Blog

Phishing

Phishing is a tactic used by criminals to trick individuals into opening harmful links, emails, or attachments that may request personal information or infect devices. These messages, often appearing as emails, texts, social media messages, or phone calls, are designed to look like they come from trusted sources to encourage a response.

A Cautionary Tale: Meet Omar

Omar is a busy professional who juggles work, gym, and family time, often shopping online.
One day, Omar received an email that looked like it came from an online order. The email said his payment didn’t go through, and he needed to log into his account to approve the payment method. The email inserted a shortcut link to a website that looked like the vendor’s and insisted he sign into his account immediately.
In a hurry, Omar didn’t notice the red flags, such as the email address not matching the vendor’s domain. After logging into the fake site, hackers stole his credentials and made unauthorized purchases.

Luckily, Omar was able to eventually recover most of his financial losses, although it took many hours on the phone with his bank and the retailer to figure it out.

Now, he carefully examines urgent messages and directly types retailer URLs, allowing him to shop online with greater peace of mind.

Stay safe with Three Simple Tips

1. Recognise

Look for common signs:

  • Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately
  • Requests to send personal and financial information
  • Untrusted shortened URLs
  • Incorrect email addresses or links, like amazan.com

A common sign used to be poor grammar or misspellings although in the era of artificial intelligence (AI) some emails will now have perfect grammar and spelling, so look out for the other signs.

2. Resist

If you suspect phishing, resist the temptation to click on links or attachments that seem too good to be true and may be trying to access your personal information. Instead, report the phish to protect yourself and others. Typically, you’ll find options to report near the person’s email address or username. You can also report via the “report spam” button in the toolbar or settings.

3. Delete

Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link. Just delete.

Review our tips sheet

­

Conclusion

If a message seems suspicious, it’s likely a phishing attempt. Instead of clicking links or calling numbers in the message, verify its legitimacy by contacting the company or person directly. Visit the company’s official website to find their contact information, or you get a strange message from your friend on Facebook for example, text or call them to ask if they sent the message.

Recommended For You

Blog Why Saving Passwords in Your Browser Isn’t Always Safe

Why Saving Passwords in Your Browser Isn’t Always Safe

Metisware
MetiswareOctober 23, 2025
Blog Why Your Phone Needs Updates

Why Your Phone Needs Updates

Metisware
MetiswareOctober 21, 2025
Blog How Long Is Long Enough? The Truth About Passwords

How Long Is Long Enough? The Truth About Passwords

Metisware
MetiswareOctober 10, 2025
Share