What is phishing
A deep dive into email, call and text scams
'Phishing’ on the internet may not involve a boat, a pole or the sea. But like the deep blue sea, the vast world of the web is a place where information, like fish, flows freely, and transactions can occur as quickly as a dolphin speeding underwater - and scammers have found ways to obtain information illegally. One tactic is through phishing.
While scams and frauds are common on the internet, there are ways to spot them early, which we talk about in our 'How to spot a credit card scam' article. However, it’s also crucial to understand the types of scams as well.
We’ll go through what phishing is, the common techniques used and how you could prevent phishing by spotting it early.
What is phishing?
The term ‘phishing’ is a fraudulent practice, which involves scammers sending emails or other messages, pretending to be someone from a reputable company. While posing as said person, they’ll purposely try to convince a victim to share their personal information, such as passwords and credit card numbers.
There are many tactics they may try to use, but here are some of the main tactics to look out for:
Common phishing techniques
Sending emails/messages posing as trusted organisations or loved ones, asking to:
Send personal information, passwords and credit card details
Transfer money to a UK or international bank account
Click links or downloading infected attachments that may contain computer viruses
While phishing is the act of fraudsters sending scam emails and messages, it’s also vital to look out for other practices
Spear phishing
A form of phishing that targets a specific person or organisation. Fraudsters may gather information about the person through social media.
Vishing (voice phishing)
When fraudsters call victims directly. They’ll often pose as legitimate entities, such as banks or government agencies, creating a false sense of urgency.
Smishing (SMS phishing)
When phishing happens through text messages, or private messaging on social media.
What to do if you think you’ve received a phishing email
Be sceptical: Be cautious if you receive an email requesting sensitive information.
Verify communication: Check the legitimacy of emails or messages by contacting the organisation directly. Visit their official website rather than the email when looking for contact information.
Don’t click the links: If the suspected email asks you to click a link or an attachment, be careful not to click them as they may contain viruses.
How to report phishing activity
If you think you’ve been scammed or are worried someone has taken your credit card details illegally, it’s important to report it as soon as possible. To report a potential scam you can:
Contact your credit card company
You should contact your credit card provider straight away, especially if you believe you have been scammed.
Report it to Action Fraud
Action Fraud is the UK’s national reporting centre for fraud and cybercrime. Their purpose is to collect information about scammers to send to the police.
Report fraud online
Call Action Fraud on 0300 123 2040
Need more help?
Content correct at time of writing 29/08/25.
John Lewis Money is not responsible for content contained on external websites. This article is for promotional or information purposes only. You must not rely on it as advice. Please contact a financial adviser if you need advice before you buy a financial product or service.
Recommended articles
How to spot a scam
It’s understandable to feel stressed out when thinking about protecting yourself from fraud.
What is credit card fraud?
Credit card fraud happens when a criminal has access to another person’s credit card details and uses it without their permission.
How do credit cards work?
Find out about repayments, credit limits, interest and how to avoid charges and fees.