Phishing, Vishing and Smishing

Phishing

Phishing is a fraudulent email, engineered to make you share personal information. It is usually designed to look like a legitimate email sent from your financial institution. It will prompt you to click a link and enter your personal information so that criminals can steal it. Scammers will take great care to make both the email and fake website look like that of your bank or financial institution.

How can you protect yourself?

Maintain a healthy level of scepticism. Usually, with these types of emails, you can spot if something seems a little “off” – the language, images or design elements that differ slightly from the regular communications you receive from the institution.

The biggest red flag to look out for is the sender’s email address and the URL that the quick links try to divert you to. Never click hotlinks in an email that looks suspicious – instead type in your financial institution’s URL. Most importantly, always verify if the request for information is legitimate by phoning Old Mutual or your financial advisor.

Smishing

Smishing is a similar tactic to phishing but occurs via SMS. Fraudsters will send SMS messages claiming that your account has been compromised, or that there has been unusual account activity, or something similarly alarming. They will prompt you to click a link to address the matter, which in turn will take you to a fake website where you will be asked to share your personal information or account details.

How can you protect yourself?

Never click a link or icon in an unsolicited SMS. No reputable institutions will use SMS messaging to ask you for personal or account information. If you are worried that there is a problem or breach on your account, rather phone the institution and speak to them directly. Use the telephone numbers on their verified websites – not a number  in the SMS.

Vishing

As with phishing and smishing, vishing is an attempt to steal your personal information. It occurs via a phone call. Criminals will call you pretending to be an agent of your financial institution. They are usually very well-spoken and experts in manipulating people to give up their personal information.

How can you protect yourself?

  • Take note that criminals can mask a phone number to seem legitimate – even if the name of your bank is stated on the screen, it might still be a vishing scam.
  • Never share any personal information over the phone. No matter how convincing the person is, no bank or financial institution will ever ask you to share personal information like PINs or account details over the phone. Never.
  • If you receive a One Time Pin (OTP) on your cellphone without having made a transaction, contact the institution immediately to alert them.