bitdefender goes above and beyond in the features department, all while keeping known malware, ransomware, and viruses at bay. It will defend your device against new attacks, provide security for online transactions, keep you safe with a reliable VPN, and protect your accounts with a password manager.
It’s a no-brainer when it comes to defending your devices against virtually any form of cyberattack, and its top-notch protection extends to its most affordable package, too. Protecting your PC and smartphone, from Windows and macOS to iOS and Android, is becoming even more necessary, and Bitdefender is the tricked-out shield you need.
See our full Bitdefender review
Best free antivirus
With Avast One, you can protect your device from viruses, malware and ransomware for free. That’s right, and you don’t have to pay a dime for the extra security features the antivirus throws in, including its VPN, firewall and more.
Avast One will safeguard your device from malware, comes with ransomware protection, blocks harmful websites and downloads from the web, scans your emails for malicious attachments, stops hackers from infiltrating your device through Wi-Fi with a firewall – the list goes on. That’s a lot of tools for software that’s free, and the included VPN and the ability to speed up your PC are a welcome bonus.
It’s the ideal antivirus software for home use, as it takes the hassle out of staying wary of cyber threats lurking around, even if you’re not a tech whizz. What’s more, if you are looking for added precautions, its paid Individual and Family packages still boast great value. Hard to go wrong with this best antivirus.
See our full Avast One review
Best antivirus for families
“Norton” and “antivirus” are synonymous these days, as the well-established cybersecurity brand has successfully fought against malware, viruses and nasty software threats since 1990.
Norton 360 offers excellent antivirus protection and extra features that make for a valuable, all-in-one security product. Its Norton 360 Deluxe and Premium package may cost a pretty penny. Still, with security across multiple platforms, a full-blown VPN, Dark Web Monitoring, Parental Controls and more, it will have a household free of cyber threats.
Norton’s certainty of its antivirus software’s capabilities is clearly defined by the brand’s 100% Virus Protection Promise. If a device protected by Norton 360 can’t get rid of a virus, the user receives their money back. It’s a big claim, but unquestionably, no one should expect to get that refund.
If you have the money for it, you can also check out the premium Norton 360 Platinum package for even more online protection, including from identity theft. Without a doubt one of the best antivirus to get.
See our full Norton 360 review
Another best antivirus for free
You can never go wrong with free antivirus protection, but some deliver even better detection and protection rates, along with extra security features, without costing a dime. This is where AVG antivirus shines.
AVG provides reliable protection and only a small impact on performance for Windows, Mac, iOS and Android. It safeguards your devices against malware, viruses and zero-day exploits, along with blocking malicious links and attachments in emails. Throw in phishing protection when surfing the internet and extra security features such as its SafePrice browser extension and Network Inspector, and you’ve got yourself a do-it-all antivirus.
Sure, you can find all of these perks with Avast, but if you like a slick, darker user interface that’s easy to navigate, then AVG is for you.
See our full AVG Antivirus review
Best antivirus for Windows PC
Hundreds of malware emerge every minute, and it’s Malwarebytes’ mission to detect and conquer them all. Does the antivirus do this successfully? Yes, but there’s wiggle room for improvements.
Malwarebytes’ no-nonsense approach to protecting your devices from the onslaught of malware and viruses is effective for those who need a reliable antivirus that will detect and remove malicious software, especially with its free version. However, while its premium service provides 24/7 real-time detection, conveniently blocks vicious ransomware and shields users from malicious websites, it doesn’t go beyond on the feature front.
That’s no bad thing, as sometimes a user only needs a powerful antivirus to keep them safe from cyber threats. But considering its competitors add a few more security tools, such as data breach monitoring and a firewall, there’s room for improvement.
See our full Malwarebytes review