One thing I can say is that the spammers are getting better with their content and formatting, not perfect, but better. Phishing’s main downfall here appears to be grammar and spelling which always makes something “tingle” on the back of your neck, even if you are new to the phishing experience … You know we’re all going to be in trouble when the phishers finally get someone to proof-read their emails!

Just remember these simple tell-tale signs that someone is phishing:

• You are not addressed by your full name or other personal information.
• You do not appear to be emailed directly. Rather you are part of a BCC list.
• Spelling does not appear to localised for your region. e.g. “Authorised” (Australian) vs “Authorized” (American).
• Links you are asked to follow do not belong to the actual organisation the email appears to be from. e.g. http://sydney049.com/monwealthbank.com.au/login.aspx belongs to the “sydney049.com” domain and not the “commonwealthbank.com.au” domain.

Remember, if in doubt then pick up the telephone and give the organisation a call directly (though don’t use the phone number from the email)!

Check out some of the better phishing emails the Commonwealth Bank have had to issue alerts for: