Spot Phishing and Identity Scams.

Every week, every day, you’ll hear about someone falling prey to an online scam, or someone shouting on Facebook ‘I’ve been hacked’. While this isn’t always necessarily quite the truth of what has happened, we’ve put together some tips to help keep you safe online.

Some of us are more experienced at spotting these online scams, however, if something seems too good to be true, it’s probably not true. A sad truth.

Personal Information

First things first, don’t give any personal information out to anyone you don’t know, keep all of your personal information personal, as it should be. In fact, some scams use cloned information to get these details from you. A personal Facebook account, for example, cloning a business page you follow and telling you you’ve won a competition, is probably misleading you – many of us will be drawn in by this and send over our details. However, businesses should only ever be setup as pages. They should never be sending you a friend request.

A friend you already have, sending you a second friend request on Instagram, happens all the time. Check with them before you indiscriminately give access to all of your personal details. Malicious software and hackers will use details found on social media profiles to answer security questions, password reset questions for example. Keep those privacy settings high and don’t accept every friend request…


Phishing scams aren’t always easy to spot. They use fraudulent or misleading emails and websites to trick users into giving up account or login details, sometimes even in SMS form via text message. It’s easy for those who are knowledgeable to say ‘don’t open email from people you don’t know’ or ‘check a website before clicking a link’, but what do we mean.

Often a phishing email will be poorly spelt, or offer a prize far too good to be true. These are clear signs. No business, bank or account will ever ask for your password via email or text, always ask for a contact number and call them back if unsure.

How to spot a phishing URL, when appearing to be sent from your bank, but not really from your bank:

1. This is a sub-domain and could feature anything, in this case a bank, set to mislead you.
2. This is actually the website you’re being directed to, bbm.co.uk for this example, but could be anywhere.
3. Always ensure there is an ‘s’ here! s for secure.

Always report these types of phishing scam to the company, bank, or person being impersonated.

Anything Else?

Keep all of your computers, phones and other devices up to date with the latest software. Apps are always adding security updates too.

Use strong passwords, avoiding surnames and birthdays!