What Is Phishing?

security
Written By jonathan hanna

How to spot fake emails, texts, and calls.

You get an email from your bank. Something about suspicious activity. There's a link to verify your account.

You click it. Enter your details. Done.

Except it wasn't your bank. It was a scammer. And now they have your login.

That's phishing.

Phishing is when someone pretends to be a trusted organisation to trick you into giving them your information.

It's not just emails

Phishing comes in many forms:

Type How it works
Email phishing Fake email with a link to a fake website
Smishing Same thing, but via text message (SMS)
Vishing Scam phone calls pretending to be your bank, HMRC, etc.
Social engineering Manipulating you psychologically to hand over info

How to spot phishing

1. Check the sender's email address

Looks like it's from Amazon? Check the actual address. Scammers use things like:

  • amazon-support@gmail.com (not real)
  • service@amaz0n.com (zero instead of 'o')
  • no-reply@amazon.billing-secure.com (fake domain)

2. Look for urgency

Phishing messages want you to act fast — before you think.

  • "Your account will be suspended in 24 hours"
  • "Unusual activity detected — act now"
  • "You've won! Claim within 1 hour"

3. Hover over links (don't click)

On a computer, hover your mouse over a link. The real URL shows at the bottom of your browser. If it doesn't match — don't click.

4. Watch for bad spelling and grammar

Real companies proofread. Scammers often don't.

5. They ask for sensitive info

Your bank will never ask for your full password, PIN, or card details by email or text. Ever.

What to do if you're not sure

  1. Don't click the link.
  2. Go to the website directly. Type the address yourself or use the official app.
  3. Call them. Use the number on their official website, not the one in the message.

What if you already clicked?

Don't panic. Act quickly:

  1. Change your password immediately (on the real website)
  2. If you entered payment details, call your bank
  3. Report it to Action Fraud (actionfraud.police.uk)
  4. Forward phishing emails to report@phishing.gov.uk

Remember: Scammers are good at what they do. Falling for phishing doesn't mean you're stupid. It means you're human.

The trick is slowing down. If something feels urgent or too good to be true — pause.

Want help checking if something is a scam?

Get in touch
jonathan hanna
Previous

Your iPhone Needs This Update
Next

What Does the Generation Before Know?