Everyone’s heard of Spam, annoying unsolicited emails that hit your mailbox forcing you to perform frequent clean-ups. The equivalent of blanket marketing, a Spam message is fairly generalised and is easy to spot; a Phishing email however is much more sophisticated and extremely specific. Believing the message to be legitimate the reader is lured into divulging information such as passwords and other personal information that they would otherwise never normally give out.

A Phishing email is a classic social engineering attack, and the formula is always the same. “You must take action; click here now to update your details, etc.” Ignore them. Remember that your bank will never ask you for your password over email or the telephone.

Prevention lies mainly in education and vigilance. The fact that you are reading the email means that it has got past your Spam filter; you are the last line of defence. If you aren’t specifically expecting an email from someone, just delete it without clicking any links, and be especially wary of emails purporting to be your bank, PayPal, iTunes etc.

Services such as Knowbe4, developed by Kevin Mitnick, (a world expert on Social Engineering) are specifically designed to test users’ responses to Phishing emails to help increase security awareness.