Hacking and fake news have been in the news a lot lately, what with the allegations of Russians using both those tools to influence the outcome of the U.S. presidential election. And both those online risks come together in a seemingly innocuous but potentially dangerous form: phishing.

Put simply, phishing is the attempt to steal your personal information, such as passwords and financial details, using an email or website that looks like it is legitimate but is in fact merely designed to look like that to lull you into a false sense of security.

Diligent Corporation, a New York company that provides secure platforms for boards and leaders of other companies and organizations to share information, put together data from various sources that show phishing attacks have gone up by over 300 percent between 2013 and 2016. About 156 million phishing emails are sent around the world every day, of which some 16 million are not detected by spam filters.

So if you get one of these fishy-looking emails, how do you know if it is actually a scam? Diligent surveyed over 2,000 people, using an experimental setup, and came up with some possible answers.

Some of the warning signs it lists are: spelling and grammar mistakes; generic salutations that don’t use your name; seems too good (or bad) to be real; is from an unknown sender; requests money or personal information; asks you to click on a link or download a file, while being vague.

Of the people surveyed, over half had been victims of some phishing scam or another. About 52 percent had an unauthorized charge on their credit card, 33 percent had their email accounts hacked and almost a quarter had their social media accounts compromised.

Some of the most effective phishing scams pretend to be sent from email addresses of people we know, such as friends or colleagues. The maximum number of people in the survey, over 68 percent, were fooled by emails that purported to be from a colleague to schedule a meeting the next day, followed by messages from friends claiming to share photographs on social media (almost 61 percent) or Dropbox (37.6 percent).

In contrast, the least effective phishing scams were those that promised a tax refund from the IRS, or gifts of cash and vouchers.

Being wary of phishing emails has a flip side — marking genuine emails as spam. The survey found about 40 percent of genuine emails were marked as phishing attempts. Those aged between 35 and 54 were the best at being able to tell real emails from phishing attempts, while the 18-24 and over 65 groups fared the worst. Men and women were fooled almost the same number of times, 23 percent and 23.3 percent, respectively.

If you want to check your own ability to identify scam emails, Diligent has a shorter version of its survey, designed like a quick quiz, on its website that can be accessed here.

And if you think you have received a phishing email, you can report it to the United States Computer Emergency Readiness Team using information on its website.



As the UK hits the busiest time ofthe year for holiday bookings, experts are warning consumers about the dangersof fraudulent travel company websites and other holiday scams. Abta, the TravelAssociation, has produced a list of warning signs for consumers to look outfor, to help reduce the risk of falling foul of bogus sites.

If a websiteyou are looking at has a combination of the following signs, it may be anindication that it’s not to be trusted …

· Flight or holiday prices that are considerably cheaperthan competitors. Flight prices are largely set by airlines, so although agentshave some leeway in price, if the agent you’re contacting is chargingsignificantly less than everyone else, this could be a sign that something isnot quite right.

· Low resolution, “fuzzy” logos for trade associationsand credit card companies.

· The only payment option is a bank transfer. Not onlyis this an indication that no bank is prepared to provide credit cardfacilities, but if you are dealing with a scammer it will be virtuallyimpossible to get your money back.

· Non-receipt of tickets – constantly being “fobbedoff”.

Abta also advise consumers to do an online searchbefore booking to check the profile of the company. If the company has beendefrauding people, or has a bad reputation, there is a good chance consumerswill have posted details or warnings about the company.

Other advice offered to stay safe when booking onlineis to:

· Check the web address is legitimate and has not beenaltered by slight changes to a domain name, such as going from .co.uk to .org.You can also check the details of the domain name of the website at who.is –when was it registered? Recently could indicate an issue, while if the addressis anonymous and information about the person or organisation that registeredit cannot be viewed that could also be a warning sign.

· Check whether the company is a member of a recognisedtrade body such as Abta or Atol. You can verify membership of Abta online atabta.com.

· Check the paperwork – you should study receipts,invoices and terms and conditions, and be wary of companies that don’t provideany.

· Use your instincts; if something sounds too good to betrue, it probably is.

Holiday fraud led to an estimated £7m being stolen fromconsumers in 2014, according to a report released by the City of London PoliceNational Fraud Intelligence Bureau in April, with £2.2m lost to online scams.The average loss to the individual was £889, while one individual lost £62,000in a fraud relating to timeshare.

The report also detailed the emotional toll for victims: onethird said the fraud had a substantial impact on their health as well as theirfinancial well-being, while 167 were affected so badly they had to receivemedical treatment.

According to the report, the most common types of fraudrelated to holidayaccommodation, in which fraudsters set up fake websites and posted fake adsonline, as well as fake airline bookings and bookings related to high-profilesport and religious trips, such as the World Cup or Hajj.

Stuart Fuller, director of commercial operations at onlinebrand protection company NetNames, said professional-looking websites can beset up easily, using rudimentary coding skills. Fraudsters can also leave fakeonline reviews on sites such as Tripadvisor to help exploit the trust ofconsumers.

“Unfortunately, often victims do not discover they have beenduped until arriving at the airport or hotel only to find there is no booking,”he said.

John de Vial, head of financial protection at ABTA said: “Ourconsumer helpline has seen an increase in calls from members of the public whoare either checking the validity of a suspicious website or, worse, havealready paid by bank transfer and then been fobbed off when trying to get holdof their tickets. We want to make consumersaware of this problem and stop them from being ripped off in this way.”