Send feedback QuitQuick quit Skip to content
Phishing

Phishing

Phishing refers to activities where criminals attempt to deceive people into revealing personal information, such as bank credentials, usernames, or other sensitive data.

Information is typically phished through emails, text messages, or phone calls, but websites and social media platforms can also be part of the scam. The aim may include stealing personal data or obtaining money fraudulently.

Most often, phishing is conducted by organized criminal groups operating from abroad.

How Does Phishing Occur?

Phishing commonly occurs via email, WhatsApp messages, Facebook, other social media platforms, or traditional SMS messages that appear legitimate and trustworthy. The message might seem to come from your bank, an insurance company, a close acquaintance, or a well-known business. Often, the message requests that you click on a link or provide information such as passwords or credit card details.

In reality, the sender is a criminal, and following their instructions grants them access to your information.

Phishing also occurs over the phone, where scammers may impersonate bank officials, IT support staff, or police officers. They may ask for your bank credentials or request that you install remote control software on your computer, enabling them to access your device and data.

Common Phishing Methods

  • Email Scams: Emails that appear to come from trusted entities, such as banks, urging you to verify information or make payments urgently.
  • Phishing via Text Messages (smishing, or SMS phishing): Criminals may send messages about a package delivery or demand payment, directing you to a phishing website. Phishing also occurs via WhatsApp, Facebook Messenger, and other instant messaging platforms.
  • Scam Calls (vishing, or voice phishing): Fraudulent calls where the caller impersonates an official or company representative, attempting to obtain personal information or install malicious software.
  • Website Spoofing: Victims are redirected to a criminally-controlled website that may look like a legitimate online bank. You might even end up on such a site accidentally, for example, through a search engine like Google.
  • Targeted Phishing (spear phishing): Scammers gather information about the victim and craft a message tailored to appear highly credible to that individual.

How to Protect Yourself from Phishing

  • Do not click on suspicious links or open unknown attachments.
  • Use strong passwords – and make sure to use a different password for each service!
  • Enable two-factor authentication whenever possible. This adds an extra layer of security, requiring a password and a confirmation code sent via text message or authentication app.
  • Always carefully verify the sender’s details. Small changes in email addresses, for instance, can reveal a scam.
  • Do not provide personal information (such as your personal details, bank credentials, or passwords) unless you are absolutely sure about the recipient’s identity.
  • Never give personal information via email or phone. For example, the police or your bank will never ask for such details over the phone.
  • Avoid clicking suspicious links in emails or other messages.
  • Be cautious if someone close to you requests urgent help, and confirm it’s a genuine plea rather than a scam attempt.
  • Always ensure the website you’re providing information to is trustworthy. For example, check the website’s address and make sure it’s secured (https://).
  • Review your bank statements regularly to quickly spot any discrepancies.

What to Do If You’ve Fallen Victim to Phishing?

If you realize you’ve provided your information to scammers, act quickly:

  • Contact your bank if your bank credentials may have been compromised.
  • Immediately change your passwords, at least for the accounts that may be at risk. Consider changing passwords for other important accounts as well.
  • If you’ve installed a suspicious program on your device, remove it and run a virus scan. You can also seek advice, for instance, from SeniorSurf guidance centers.
  • Contact the police if necessary and file a police report.

Victim Support Finland offers assistance and practical advice also in English. You can reach out via our contact form.

Artificial Intelligence and Emerging Communication Technologies Bring New Threats

Phishing methods are constantly evolving, and criminals now utilize artificial intelligence and other technological innovations. AI can create increasingly convincing scam messages without typos or inconsistencies, making scams harder to detect. Additionally, advanced communication technologies enable more sophisticated and targeted phishing attempts, increasing the risk of falling victim.

Learn More

Internet Scams