Phishing is a cybercrime where attackers deceive you into sharing sensitive personal information by pretending to be a trusted individual or company. Phishing sites are designed to mimic legitimate websites, often to steal your credentials, financial details, or identity. Here's how you can spot and stop phishing attempts from compromising your online security.
What is Phishing?
Phishing is a fraudulent attempt to acquire sensitive information, such as usernames, passwords, or financial details, by disguising as a trustworthy entity. A typical phishing scenario might involve receiving an email or text message that looks like it’s from a reputable company, urging you to click on a link that leads to a fake website.
These fake websites are designed to appear nearly identical to legitimate ones, tricking you into entering your sensitive information. Once submitted, this data is stolen and used for malicious purposes.
How to Spot Phishing Websites: Follow the W.E.B.S. Check
To avoid falling victim to phishing, use the W.E.B.S. method:
- W – Website URL
- E – Email sender
- B – Coins.ph Official Blog
- S – Coins.ph Official Social Media Pages
W – Website URL: Always Check the URL
Phishing websites often look similar to legitimate ones but may have small differences in the URL. Fraudsters create fake websites that closely resemble trusted sites, but they may lack the security features of a legitimate website.
Before entering your sensitive information, always check the website’s URL. Look for “HTTPS” and a padlock icon (🔒) before the link, indicating that the site is secure. For example, Coins.ph's legitimate URLs include:
E – Email Sender: Verify the Sender’s Address
Phishing emails may come from addresses that look similar to a trusted source, but upon closer inspection, they are often slightly altered. For instance, phishing emails claiming to be from Coins.ph could appear to come from an official-looking address but are actually fraudulent.
Legitimate emails from Coins.ph always come from help@coins.ph. When in doubt, visit the official Coins.ph website or app to check for updates or notifications. Remember, Coins.ph will never ask you for your password or 2FA code via email or text. Always avoid clicking any suspicious links or downloading attachments.
Remember: Coins.ph will never ask for your password or 2FA code via email, text, or other means of communication outside of our sign in screens and transaction confirmations.
B – Check the Coins.ph Official Blog
Phishing emails often promise prizes or promotions to lure you into entering personal information. You can verify the legitimacy of any promotional offers by visiting the official Coins.ph Blog. If there is a legitimate promotion, it will be listed under the “Promos” category, with full terms and conditions available.
Also, legitimate promotions may appear as pop-up messages in the Coins.ph app or after logging into the website.
S – Verify with Official Social Media Pages
Phishers often use fake social media accounts to advertise false promotions or customer service offers. To avoid being tricked, only trust official social media pages for information related to Coins.ph. Here are the official accounts:
If you receive an offer or communication through a social media page that isn’t listed above, it is likely a scam. Always verify directly with Coins.ph through the app or email help@coins.ph.
Key Warning Signs of a Phishing Email
Phishing emails are often designed to create a sense of urgency, excitement, or fear to prompt quick actions. Be cautious if you receive emails claiming you’ve won a prize, need to reset your password, or are required to verify your account. If you receive such an email, do not click on any links. Instead, go directly to the official Coins.ph website or app to check your account status.
How to Protect Yourself from Phishing
- Don’t share sensitive information through email or text messages.
- Check website URLs before entering any personal data.
- Verify email senders carefully before taking any action.
- Use strong passwords and enable two-factor authentication (2FA) on all your accounts.
- Educate yourself about the latest phishing tactics and stay aware of common scams.
Test Your Knowledge: Can You Spot a Phishing Website?
Think you can spot a legitimate website from a phishing site? Take our interactive quiz to test your knowledge and improve your ability to recognize phishing attempts.
