Phishing

Phishing is one of the most common and sophisticated cybercrimes, aimed at unsuspecting individuals to steal confidential information. Scammers deceive people by impersonating a trusted entity in an attempt to obtain private information such as passwords, credit card details, and other sensitive data. Using social engineering techniques, cybercriminals send emails, text messages, and make phone calls that appear legitimate, but whose ultimate goal is to trick you into revealing personal and financial information.

How to avoid phishing?

Protecting yourself from phishing requires a mix of awareness, education, and the right cybersecurity tools:

  • Education and awareness: Staying informed about the latest phishing tactics and educating those around you is essential. The more you know, the easier it is to spot fraud attempts.
  • Checking links and emails: Always review a link’s URL before clicking and be cautious of unsolicited emails asking for personal or financial information.
  • Using strong passwords: Using unique and complex passwords adds a strong layer of protection against phishing attacks.
  • Keeping security software up to date: Updating your antivirus and systems helps protect you from many types of cyberattacks.
  • Two-factor authentication: Adding an extra layer of security makes it much harder for unauthorized users to access your accounts.

    • Smishing & Vishing (texts and phone-call scams)

    Scammers also use SMS/text messages (smishing) and phone calls (vishing) to pressure you into sharing info or clicking something fast.

    How to avoid smishing/vishing?

  • Be skeptical of “urgent” texts with links or payment requests.
  • Don’t share one-time codes or security codes with anyone who contacts you unexpectedly. 
  • If a caller pressures you, hang up and contact the company using an official number you trust (not the one they give you).

    • QR Code Scams (“Quishing”)

    QR codes can hide malicious links—scammers place them in emails, posters, or even stickers over legitimate QR codes.

    How to avoid "Quishing"?

  • Don’t scan random QR codes from untrusted sources.
  • Preview the URL after scanning—if it looks odd, don’t proceed.
  • Be cautious of QR codes asking for login/payment immediately.
  • Use official apps or official websites instead of QR codes when possible.

    • Business Email Compromise (BEC) / Payment Instruction Scams

    In BEC scams, criminals impersonate a trusted person to trick someone into sending money or sensitive information—often via email.

    How to avoid BEC / Payment Scams?

  • Be extra careful with “change of bank details” requests or last‑minute wire instructions.
  • Verify payment changes using a second channel (call a known number, not the one in the email). 
  • Watch for subtle “look‑alike” email domains (one-letter differences). 
  • Use MFA and strong authentication to reduce account compromise risk.

    • For more tips on how to protect yourself online, visit the ABC of BCP —your trusted source for digital security and financial education: https://www.viabcp.com/abcdelbcp.