Phishing emails request that users click on a link in the email which will direct users to a “spoofed” website, which is a site designed to fool users into thinking that it is legitimate to obtain, verify or update contact details or other sensitive financial information. The spoofed website will look almost identical to that of a legitimate or a well-known financial institution. Phishing emails which are a form of spam emails, are typically sent in large numbers to consumer email accounts. The criminals send them in the hope of tricking recipients into disclosing their personal information in bogus online platforms on the spoofed websites. All it takes is a few duped individuals to make phishing a profitable business for cybercriminals.


  • Do not click on links or icons in unsolicited emails.
  • Do not reply to these emails. Delete them immediately.
  • Do not believe the content of unsolicited emails blindly. If you are worried about what is alleged, use your own contact details to contact the sender to confirm.
  • Type in the URL (Uniform Resource Locator or domain names) for your bank in the internet browser if you need to access your bank’s webpage.
  • Check that you are on the authentic/real site before entering any personal information.
  • If you think that your device might have been compromised, contact your bank immediately.
  • Create complicated passwords that are not easy to decipher and change them often.
  • Use YIMA, a website vulnerability scanner, where you can do website security check for scams, known vulnerabilities and security headers.