Phishing Myths

Myth 01

Spam filters and anti-virus will detect all Phishing messages

Spam filters and Anti-viruses will detect and reduce a good portion of phishing messages but unfortunately are unable to stop all of them coming in. Scammers are always steps ahead of the curve, working out how to bypass filters.

Myth 02

The domain name owner holds the responsibility for the Phishing attacks

Websites provide a protection to its users against privacy intrusion; However, they are not responsible for losses that occur due to user negligence. Therefore, it is important that users protect themselves against Phishing.

Myth 03

A secure website can be identified by "HTTPS" and a lock symbol

Phishers can create encrypted fake websites. The lock or key on a webpage does not guarantee its safety or trust.

Myth 04

Poor grammar means guaranteed Phishing

Many Phishers use various tactics to improve grammar and more often come from well-educated backgrounds. The use of poor grammar historically enabled hackers to bypass email filters and make their emails seem more authentic. With the introduction of sophisticated spell-checking and sharper filtering, these tactics have become less effective.

Myth 05

Users do not need to do anything at all

Some users think Phishing is not a concern for them, and that anti-phishing software and educational courses are simply a sunk cost. Failing to address or bury your head in the sand about Phishing can lead to losses in personal data, financial and corporate information. Further, data breaches could incur massive fines from the ICO.