In the insurance industry, email is one of our primary business communication methods. It’s also one of the easiest methods to get tricked into giving out private or confidential information (sometimes called “phishing”).
A few ways to spot a phishing scam
Our CBN IT team has put together a few helpful reminders about how you can spot a phishing scam:
- The email has improper spelling or grammar – this is one of the most common signs that an email isn’t legitimate. Sometimes the mistake is easy to spot such as “Dear eBay Costumer” instead of “Dear eBay Customer.”
- The hyperlinked URL is different from the one shown – the link may say www.anz.com but when you hover your mouse over the link (but don’t click it, it could be www.anz.co.us (which is not a legitimate website).
- The email urges you to take immediate action – often a phishing email tries to trick you into clicking a link by claiming that your account has been closed or put on hold, you have received a speeding infringement, or you have an overdue bill. Before you click think, have I conducted business with that company before? Am I expecting to receive a bill from AGL when I use Kleenheat or another provider? Have you travelled to that location in the case of a speeding infringement? (in most Australian states and territories you will receive these in the mail, or a police officer will give you one by hand).
- Check the senders name – if you receive an email or even an instant message from someone you don’t know directing you to sign into a website, be wary, (best case is to delete the email, or report it to your IT department). You should also double-check the “From” address of any suspicious email; some scammers use an email address that is similar to, but not the same as a company’s official email address.
- You get an email asking you to transfer funds – often scammers will try to trick you into performing a “wire transfer.” In Australia we rarely ever call them wire transfers, usually we call them EFTs.
- You get an email with an attachment that is in a zip file – often scammers, will try to hide malicious attachments inside zip files, the size of the attachment is actually quite small, about 1.5 megabytes. The attachment will look legitimate, e.g. the icon may have the Microsoft Word document icon, but the file extension is .doc.exe. If you aren’t sure that the email is legitimate, pick up the phone and call the person who sent it.
The following websites provide further information on types of scams:
Have questions about insurance or risk mitigation? Contact us.