Criminals commit online fraud in a variety of ways - online banking and shopping, auction websites and online identity theft are just a few examples.
The ease, speed and convenience of online transactions can sometimes lead consumers to exercise less caution than they would when dealing with someone face-to-face.
Action Fraud provides useful advice on avoiding becoming a victim of online fraud or cybercrime. You can view their tips on their website.
Action Fraud has seen a number of different scams circulating relating to Covid-19. This includes people falling victim to online shopping scams, believing they are purchasing protective face masks or hand sanitiser that do not exist. Criminals are also using Government branding to make fake offers of financial support, making phone calls and sending unsolicited emails/texts that seem like genuine correspondence from HMRC, for example. A surge in phishing scams or calls claiming to be from government departments offering grants, tax rebates, or compensation is anticipated.
Criminals are looking to take advantage of people’s financial concerns as a result of the pandemic – they may ask for upfront fees applied to bogus loans, offer high-return investment scams, or commit fraud relating to pensions.
Huge increases in the number of people working remotely presents further opportunities for criminals to commit computer software service fraud. The increased demand on IT systems may make approaches of help to fix devices seem more believable, when in reality, criminals are trying to gain access to computers and/or login details.
The UK Government has only sent one text message to the public to date, regarding rules to prevent the spread of Covid-19. Any other messages claiming to be from the Government are false.
Criminals are able to use spoofing technology to send texts and emails impersonating known and trusted organisations. We remind anyone who receives an unexpected text or email asking for personal or financial details to not click on the links or attachments, and to avoid responding to any messages that ask for personal or financial details.
A spokesperson from the Medicines and Healthcare products Regulatory Agency (MHRA) said:
“We are investigating a large number of allegations of non-compliance relating to the selling of medical devices for use during the Covid-19 outbreak.
“Our advice is to always make sure you are buying medicines and medical devices from a registered pharmacy or website.
“When buying online, beware of bogus websites, suspicious URLS and remember that claims like ‘100% safe, no side effects’ or ‘quick results’, are often warning signs. Cut prices and speedy deliveries can expose you to fake medicines or devices, identity theft and fraud.”
Universal Credit scam
Secretary of State for Work and Pensions Therese Coffey:
“We know cyber criminals and fraudsters are despicably attempting to exploit opportunities around coronavirus. DWP will never text or email asking for your personal information or bank details. Anyone who thinks they have been a victim of fraud should report it to Action Fraud, and notify DWP, as soon as possible.”
- For latest information on Universal Credit go to https://www.understandinguniversalcredit.gov.uk/coronavirus/
We urge people not to click on the links or attachments in suspicious emails, and never respond to unsolicited messages and calls that ask for personal or financial details.
We continue to work with Action Fraud and the National Fraud Intelligence Bureau to shut down sites and posts which promote this type of fraud.
- Take a moment to think before parting with your money or information, especially if the request has come from a cold call, or unexpected text or email. Could it be fake? Do you know or trust the person it’s come from? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you. Take your time to discuss what is being asked of you with friends or family.
- The police, or your bank, will never ask you to withdraw money or transfer it to a different account. They will never ask you to reveal your full banking password or PIN.
If you receive an unexpected text or email asking for personal or financial details, do not click on the links or attachments. Ensure you have the latest software and application updates installed on all devices.
If you believe you have been a victim of fraud, please report it to Action Fraud.
While travel has been limited in recent months, fraudsters are still targeting people searching for their dream getaway.
Fraudsters may use fake online adverts, bogus sales calls, emails and text messages offering cheap rates, or steal images of accommodation from other travel websites. They may offer the chance to go on a free holiday in return for watching a presentation, or they may ask for a holiday to be paid in cash or a bank transfer via MoneyWise or Western Union, for example - which can be difficult to trace and isn’t refundable.
In some cases, fraudsters may completely end contact after receiving payment, when the victim discovers the holiday doesn’t exist, Sometimes the victim may find out at the airport that they’re not booked onto a flight or that their hotel has no record of a booking.
Follow these tips to help outsmart the scammers:
- Don’t reply to unsolicited emails, texts, social media or calls with holiday offers. Links and attachments in emails may lead to malicious websites or download viruses.
- Book a holiday directly with an airline or hotel, or through a reputable agent. Check whether they’re a member of the Association of British Travel Agents (ABTA).
- If you decide to deal directly with the property owner or a letting agent, ask them questions about the booking, room, location and area. Don’t book on websites that don’t have a padlock icon (https) in the address bar, and be extra cautious if you’re asked to pay using bank transfer or cash; pay by credit or debit card if you can.
Look out for warning signs of holiday fraud:
- You’re contacted out of the blue by a travel agent or company you’ve never spoken to before, offering a holiday at a very low price.
- The details, pictures or address of the property or hotel on offer look suspicious, or independent website reviews aren’t favourable or don’t exist.
- You’re asked to pay using bank transfer or cash; pay by credit or debit card if you can for extra protection.
If you think you've been victim of holiday fraud, report it to Action Fraud online or call 0300 123 2040.
- When using auction sites, always use strong passwords and never give your passwords to anyone.
- When paying on auction sites never transfer the money direct to a bank account. Secure sites such as PayPal are usually safer, however payments can be reversed, so check the seller's feedback before making a purchase.
- When selling on auction sites, always make sure you have received payment for sales before dispatching the goods – and when posting, use a fully tracked and signed for postal service.
- Remember if something appears too good to be true, it usually is.
- Keep online banking passwords and personal details private to stop criminals accessing your account.
- Banks will never ask you to reveal your full password on the phone or by email.
- When using online banking, be aware of who can see your screen and make sure you always log out properly.
View the video below which has been produced by Barclays Digital in relation to online banking safety:
- When shopping online, make sure the retailer is reputable; research them and make sure they have an address and phone number.
- Look out for secure "https" links in the address of the website to ensure the site is secure in its payment/form-handling methods.
- Paying online by credit card can offer greater protection than other payment types.
- Try to use different passwords for different websites.
- Fake scam versions of corporate sites may be set up that look almost identical to the original site - yet are completely fake. Always check the web address of the page and ensure it is the official website.
Phishing, vishing and smishing
This relates to any website, online service, phone call or text message which poses as a company or brand you recognise, such as a bank.
Any contact like this is designed to convince you to hand over valuable personal details or your money, or to download a virus to infect your computer.
The three terms are all plays on the word ‘fishing’, in that the fraudsters fish for potential victims by sending emails (phishing), social media messages or text messages (smishing) or making phone calls with urgent messages (vishing) in the hope of persuading someone to visit a bogus website.
You can find out more information about how to recognise these types of fraud, and also ways in which you can protect yourself, by visiting the Action Fraud website.
Identity fraud is more common than you might think, and sharing personal details – your date of birth, address and phone number etc - can make you vulnerable.