How can I avoid a (holiday) phishing scam?

Published: 27 July, 2022

Summer holiday season is upon us…but be warned as scammers use this time of year to take advantage. In this article we will be providing tips on how to prevent this from happening.

Cyber criminals are increasingly on the looking out for new opportunities to take advantage of unsuspecting victims, with phishing attacks a go to for many. With holidaymakers often receiving multiple forms of correspondence from providers, hackers are ready to trick unsuspecting victims, utilising emails, text messages and phone calls.

How does phishing work?

Phishing is the art of deception. Posing as a company or individual, criminals will contact consumers with the aim of tricking them into giving away sensitive information.

From encouraging the victim to put in personal details into a fake website to clicking links which download malware onto a device, these attacks are becoming increasingly common, and more realistic. But the good news is that there are ways to spot the scams.

Five Top Tips to Fishing out a phisher

1. Beware the sender

Holiday companies (as well as other legitimate companies) will send emails or texts with their official email/contact details, so make sure to check it is from an official location or website before engaging and if in doubt get in touch directly with the organisation.

2. Message inconsistencies

Often scam messages are rushed, and have poor attention to detail, so watch out for spelling and inconsistencies in the actual message itself.

3. Anything demanding urgent action

Be extra aware of any messages that say you MUST click a link or say URGENT ACTION REQUIRED. Scammers will always add a sense of urgency to their message, but you should never feel pressured into an immediate response. Take your time and double check everything.

4. Does it sound too good to be true

If you get an email, text or even now adverts on websites that seem as though they are too good to be true, be aware of it. A way to avoid this is to look at who is providing the holiday and go directly to their website instead of clicking the link. Also, look at if they are a trusted website or a well-known holiday provider and check if the website is secure – you should see a padlock in the URL address. Always block any sender that you find suspicious.

5. Includes lots of links or unknown attachments

If the message that you receive from your holiday provider has random attachments and lots of links, act with caution. One thing to do is to hover your cursor over the links on the emails as they will show the website that it will take you to, without having to actually click. If it doesn’t seem like a link that is familiar or it is a link that has lots of random numbers and letters in the link, it could well be a scam, therefore do not click it.

Most email and phone providers now automatically filter out spam messages, however, some still manage to get through. One of the best things you can do to help avoid being the victim of a phishing scam is to report anything that you may believe is a scam to your email or phone provider. For tips on how report emails, follow our step-by-step guide here. And for tips on how to protect yourself from SMS phishing, see this blog.

For more information about phishing from an expert about how phishing works, see this blog.

• How can I report a phishing email?
• What are vishing, caller ID spoofing and SMS phishing scams?
• What’s the difference between pharming and phishing?