Print Friendly, PDF & Email

Even with the incredible advancements in technology, phishing scams are still very prevalent. It is estimated that in any week there are several new phishing attacks launched on Australian internet users. Therefore, knowing how to identify a phishing attack and how to best respond to an attack is imperative to protect your personal or financial information.
A phishing attack typically has two stages:

  1. The attacker will send a spam email to thousands of email accounts pretending to be from a legitimate organisation, such as a financial institution or government agency, often requesting information or encouraging the victim to click through to a website; and
  2. Once in the phishing website, victims are encouraged to input their confidential details such as usernames and password or personal information. Once the victim enters this information their details are captured by the attacker.

What to look for to identify a phishing scam:

  • Poor spelling and grammar
  • Threats within the email for example threatening your account will be blocked if you do not take action.
  • The domain name in the 'from' field may not be consistent with the domain name for the organisation they are impersonating. It may be close but not identical, so keep your eyes peeled.
  • If you do click on the link, the URL and web domain often will not reflect the name of the legitimate organisation.
  • Beware of email directing you to websites to enter personal information.
  • When logging into a legitimate secure site it usually appears with "https" in the address bar. Often phishing emails will only have 'http" in the address bar.
  • Financial institutions and government agencies never request account information to be entered electronically so if you receive a request to do so, be very suspicious. 

What to do if you receive a phishing email:

  • If you suspect you have received a phishing email, avoid clicking on any of the links and delete immediately.
  • If you are unsure, contact the legitimate organisation and question if they do actually require the information requested.


Please contact your Hanrick Curran Adviser on 07 3218 3900 for a second opinion if you receive a 'phishy' email but are concerned about consequences of non-action on the chance it is legitimate.