This week’s Scam bulletin starts with a set of guidelines from Action Fraud on how to protect yourself against fraud or cyber crime. Some of these tips are a bit different to the usual ones – keeping an eye on your credit account, watching out for fraud recovery fraud and making sure you’re using something like verified by visa are all very good ones.
Read the full article on the Action Fraud website here https://www.actionfraud.police.uk/individual-protection
1. Do not give any personal information (name, address, bank details, email or phone number) to organisations or people before verifying their credentials.
2. Make sure your computer has up-to-date anti-virus software and a firewall installed. Ensure your browser is set to the highest level of security and monitoring to prevent malware issues and computer crimes.
3. Many frauds start with a phishing email. Remember that banks and financial institutions will not send you an email asking you to click on a link and confirm your bank details. Do not trust such emails, even if they look genuine. You can always call your bank using the phone number on a genuine piece of correspondence, website (typed directly into the address bar) or the phone book to check if you’re not sure.
4. Sign-up to Verified by Visa or MasterCard Secure Code whenever you are given the option while shopping online. This involves you registering a password with your card company and adds an additional layer of security to online transactions with signed-up retailers.
5. You should regularly get a copy of your credit file and check it for entries you don’t recognise. Callcredit, Equifax and Experian can all provide your credit file. An identity protection service such as ProtectMyID monitors your Experian credit report and alerts you by email or SMS to potential fraudulent activity. If it’s fraud, a dedicated caseworker will help you resolve everything.
6. Destroy and preferably shred receipts with your card details on and post with your name and address on. Identity fraudsters don’t need much information in order to be able to clone your identity.
7. If you receive bills, invoices or receipts for things that you haven’t bought, or financial institutions you don’t normally deal with or contact you about outstanding debts, take action. Your identity may have been stolen.
8. Be extremely wary of post, phone calls or emails offering you business deals out of the blue. If an offer seems too good to be true, it probably is. Always question it.
9. If you have been a victim of fraud, be aware of fraud recovery fraud. This is when fraudsters pretend to be a lawyer or a law enforcement officer and tell you they can help you recover the money you’ve already lost.
There are too many scams targeting people at the moment pretending to be from HMRC. So HMRC have this week issued specific guidance on what real contacts or emails from them look like. So if you ever receive an HMRC communication please make sure you check it against this information to find out whether it is real or not before you respond.
A few months ago the National Cyber Security Centre set up a new system to allow individuals to report scam/phishing emails direct to them. It’s been successful to the extent that it has now had just over 1 million reports logged. (Not that one million people having received scam emails that they need to report is a good thing.) Find out more about it here.
If you need to report, use firstname.lastname@example.org
Recently there was a data breach at EasyJet and customer information was ‘lost’. ActionFraud has issued useful advice on what to do if you think your information was affected as part of that cyber attack.
More generally, if you are worried whether your email address has ever been shared as part of a data breach (hopefully so you can do something about it), then you need to visit the website https://haveibeenpwned.com/ and check your email address. Don’t panic if you find your email has been shared – just make sure you change your password for it everywhere you use it!
This week I received a scam email telling me I needed to urgently sort out my TV licence. It all looked very real, but it came to an email address that is not connected to anywhere that needs a TV licence AND it was ‘urgent’. The urgency in an email usually marks it out as a scam. No professional organisation will leave communicating with you until the very last minute and force you to respond straight away. These particular TV licence scams are really common at the moment (see this article from Action Fraud. https://www.actionfraud.police.uk/news/260-reports-of-coronavirus-related-tv-licensing-emails-so-far-this-month
Remember to think twice about all these types of email. If I’d reacted and clicked the big button in the middle of the email then I’d be well on my way to landing on a dodgy website; confirming to a scammer that their email had reach a real person (victim); or even given them the chance to start infection my machine.
So, keep remembering the advice we’ve shared before:
Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.
Challenge: Could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Protect: Contact your bank immediately if you think you’ve fallen for a scam and report it to Action Fraud.
Need to get to understand any of these issues in this bulletin more? You can discuss them on our NEL Watch Network discussion website in the Scams Group. https://www.biglocalnorthcleethorpes.org.uk/nelwatchnetwork
or contact me.
Karl Elliott, email@example.com
Development Manager, VANEL