How to spot a phishing scam – and protect yourself
Don't fall for the trap
We've all heard the famous stereotypes about royalty from faraway lands or long-lost uncles and while these scams do still exist, phishing tricks are generally much smarter these days.
Designed to fool you into divulging personal information such as logins, and even bank details, phishing scams see hackers create fraudulent websites or send emails pretending to be someone (or something) else. But luckily you can protect yourself with a combination of one of the best VPNs and some common sense.
How to spot a phishing scam
When it comes to spotting a phishing scam, the signs range from the obvious to the obscure.
If you see multiple typos or broken English from an institution like your bank then that's a definite red flag, while any requests for money changing hands should always be met with scepticism.
You should cast extra scrutiny over any URLs on sites you're worried about. Watch out for deliberately similar names like Nettflix.com (as opposed to Netflix.com) designed to catch unaware users out.
How to fight phishing
Our top tip would be to use one of the most secure VPNs, especially when on a public Wi-Fi connection. Such Wi-FI networks are prime targets for phishing scams with hackers exploiting existing systems or even setting up their own network posing as official Wi-Fi to farm personal data.
Thankfully the extra layer of encryption that comes with using a VPN makes you a tough nut to crack. Even if you do connect to such a network or visit a bogus website then you'll be protected and not worth the time of hackers in target-rich environments.
Some VPNs go even further beyond to offer extra layers of protection from phishing. NordVPN's Threat Protection Pro system for instance automatically uses AI-powered phishing detection tools to prevent you from clicking on suspicious links or visiting suspect URLs. Surfshark takes a different but similarly effective tactic, if you feel unsure about entering your details anywhere you can instead use its Alternative ID feature to create a proxy ID with a randomly generated identity and email address.
Away from VPNs, there's plenty you can do to help yourself avoid being caught on the hook.
For starters never click on a link in an email from a stranger, and if you're certain it's a scam, report it. Enabling two-factor authentication (2FA) on some of your most used logins is also a fantastic way to beef up security and provide yourself with peace of mind.
If you're worried about phishing at work, try moving away from email communication and instead convince your colleagues to communicate using an internal messaging service like Slack or Teams. Of course, if a friend, colleague or business sends you a suspicious message, you could always pick up the phone and get them to confirm with you. Good communication is a fantastic weapon against phishing.
Andy is a freelance writer with a passion for streaming and VPNs. Based in the U.K., he originally cut his teeth at Tom's Guide as a Trainee Writer before moving to cover all things tech and streaming at T3. Outside of work, his passions are movies, football (soccer) and Formula 1. He is also something of an amateur screenwriter having studied creative writing at university.