Phishing: What it is and how to protect yourself from scam messages

Have you ever received a suspicious email that looked like it was from your bank, Amazon, or Instagram?

A message warning you of an “urgent problem” with your account, asking you to click a link to fix it?

If the answer is yes, welcome to the wonderful (and dangerous) world of phishing!

What is Phishing?

Phishing is a technique of online scam used by cybercriminals to steal sensitive data from you such as passwords, credit card numbers and personal information.

This is how it works : They send you a message that looks official, scare you with an urgent problem, and convince you to click on a malicious link. If you fall for the trap, goodbye data!

Most Common Types of Phishing

1. Email Phishing : You receive an email from “PayPal” (but it is not really PayPal) telling you that your account has been suspended. They invite you to click on a link and enter your credentials.
2. Smishing (SMS Phishing) : SMS messages that appear to come from your bank or a courier, asking you to confirm a payment or incoming package.
3. Spear Phishing : Scams aimed at specific individuals or companies, often with personalized details to appear more credible.
4. Vishing (Voice Phishing) : Phone calls from “operators” trying to obtain your data.

Even through messages on Instagram and Facebook you can receive this type of messages from users who create fake Meta accounts.

How to Recognize Phishing

Here are some warning signs that will help you spot a scam before you fall for it.

Check the Sender

If you receive a suspicious email, the first step is to check the sender's address. Scammers often use addresses that look similar to the real ones, but with small differences. For example:

True: support@paypal.com

False: support@paypall.com

Fake: paypal.security@gmail.com

If the email is not from the company's official domain, something is wrong!

Phishing email example

Don't trust links

Links are a favorite weapon of scammers.

Before clicking on a link in an email or message, hover your mouse over it (without clicking!).

At the bottom left you will see the real URL. If the domain does not match the official website of the company, it is a scam.

Example:

Real: https://www.paypal.com/security

False: https://paypal-security-login.com

Beware of alarming messages

Scammers want you to act quickly, so they use phrases like:

• “Your account will be suspended if you do not act within 24 hours!”
• “You have received a refund of 500 euros! Click here to accept it.”
• “Warning: Suspicious activity detected on your account!”

If you receive a message like this, take a deep breath and don't panic .

Check the sender and don't click on anything.

Phishing on Facebook and Instagram

Scammers aren’t limited to emails – social media is a breeding ground for scams!

Fake messages on instagram

Have you ever received a DM that says: “We have reported a copyright violation on your account. Click here to prevent termination.” ?

Don't do it! Instagram never notifies you via DM for security issues. If you have any doubts, go directly to the app settings.

Fake Facebook Accounts

There are often fake profiles circulating on Facebook that pretend to be Meta customer service and write to you to ask for your login details. Facebook will never ask you for your password!

How to Protect Yourself from Phishing

Now that you know how to recognize scam attempts, here are some golden rules to protect yourself:

1. Never click on suspicious links. If you have any doubts, visit the official website by typing it directly into the browser.
2. Enable two-factor authentication (2FA). Even if someone got your password, they wouldn't be able to log in without the second factor.
3. Check for grammatical errors. Many phishing messages contain typos and strange sentences.
4. Do not download suspicious attachments. If an unknown email sends you a file, don't open it!
5. Use a password manager. It helps you create strong passwords and avoid falling into phishing traps.
6. Report and block phishing attempts. On Gmail, Outlook, Facebook and Instagram you can report scams with one click.

Conclusion: Don't fall for it!

Phishing is a real threat, but now you're armed with the knowledge to defend yourself!

Share this article with friends and colleagues to help them avoid falling into the trap of scammers.

If you want to learn more about online security, digital marketing and photography, follow me on Instagram @Paul_Digital_Creator and watch my latest reel on phishing!