Think Twice Before You Act

Advice on protecting yourself from scams

19 Jan 2016

Are you a victim of social engineering – and we don’t mean the kind done by Hyacinth Bucket.

Social Engineering refers to extremely targeted types of scam, where fraudsters manipulate their victims into sharing confidential information through fake emails, phone calls, texts, social media and even infected discs or UBS sticks.

And these criminals do their homework, making their scams sound convincing by piecing together information about their victims from social media and intercepted correspondence.

Many don’t realise they have been taken in until it’s too late, with the latest figures from the National Fraud Investigation Bureau (NFIB) showing there has been a 21 per cent rise in reporting incidents nationally in the last 12 months.

A total of 95,556 phising scams were reported to Action Fraud between November 2014 and October 2015 – again a rise of around 21 per cent on the previous year.

However, you can find out more about how to protect yourself thanks to the latest campaign from Get Safe Online and Humberside Police.

A national advertising campaign has been launched this week urging people to Think Twice Before You Act.

According to research from Get Safe Online, the most popular angles and guises for phishing scams include pretending to be from BT, iTunes/Apple ID, HRMC, a lottery organiser, PayPal, a bank or Amazon.

In terms of the most popular channels for phishing, email comes out top, accounting for over three quarters (77 per cent) of all reported incidents. This is followed by phone calls, which accounted for one in ten (12 per cent) incidents.

In addition, 29 per cent of all reported phishing emails contained a potentially malicious link which when clicked, could deliver malware to a victim’s computer or request their personal details.

Tony Neate, CEO of Get Safe Online said: “Social engineering is becoming ever more targeted and personal, which is why it’s no surprise that the number of cases is on the rise.

“What’s worrying, however, is the complex nature of these scams and how they tap perfectly into feelings that make us panic - if we get an email purporting to come from someone we trust (such as our bank) about something that is emotive to us all (money) and then demand that we act urgently, it’s almost like the perfect storm.

“That’s why we’re so pleased to be teaming up with the banks, Humberside Police, City of London Police, Cifas and FFAUK to encourage people to think twice before they act and not to let panic override common sense. 

 “We also advise that people make sure they have strong passwords or PINs to secure devices, as well as making sure all software and apps are up-to-date.

“If you do have suspicions regarding an approach, it’s always better to be safe than sorry, so trust your instincts and double-check the person is who they say they are before handing over any information. This way, we can stay one step ahead and stop more people from falling prey to an online criminal.”

Detective Inspector Rich Osgerby, from the Humberside Police cyber crime unit added: “Most of us will be targeted by social engineering at some point.

“Most people are able to identify a time when they have been contacted by someone – whether by email, through the post or over the phone – who has tried to get them to hand over their personal information.

“These criminals are using increasingly sophisticated means to convince their victims to part with their details and some have lost large amounts of money.

“I would urge anyone who receives unsolicited phone calls, texts, emails or letters to ignore them.

“Don’t enter into conversation. Simply hang up, throw the letters away and delete any emails – without clicking on any links or attachments.”

If you have been a victim of banking fraud or spot irregular activity on your account, contact your bank immediately as there will be more chance that your losses may be recovered

It’s important to report any fraud to Action Fraud, the UK’s national fraud reporting centre by calling 0300 123 20 40 or by visiting www.actionfraud.police.uk

For general advice on how to stay safe online, visit www.GetSafeOnline.org or check Humberside Police's Has It Clicked? campaign. You can also follow @HP_Cyber on Twitter and log on to the force Facebook page for all the latest updates.