Phishing
A scam where a message pretends to be from a trusted organisation to trick you into giving details or clicking a harmful link.
How it appears in scam messages
Phishing messages imitate a trusted brand and push you to click a link, open an attachment, or hand over codes, passwords, or card details. They rely on urgency and a convincing sender so you act before checking. The same playbook appears over SMS (smishing), calls (vishing), and QR codes (quishing).
Example only - do not act on it
Example only: Unusual sign-in detected - verify your account now: [fake-link removed]
Why it matters
Phishing is the entry point for most account takeovers and fraud, so recognising it stops scams early.
Common red flags
- Unexpected contact creating urgency or fear
- Requests for codes, passwords, payment, or personal details
- Links or attachments you did not expect
- Sender or domain that does not match the real organisation
Safe next steps
- Stop and verify through official channels you find yourself
- Never share codes, passwords, or card details from a message
- Use the message checker if you are unsure
- Report and block the sender
Related scam types
Related scam messages you can check
- Is this unpaid toll payment text a scam?
- Is this digital arrest call or message a scam?
- Is this AI voice family emergency call a scam?
- Is this bank fraud department call scam a scam?
Related scam-type hubs
Related red flags
Frequently asked questions
How can I avoid phishing?
Slow down, never act on urgency, and verify through official apps or websites you open yourself. Use the free checker if a message seems off.
What if I have already been affected?
Contact your bank or the relevant provider through official channels, change any exposed passwords from a trusted device, and save evidence. See our recovery guides.