How to Detect a Phishing Attack


This article is going to teach you what is phishing & how to detect a phishing attack. This will definitely enable you to secure all your social media accounts, credit cards, and other important online accounts against hackers.

One of the common method of hackings is phishing. A lot of emails, credit cards, social media accounts, for example, Facebook, Instagram, Twitter, etc are being hacked on a daily basis through phishing method. If you can recognise a phishing attack you will easily prevent hackers from stealing your credentials. 

When you fall for a phishing attack, the hacker will steal your personal information, card details, and login credentials and use it to compromise your accounts.

What Is Phishing?

Phishing is a fraudulent strategy used by hackers to obtain credentials such as usernames, passwords and credit card details, by impersonating legit entities through electronic communication.

In other words, phishing is a method used by hackers to steal credentials by pretending to be someone or company you know and trust.

Reommended: Common Hacking Methods

Below are some of the phishing techniques hackers use to steal credentials:

Example Of Phishing Attack

  • Fraudulent email saying that your credit card has expired or you should change your password, therefore, demanding your personal credentials.
  • Fraudulent text messages.
  • Malicious links.
  • Cloned websites that look legit.
  • Fraudulent phone calls.

The few examples of phishing  are some of the techniques used in stealing credentials. However, below is how to detect a phishing attack.

How To Detect A Phishing Attack

In order to detect a phishing attack, you will have to inspect every email, website or link and conversation. 

How To Recognise a Phishing Email

If you are an online marketer, website owner, Facebook user, Twitter or Instagram user with massive followers. There are a lot of phishing emails that looks very real that you will be getting on a daily basis. Below is the example of a phishing email.

how to recognise phising email

Anytime you receive an email, always inspect the email before you proceed. Most phishing emails will come with a fake domain name or a spoofed email address, grammatical errors, spelling mistakes and fake email signature.


The email you see on the above screenshot is a fraudulent email. The hacker will make a fake offer to you so that he or she can collect sensitive information and then use the information to exploit you. 

How to Recognise a Phishing Website

To recognise a Phishing website, you will need pay a close attention to the website you are browsing on. A hacker can clone a legit website and register a similar domain name as the original website. For instance, a hacker can clone a Bank website called and buy a similar domain name like If you check closely, you will discover that the hacker replaced ‘o’ with a zero ‘0’. Therefore always inspect the domain name of every website you visit.

Additionally, some phishing websites are professionally designed and it becomes difficult for the average internet user to recognise the website as a phishing website. In this case an Antivirus software with internet security will easily detect such phishing websites and notify you. Therefore it is recommended you install an antivirus software in your device.

There are a lot of websites that are designed to steal your personal data, credit cards, or logins. So you have to be very mindful of the kinds of websites you open or put your logins or card details. Below are the steps to inspect and detect a phishing website.

  • Avoid any website without HTTPS encryption.
  • Search for the website review on Google to know if they are legit before you add your credit card or login credentials.
  • Make sure the site you are about to add your credit card details or login credentials is the right website because there are a lot of cloned websites impersonating top legit websites.


However, as soon as you notice that you have added your credit card or login credentials to any phishing websites, below are what you should do immediately to prevent the hackers from compromising your account:

  • Rush to the bank or use your phone to deactivate the Debit/Credit Card.
  • Reset your password with a strong password.
  • Sign out all sessions through your social media settings.
  • Clear your browsing history.
  • Do not visit the website again

SMS Phishing

SMS phishing is another common method hackers use to trick their victims and steal credit card details, BVN numbers or any other sensitive information. 

You need to be very vigilant, no matter how urgent the issue may be, your bank customer care will never call you on the phone or send you an SMS to request for your card details, Codes or your BVN number, rather they will invite you over to the bank. So do not believe the SMS you see or the phone call no matter how they try to convince you.

Below are other phishing tricks

  • Social Engineering through social media.
  • Fake offers

How To Prevent Phishing Attack

To prevent a phishing attack you are required to do the following:

  • Install an antivirus software with internet security
  • Use two-step verification for your social media accounts.
  • Set up OTP (one-time password) for your credit cards.
  • Use a strong password for your accounts.
  • Do not disclose your recovery email or phone number to anyone.
  • Do not click on any link you see in your emails or social media, most of them are malicious links.
  • Do not add your card details to websites that are giving you offers you did not request for.


Now you know what is phishing & how to detect a phishing attack, however, if you still have question please do not hesitate to let us know.

Image Credits: Google Image

Saint Yome

Saint Yome

Cyber Security Researcher and Consultant. Founder and CEO of Futtress Lab Ltd