"I’m not that stupid" … "It’ll never happen to me" ... "I wouldn’t fall for one" ...
… that’s what many of us think when we talk about falling victim to a scam.
But it only takes a second to get scammed.
In fact, nearly £11billion was lost to the UK economy as a result of fraud, including cybercrime, in 2015/16, according to Action Fraud and Get Safe Online.
Scams are becoming more sophisticated and harder to recognise. If you’re not on your guard, it’s all too easy to click on a bona fide-looking link and before you know it you’re the next victim.
Adults in the UK spend over 20 hours a week on the internet says Ofcom.
Given how much time we spend online buying, selling, chatting and sharing, the web is ripe for potential cybercrime targets.
Here are a few you scams need to watch out for…
It’s unlikely you’d raise even an eyebrow to an email from Amazon popping up in your inbox, let alone any alarm bells, but you need to be alert. Action Fraud, the UK's national fraud and cyber-crime reporting centre, says it’s received reports from victims who have been sent ‘convincing-looking emails’ claiming to be from Amazon.
The email thanks you for your order, whether it’s a watch, an iPhone, an action figure or even a potty, and then goes on to say that if you haven’t authorised the transaction you should click on a link to get a full refund. That’s where the problem starts.
The link takes you to a very legitimate-looking website which asks for your name, address and bank card details. Hey presto – the scammers have got all they need to go on a spending spree.
Amazon says, "The best way to ensure that you do not respond to a false or phishing e-mail is to always go directly to your account on Amazon to review or make any changes to your orders or your account."
You can report a false or phishing email to firstname.lastname@example.org. There is also a video to help you identify whether an email is from Amazon.
It’s not the first and probably won’t be the last PayPal email scam. This one warns of "unusual activity on your PayPal account". It advises you to click on the link to "resolve a limitation on your account". It asks you to log into your account and confirm your details and security questions. By doing so, you’re handing over your personal details to scammers who can then go on and use them to their advantage, whether that's stealing your identity, spending your money or gaining passwords to your other accounts.
Paypal offers advice on how to find out how to spot a fake email.
But it’s not just emails that can catch you out. You need to keep your wits about you when you receive instant messages as well.
Over one billion people use WhatsApp messenger service each month. That’s nearly one in seven people around the world using the app to chat with friends and family. For the scammers, it’s easy pickings. They only need to catch out a very small proportion of users to rake it in.
One of the latest scams is offering Sainsbury’s gift cards. A victim receives a message that looks like it’s from a genuine contact in your phone, telling you that Sainsbury’s is giving away £100 gift cards to celebrate new stores opening. The link in the message looks real enough. But if you click on it you could end up downloading malware onto your phone, scammers could steal your personal details and your identity.
A Sainsbury’s spokesperson said, “We are aware of the issue and are advising customers to delete the message."
Follow WhatsApp’s advice for staying safe whilst using their messaging service
Facebook Market Place
In October last year, Facebook Marketplace was launched. It allows people to buy and sell items locally.
However, unlike rival websites, there isn’t a secure payment facility like PayPal, or any feedback systems in place. So, it’s up to buyers and sellers to agree on prices and payment methods. Action Fraud has received reports of victims asking to pay via PayPal but being met with a variety of excuses as to why they can’t and the fraudster then asks them to pay by bank transfer. Victims transfer the money but don’t receive the goods and have no way of getting in contact with the seller because their messages are blocked.
Read Facebook's advice on how to report fraud.
HM Revenue & Customs and iTunes vouchers
This scam has been going a while… but it’s still very much in play. Action Fraud has received hundreds of complaints about it.
Unsuspecting victims are contacted via phone calls, text messages and emails from fraudsters claiming to be from HMRC. They are told they must pay off fake debts and taxes by using iTunes Gift Cards. The victim buys a gift card and hands over the 16-digit code on the back of the card to the fraudster during a phone call to pay off debts and tax.
Fraudsters use iTunes Gift Cards to collect money from victims because they can be easily redeemed or sold on. The scammers don’t need the actual physical card to buy goods.
Apple says: "If you're approached to use iTunes Gift Cards for payment outside of our official stores you could very likely be the target of a scam and should immediately report it to your local police station.”
Here’s Apple’s advice regarding the iTunes voucher and HMRC scam
What do the experts say?
Cyber security expert David McClelland says, "We’re all taught about 'stranger danger' when we grow up and really we need to develop this now to keep our guard up when opening emails and instant messaging conversation. We need to be less trusting.
"It’s important to remember that scammers send out emails en masse. They don’t know the names of people receiving them. That’s how good guys differentiate themselves from the bad guys. If a message or email starts with ‘Hey member’ or ‘Hey [email address]’ alarm bells should ring. Have a look at the account numbers, your name and check the links before you click on them.
"Scammers can try to shock you into action. Your guard comes down because you’re reacting to something you’re being told. They will do anything to get click-through."
If you have been a victim of fraud report it to Action Fraud - call 0300 1232040.
If you have a story you think we should investigate please email us at email@example.com