What Is Phishing and What Can I Do About It? A Simple Explanation

| 6 min read
phishing

What Is Phishing?

Phishing is a form of online fraud in which criminals pretend to be a trusted party, such as your bank, a well-known person, or a well-known company, with the goal of stealing money or data. This usually happens online via e-mails, text messages, WhatsApp, fake websites, fake apps, and so on. The scammers try to make it look so authentic that it is indistinguishable from the real thing. Phishing is sometimes carried out in sophisticated ways, so even experienced experts are not always safe. The name phishing derives from the word “fishing,” which is akin to fishing for information.

Since a lot of money is involved in cryptocurrency, more and more hackers are trying to gain access to your crypto account. Once they have access, they can often withdraw your Bitcoin or Ethereum coins. Unfortunately, exchanges and crypto brokers can no longer do anything once the coins are on another wallet. So always be extra careful!

Example:
You receive an e-mail from something that looks like your bank with the message: “There is suspicious activity on your account. Click here to verify your information.” But if you click, you end up on a fake website and give your login details to scammers. Behind the scenes, these scammers then use your information to log in and steal all your money.

Brief Summary

  • Phishing is online fraud in which criminals pretend to be trusted parties to steal your money or data.
  • They often use fake e-mails, text messages, fake websites or apps and want you to act as quickly as possible.
  • Recognize phishing by spelling mistakes, odd unexpected e-mails, a fake link, and attachments you are asked to open.
  • Never click on links without thinking! Do not reply, mark suspicious messages as spam, and delete them immediately.
  • Victim? Close suspicious e-mails, scan your device, change passwords, and contact your bank.

How Does Phishing Work?

Phishing works by deceiving you. You are led to believe something that is not true. It almost always plays on the friendly or trusting side of human nature. Scammers send you a message that looks genuine and almost always include an urgent request (something that needs attention). As soon as you click that link or enter data, you are trapped.

This Is How Phishing Usually Works:

  1. Attention Required
    You receive an e-mail or text message with an urgent notice. For example: Your package is delayed, or there has been a login to your bank account from China. The scammers send something that sets off alarm bells inside you. You are often startled and want to take action immediately. They almost always play on your emotions.

  2. The Scam Website or App
    They always try to lure you to a website, fake app, or something where they can harvest your data. Some scammers go so far as to create entire smartphone apps that look legitimate. In some cases you'll only discover you’ve been scammed years later. So never click a link without thinking!

  3. The Data
    Once you’re on the fake platform, the scammers will ask for your data at some point in the process. They are looking for login credentials, credit card details, or certain information that allows them to access your account. For example, a secret question and e-mail information. You enter your data and bam, the scammers have access.

Example:
You get a text from “PostNL” saying you need to pay import fees. You click the link, pay a few euros, but in the meantime you are giving your bank details to criminals.

Tip:
Real organizations never ask for your password or bank details via e-mail or text. If you’re in doubt, contact the company through their official website or phone number. Never trust anyone outright, no matter how genuine they sound!

How to Recognize Phishing

Phishing e-mails can look quite convincing, but there are always things you can watch for. Look for these typical signs of phishing:

  • The message supposedly comes from a bank, government agency, or well-known company, such as your internet provider or a subscription service.
  • You are asked to click a link or comply with a payment request.
  • There is pressure: you must act “now,” or there will be problems for you or your account.
  • The message often contains spelling errors. Criminals are not always as professional as organized companies.
  • The sender’s e-mail address looks like that of the real company, but differs slightly. Think “Gooogle” with an extra o, or a domain that resembles the real one (for example, finstt.com instead of finst.com).
  • There is a strange attachment. Never click that! It could contain a virus or malware.

What to Do When You Receive a Phishing Message

Have you received a suspicious e-mail or text? Do this:

  • Do not click on links or payment requests!
  • Do not reply, not even to tell them to stop. That only shows your e-mail address is active, which will lead to more of these messages.
  • Mark the message as spam in your e-mail program.
  • Simply delete the message.

In doubt? Seek help. For example, use a phishing checker or your bank’s help desk. These tools can help you find out what’s going on.

Still Fell for a Phishing Scam?

Don’t panic. It can happen to anyone. Below is what you should do in different situations.

What If You Accidentally Open a Phishing E-mail?

But what if you did accidentally open a phishing e-mail and clicked on the wrong link without thinking? There are a few things you can do.

Suspicious Attachment
If you opened a suspicious attachment, close your e-mail program immediately. This prevents any further background activity. Then open your antivirus scanner and have it thoroughly check your entire device (make sure it’s up to date). If it finds nothing, that’s a good sign.

It’s also advisable to update the passwords on your most important accounts, even those not related to this incident. Never reuse the same password across services! This is a common mistake. Also, consider using a different computer or phone temporarily for online banking to prevent scammers from accessing your device and harvesting data.

Clicked a Suspicious Link
If you didn’t open an attachment but only clicked on a suspicious link and did not enter any confidential information and closed it right away, that’s a good sign. Phishing e-mails often work that way. Still, it’s smart to change your passwords just in case. Using a smartphone or tablet? Good news: the risk of malware on those devices is much lower. If you suddenly see an app you don’t recognize or didn’t install yourself, delete it immediately and install an antivirus scanner on that device. In short: stay vigilant, but don’t panic! Acting quickly can be effective.

I Entered Data on a Phishing Website

Shared your data? Do the following:

  • Entered a password? Change it immediately! Start with important accounts like your e-mail or bank.
  • Entered an e-mail address? You will probably receive a lot of spam in the future. Never respond to it!
  • Entered bank details? Contact your bank immediately and have them monitor your account. Also change all your login credentials.

I Transferred Money to a Scammer

  • Call your bank right away. Sometimes they can still block or reverse the payment.
  • Always file a report with the police!
  • After filing a report, you can request the scammer’s information from your bank. You may be able to initiate legal action to recover your money.

Crypto and Phishing

Since many people keep large sums in their crypto accounts, scammers often try to steal your crypto. A common trick is sending an SMS to your personal number, stating that there was a login to your account or that attention is required to secure your account. They then try to get you on the phone, posing as an exchange employee, or they attempt to harvest your login details or personal information via a dangerous link. Never fall for this! No exchange will ever ask for your login details! If it happens, hang up immediately and contact the broker or exchange yourself. If there’s an issue with your account, they will have information about it.

Fake Investors
Another common scam is criminals posing as professional investors who say they can grow your money for a small fee. Of course, they have no intention of doing so and just want your money. Some “investors” even create a fake dashboard with fake profits. Every day you check, you see more money has “been added,” so you keep depositing until you try to withdraw and discover everything is gone.

Conclusion

Phishing is a clever trick used by scammers to deceive you and steal your money or personal data. They pretend to be banks, trusted companies, or even people you know and try to get you to share information or click dangerous links via fake e-mails, texts, or websites. It’s especially important to be vigilant with crypto, because once hackers steal your cryptocurrency, no one can help you—not even the police!

The best way to prevent phishing? Always be critical and cautious of messages that seem urgent, contain strange spelling errors, ask you to click links or share your password. Never trust someone outright, even if they call you. Always check official channels!

Fell into the trap? Don’t panic, but act quickly: close suspicious e-mails, scan your device for viruses, change all your passwords, and contact your bank if you shared financial details. And don’t forget: always report phishing! It’s important to inform companies like Finst so we can further strengthen our security.

In short: anyone can fall for phishing, even if you’re a pro, so it’s not shameful to be caught in it!

About Finst

Finst is one of the leading cryptocurrency providers in The Netherlands and offers a best-in-class investment platform together with institutional-grade security standards and ultra-low trading fees. Finst is led by the ex-core team of DEGIRO and is registered as a Crypto Service Provider with De Nederlandsche Bank (DNB). Finst offers a full suite of crypto services including trading, custody, fiat on/off ramp, and staking for both retail and institutional investors.

The crypto platform you'll love

We are here to give you the tools, inspiration, and support you need to become a better investor.

Sign up
Trustpilot