Skip to main content
All CollectionsFraud prevention FAQ and examples
Phishing, smishing and vishing - authorization fraud through social manipulation
Phishing, smishing and vishing - authorization fraud through social manipulation
Safello avatar
Written by Safello
Updated over 7 months ago

What is Phishing?

The most common type of fraudulent practice to steal data is phishing, where an email looks as if it comes from a trusted person or entity to lure you into clicking a link or downloading something in order to steal your passwords, for example.

Smishing, also known as SMS phishing, works like the above described scam and has the same goal but instead of a call or email you receive an SMS with a link.

Vishing, or voice phishing, involves scammers using phone calls to deceive and manipulate victims into revealing sensitive information or performing fraudulent actions.

Your BankID can be stolen!

Read more about security here: https://www.bankid.com/privat/taenk-pa-saekerheten

Common practices includes posing as trusted entities such as a bank, an electrical company or an authority and creating a sense of urgency - employing social engineering tactics to exploit human vulnerabilities.

How to protect yourself

Be vigilant with your personal information:

  • Avoid sharing sensitive information like passwords, Social Security numbers, or financial details over the phone unless you initiated the call and verified the legitimacy of the recipient.

  • Be cautious when providing personal information on websites, ensuring they are secure (HTTPS) and legitimate.

  • Regularly review your financial statements and credit reports for any suspicious activities or discrepancies.

Strengthen your authentication practices:

  • Use strong, unique passwords for each online account and consider utilizing a password manager to generate and securely store them.

  • Enable multi-factor authentication (MFA) whenever possible, which adds an extra layer of security by requiring additional verification steps.

Be cautious of unsolicited communication:

  • Do not trust unsolicited phone calls, emails, or messages that request sensitive information or prompt you to take immediate action.

  • Independently verify the authenticity of the caller or sender by contacting the organization directly using official contact information.

Educate yourself and stay updated:

  • Stay informed about the latest scams and fraud techniques by regularly reading security blogs, news articles, and official announcements from trusted sources.

  • Be skeptical of unusual requests, especially those involving financial transactions or sharing personal information.

Did this answer your question?