Slow down! Spammers want you to act first and think later.

Detailed 23 Phishing Species

Don’t become a victim

Slow down. Spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review.

Research the facts. Be suspicious of any unsolicited messages. If the email looks like it is from a company you use, do your own research. Use a search engine to go to the real company’s site, or a phone directory to find their phone number.

Delete any request for financial information or passwords. If you get asked to reply to a message with personal information, it’s a scam.

Reject requests for help or offers of help. Legitimate companies and organizations do not contact you to provide help. If you did not specifically request assistance from the sender, consider any offer to ’help’ restore credit scores, refinance a home, answer your question, etc., a scam. Similarly, if you receive a request for help from a charity or organization that you do not have a relationship with, delete it. To give, seek out reputable charitable organizations on your own to avoid falling for a scam.

Don’t let a link in control of where you land. Stay in control by finding the website yourself using a search engine to be sure you land where you intend to land. Hovering over links in email will show the actual URL at the bottom, but a good fake can still steer you wrong.

Curiosity leads to careless clicking–if you don’t know what the email is about, clicking links is a poor choice. Similarly, never use phone numbers from the email; it is easy for a scammer to pretend you’re talking to a bank teller.

Email hijacking is rampant. Hackers, spammers, and social engineerers taking over control of people’s email accounts (and other communication accounts) has become rampant. Once they control someone’s email account they prey on the trust of all the person’s contacts. Even when the sender appears to be someone you know, if you aren’t expecting an email with a link or attachment check with your friend before opening links or downloading.

Beware of any download. If you don’t know the sender personally AND expect a file from them, downloading anything is a mistake.

Foreign offers are fake. If you receive email from a foreign lottery or sweepstakes, money from an unknown relative, or requests to transfer funds from a foreign country for a share of the money it is guaranteed to be a scam.

Set your spam filters to high. Every email program has spam filters. To find yours, look under your settings options, and set these high–just remember to check your spam folder periodically to see if legitimate email has been accidentally trapped there. You can also search for a step-by-step guide to setting your spam filters by searching on the name of your email provider plus the phrase ’spam filters’.

Secure your computing devices. Install anti-virus software, firewalls, email filters and keep these up-to-date. Set your operating system to automatically update, and if your smartphone doesn’t automatically update, manually update it whenever you receive a notice to do so.  Use an anti-phishing tool offered by your web browser or third party to alert you to risks.

Big Prize Pirahna - an 'advanced fee fraud' special. You receive an email or txt that claims you are eligible for all large sum of cash but the processing fee you must pay in advance to claim your win makes you the loser. Ignore lottery winner texts and emails and don't reply or report them as spam.

Chameleon Shark - pretends to be a handsome man working overseas who needs your help with a temporary financial problem.Online dating sites have allowed people seeking love to cast their net far beyond their home town, city or even country. But be prepared for romance scammers who can spend many months lulling you into believing you're in a relationship only to request cash payments - small at first, then larger - to help them out of all kinds of crises.

Diddler Crab - pretends to be a grandchild in financial distress in order to scam seniors. A crusty offshoot of the Pleading Pillock and a popular scam used by those who hack into web mail accounts secured with weak passwords.

Fabaloney - Any offer which seems too good to be true probably is - and that includes txts, emails and websites designed to lure you in

Talk with friends and family, research any good deals by searching for the name of the company or product and the word 'scam' or call NetSafe


Fake Bank Website - Lures prey into giving their user names and passwords. Another phishing classic, the random internet banking alert sent by bank X, Y or Z that wants you to login now to unlock your suspended account.

Check the email address of the sender and avoid clicking on any links in the email body. Phishing scammers steal bank logos and text and set up websites that are close to the real URLs. Always type out the full bank website address when you bank online and avoid transacting over free wi-fi.

iPhone Fangtooth - lures prey with glowing offers of cheap electronic devices.

Be wary of sellers offering consumer gadgets at bargain prices - NetSafe receives reports every week of people lured into paying hundreds of dollars for iPhones and other expensive items that never arrive.

Attachment Flounder - click the file and download software which invades your computer.

Always think before you click and be wary of attachments to emails you weren't expecting. Even opening a malicious PDF file can harm your computer if you haven't updated your helper system and software.

Flying Phish - masquerades as an airline website to trick you into giving credit card details.

Check website addresses (URLs) carefully. Type them into your browser, be wary of clicking on links in emails and look for https:// when paying for flights.

Fake Wi-Fi Dory - lurks around airports, hotels and train stations hoping to devour your email and bank passwords. So called 'Man in the Middle' attacks may sound unlikely but it pays to be careful when connecting your laptop or smartphone to free internet hotspots

Avoid banking or buying things over free Wi-Fi. If you're a regular traveller who needs secure web access consider buying a mobile data stick or using a VPN service to encrypt your sensitive emails.

Sloppy Grammar Guppie - most scammers can be identified by their poor spelling and grammar.

Suspicious about an email? Read it carefully and you may spot poor sentence construction or other language oddities that flag a likely phishing attempt.

IT Help Haddock - wants access to your computer and money for installing free software.

The cold calling PC doctors plagued NZ in 2011/12 and cost the country millions of dollars as they tried to persuade unsuspecting computer owners that a virus needed urgent attention. Avoid giving anyone remote access to your computer, especially people who call you up and baffle you with jargon.

Love Bait - strikes up a relationship with its prey then pleads for cash to cope with a phony financial crisis. Net Safe reported $674,000 lost to romance scammers in NZ in 2012

. If a new lover asks you to wire transfer money it's time to throw them back and go look for another fish in the sea.

Medicine Mullet - offers fake pharmaceutical sand gathers your credit card details. Think twice before ordering medicine from online pharmacies as both your health and financial well-being may be at risk.

Net-detective - Been scammed before? Watch out for the follow up recovery trick - the net detective offers to catch the original scammers and retrieve your lost funds for a fee. They merely pocket more of your money as a 'processing fee' to ensure speedy repayment of your frozen funds.

Octo-scammers - often teams targeting potential victims use multiple identities, such as a lawyer, government official and hotel manager to try every way possible to draw you in and convince you about a great share offer or family inheritance. Think carefully before you respond to emails offering rewards or a share of a foreign fortune. It's your cash they want to grab before you see any payout.

Overpay Moray - a popular tactic for the overseas car auction buyer. They pay you too much with a stolen credit card and then request the remainder is wired to a shipping company looking after delivery. It's you who ends up out of pocket when their payment is later bounced.

Password Sucker - wants you to confirm your password for online banking,or auction account.

The classic phishing email that breathlessly insists you must unlock your suspended account RIGHT NOW by visiting a rogue website and sending your login details through to cyber criminals looking to profit. Delete those emails and never click on the links.

Pleading Pillock - pretends to be a friendon holiday who needs cash wired to them urgently.

Another classic email scam, very popular with people hacking into webmail accounts secured with weak passwords. Once in they can send fake requests for urgent wire transfers to all your account contacts insisting you've been mugged in London.

Spam Clam - scours the web for email addresses then clogs your in-box with offers of cheap goods and services.

Spam complaints are dealt with by the Department of Internal Affairs Electronic Messaging Compliance Unit.

Spear-phisher - targets individuals using selected personal information published online or shared on Facebook and other social media. What's published on the web can be a wonderful source of background for cyber criminals looking to target individuals or particular businesses.

Tax-refund Ray - watch out for unexpected phishing emails around tax time suggesting a large cheque can be claimed from IRD or other companies.

Click on the links and you may suffer a nasty sting. Grant payments and bank fee refunds are increasingly being offered by telephone cold callers too.

Virus Puffer - claims to have detected a virus on your computer in order to extract payment.

'Scareware' - fake or malicious anti-virus software - is a popular social engineering trick that relies on a lack of knowledge and fear of loss to get you to install it. Research any programme carefully before installing it.

  • Whale-phisher - persues CEO's and other wealthy individuals via their social media profiles.

    A whale is a big catch for the cyber criminal phishing for important information and celebrities and high-ranking government officials have been targeted in recent years. Whaling can bring big rewards and phishers use deception via phone or email to gain access to state or industry secrets.

It’s our way of surviving and your way of supporting us! Thanks!