Learn About Phishing

Understand phishing attacks and how to protect yourself from online scams.

What is Phishing?

Phishing is a type of cyber attack where attackers impersonate trustworthy entities to steal sensitive information such as passwords, credit card numbers, or personal data. It’s dangerous because it targets the weakest link in security β€” humans. Even with strong technology, social engineering tricks can cause breaches.


Over 90% of successful cyber attacks start with phishing attempts.



Types of Phishing Attacks

How many of these do you recognise?

πŸ“§ Email Phishing

Fake emails designed to look like they come from real companies

🎯 Spear phishing

Targeted phishing aimed at specific individuals or organizations.

πŸ“± Smishing

Phishing via SMS or text messages.

πŸ“ž Vishing

Voice phishing via phone calls, more commonly known as scam calls.

πŸ“· Quishing

Phishing attacks that use QR codes to trick you into visiting malicious websites or downloading harmful content.

πŸ“ Clone phishing

A legitimate email is copied and modified to include malicious links.



How Phishing Works

"Urgent action required", "Your account will be suspended", "Click here to claim your free phone!"

Phishing attacks manipulate emotions such as fear, urgency, curiosity, or greed to trick victims into acting without thinking.



The bottom line is: Think before you act

Always pause and verify suspicious messages. Don’t panic or rush β€” attackers count on rushed decisions.



How to Spot Phishing

Check the sender

If it looks like it's from a friend or colleague but seems off, confirm with them in person or via a trusted channel.

Spoofed sender address

The email address might be slightly altered to trick you (e.g., support@payp4l.com).

Suspicious links or attachments

Hover over links to see the real URL. Avoid clicking unknown attachments when possible.

Too good to be true

Offers that sound too good to be true usually are. Winning a staycation? Check twice before proceeding.

Urgency and threats

Messages pressuring immediate action or threatening consequences are red flags.

Test your phishing awareness with Google's interactive quiz: Take the Quiz
(Optimized for desktop use. Name and email is only for simulating challenges, not for signing up)



Protect yourself from being phished

πŸ“§ Be cautious with unexpected emails


Don't click links or open attachments from unknown senders. Always verify first.

🎯 Watch for personalized bait


Spear phishing uses your name or workplace to gain your trust β€” stay alert even if it seems legit.

πŸ“± Think twice before tapping SMS links


Smishing messages often appear urgent. Avoid tapping unknown links or calling strange numbers.

πŸ“ž Never give info over phone unless you initiated


Vishing scams often impersonate banks or tech support. Hang up and call ScamShield helpline at 1799.

πŸ”³ Don’t scan random QR codes


Quishing uses malicious QR codes in emails, signs, or even menus. Only scan codes from trusted sources.

πŸ“© Beware of lookalike emails


Clone phishing mimics legitimate emails. Check URLs and attachments carefully, even if the sender looks familiar.