Recognising and Analysing Suspicious Messages (User Guidance)

Your awareness is a key part of the security chain. Knowing how to spot a fraudulent message can protect you and your customers. Here are common signs of phishing (email) and smishing (SMS).

General Principles of Verification:

  • Be Skeptical: Always treat unsolicited messages that ask for action or information with caution.

  • Don't Rush: Attackers often create a false sense of urgency. Take a moment to think before you click.

  • Verify the Sender: If a message claims to be from a known company, try to verify it through an official channel (e.g., by visiting their website directly, not by using links in the message).

Common Signs of Smishing (SMS Phishing):

  • Urgent Alerts: Messages about a supposed package delivery issue, a problem with an account, or a prize you've won.

  • Suspicious Links: Often use generic URL shorteners (like bit.ly) to hide the true destination.

  • Requests for Personal Information: Legitimate companies will rarely ask for your password, credit card number, or other sensitive data via SMS.

  • Impersonation: Pretending to be a government agency, a bank, or a well-known delivery company.

Last updated