Gone Phishing: How to Avoid the Trap

Reviewed by users:
Tips to Avoid Phishing

The unfortunate reality is that digital transaction fraud in South Africa has risen by 187% in 2021 compared to the end of 2020. With more people frequently relying on mobile banking and online shopping, it opened up opportunities for scamsters to take advantage of unsuspecting victims. 

In particular, the South African digital retail space is fast becoming one of the globe’s digital and transactional fraud centres. A combination of high internet penetration and an institutionalised trust in personal email communications, accompanied by relatively unsophisticated digital safety measures, has specifically seen a sharp local increase in phishing and fraud attempts.

So, to help you avoid falling into the phishing trap, we break down some of the top tips to help you stay alert. 

What is Phishing?

Phishing is a method of gaining access to your personal details, including your date of birth, bank account details, etc., for a scam. The more sophisticated a phisher or scammer is, the less information they need to compromise your security. Therefore, in this age of social sharing, you must be super-cognizant of what you post on your social media or public digital spaces.

Remember, your contact details and birthday or identity number are often all that many companies need to accept a scammer’s word that they are, in fact, you.

How to Avoid Falling Into The Phishing Trap

While the risk is very real for the uninitiated, don’t despair, Hellopeter’s got your back! Check out our handy guide and learn how to avoid the phishing trap.

⚠️ Tip 1: Avoid Posts and Links Promising Freebies

As grandad used to say: ‘there’s no such thing as a free lunch.’ Well, it turns out the old man was right! When people think of scams, they often envisage ‘once-off’ rip-offs or anonymous individuals playing fast and loose with the law.

However, some of the most successful scams are syndicated and often play out over time or require the victim to actively cooperate with the scammers.

⚠️ Tip 2: Avoid Random and Unsolicited Links

Phishing scammers often send out unsolicited emails with enticing links or offers. Once victims click on the links or fill in the requested data, the scammer can easily access your personal details and network.

Remember that these scam links or websites often look legitimate, as scammers will go to great lengths to gain your trust. If you receive a ‘too-good-to-be-true’ offer that requires you to click through or fill in your details, our advice would be to triple-check the validity of the communication.

When you enter any online giveaways, ensure that the person you’re dealing with is reaching out from the original account. A common new phishing trap is creating new fake ‘look-alike’ profiles and messaging you to say that you won.

⚠️ Tip 3: Know the difference between *http* and *https*

For the purposes of this discussion, the main difference between *http://* and *https://* is all about security.

*HTTP* stands for *HyperText Transfer Protocol*.

*HTTPS stands for *HyperText Transfer Protocol Secure with the *S* standing for *”Secure”*.

Suppose you visit an *http://* website or web page. In that case, the website is talking to your browser using regular ‘unsecured’ language and protocols, making it far easier for a scammer to “eavesdrop” on your computer or smartphone’s traffic with the website in question.

While regular *http://* browsing is sometimes not a major issue, remember to never enter your credit card or personal information on an unsecured platform, follow any of their outbound links or click ‘Agree’ to anything you are not completely sure about.

So, to sum it up. If a website ever asks for your credit card or personal information or promises a ‘Free Gift’, make sure you check that the web address begins with https://*.

⚠️ Tip 4: Identifying domain names

When browsing online, check that the website’s name indicates it is secure. To do so, first look for the domain extension. For example, “.com” or “.org” or “.co” or “.in” or “.net”. etc.

The business name just before the “.com” or “.org” is the website’s domain name and connotes ownership of the site.

Example #1: http://amazon.diwali-festivals.com: The word before *.com* is *diwali-festivals* (and NOT *amazon*).

So, this webpage does not belong to *amazon.com* but rather belongs to *diwali-festivals.com*, which some of us may not be so fast to trust.

Example #2: *Something.Ecobank.com* would belong to Ecobank, as Ecobank comes before the domain extension.

 *Ecobank.something.com* would belong to “something” as “something” comes before the domain extension.

Whether good or bad, we’ve got your back, Mzansi!

Avoid The Phishing Trap

Do your research and review your experiences on hellopeter.com today!

Rate this article: