Skip to content
New: AI verdicts in plain language.
Scampilot
← All guidesGuide

Phishing emails & texts

Phishing messages impersonate a bank, shop, parcel service or authority and push you to a fake login page to "fish" for your passwords, card numbers or other personal data. They lean on urgency and a link that looks almost right.

Warning signs

  • A generic greeting ("Dear customer") instead of your name.
  • Urgent threat: act now or your account/card will be blocked.
  • A link whose visible text differs from where it actually points.
  • Requests to "confirm" passwords, PINs, TANs or card data by link.
  • Sender address that almost matches the real brand but is off by a character.

Example

Dear customer, we noticed unusual activity on your account. To avoid suspension, confirm your identity within 24 hours: hxxp://secure-bank-verify.com/login

Made-up example - not a real message.

How to protect yourself

  1. 01Never click links in unexpected messages - open the site yourself via a bookmark or by typing the address.
  2. 02Banks and authorities never ask for passwords, PINs or TANs by email or text.
  3. 03Hover over links to preview the real target before tapping.
  4. 04Turn on two-factor authentication so a stolen password alone is not enough.

Already caught out?

  1. 01Change the password immediately - and anywhere else you reused it.
  2. 02Call your bank to block cards/transfers if you entered banking data.
  3. 03Report it to your local consumer-protection or police cybercrime unit.

Sources

Unsure about a specific message?

Paste it in - Scampilot checks text, links and numbers and explains the verdict.

Check it now