Phishing: how to protect yourself against data theft

Whether it's by e-mail or text message, via social networks or over the phone, criminals are increasingly targeting our personal data through phishing attempts.

You should therefore take great care with passwords, login and bank details and check a few things before handing them over. Here are the most important tips:

1. Be wary

“If the message contains typos, is written in a different style to what you’d expect from the sender, contains an odd signature or is not written in the expected language, for example in English, even though the e-mail claims to be from Migros, it’s probably phishing,” warns Antonio Kulhanek, the Migros Group's Head of Cyber Defence Operations.

2. Check the sender

To determine whether it’s a fraudulent e-mail, check the domain name in the sender's address. If it seems strange to you - for example, migrosversand.freeshopping.com instead of migros.ch - it’s highly likely to be attempted phishing.

Also check the link you’re being asked to open. Simply hover over it with your mouse or tap and hold on your smartphone screen to see the actual address that you’ll be redirected to. If the link looks suspicious, don’t open it. The same goes for attachments.

On social networks, such as Facebook or Instagram, make sure that the message comes from a verified account, which you can recognise by the blue symbol next to the name. If it isn't, it might be a scammer trying to entrap you with a fake competition.

3. Report fraud

“Before deleting suspicious messages, you should report them to the Swiss National Cyber Security Centre (NCSC). This helps to ensure that abusive domains are blocked,” explains Antonio Kulhanek.

If sensitive data has been passed on, block your credit card, change all your passwords and, if possible, even your e-mail address. “Nobody should be embarrassed to file a report with the cantonal police.” Try to document fraudulent activity by taking screenshots. That makes things easier for the police.

Fraud can also be reported on Facebook and Instagram. That's worth it because it enables deceptive accounts to be closed down quickly.

4. Remain alert

“Always update operating systems, browsers and downloaded apps. That’s because new versions eliminate potential security vulnerabilities,” the expert advises.

You shouldn’t enter your e-mail address everywhere either, for example when taking part in lots of competitions. If you do, it’s a good idea to create a second e-mail address that you use only for entertainment purposes.

After all, the more often an e-mail address is passed on, the greater the risk that it’ll fall into the hands of hackers.