stop_signThe aim of this page is to inform and protect people and organisations against fraud and financial crime.

The sites below contain useful and detailed information to help protect you against fraud, financial crime and identity theft

 

 FRAUD ALERTS

Action Fraud Alert Header

If you believe that you have been a victim of a fraud or any other scam you can report it online http://www.actionfraud.police.uk/report_fraud or by telephone: 0300 123 2040.

Reminder: Payment Diversion Alert – 23/01/2017

Payment diversion alert 
Fraudsters are emailing members of the public who are expecting to make a payment for property repairs. The fraudsters will purport to be a tradesman who has recently completed work at the property and use a similar email address to that of the genuine tradesman. They will ask for funds to be transferred via bank transfer. Once payment is made the victims of the scam soon realise they have been deceived when the genuine tradesman requests payment for their services.

Protect yourself

  • Always check the email address is exactly the same as previous correspondence with the genuine contact.
  • For any request of payment via email verify the validity of the request with a phone call to the person who carried out the work.
  • Check the email for spelling and grammar as these signs can indicate that the email is not genuine.
  • Payments via bank transfer offer no financial protection; consider using alternative methods such as a credit card or PayPal which offer protection and an avenue for recompense.

 

Fake Amazon Emails Claim You Have Placed An Order – 05/01/2017

Action Fraud has received several reports from victims who have been sent convincing looking emails claiming to be from Amazon. The spoofed emails from “[email protected] claim recipients have made an order online and mimic an automatic customer email notification.  
The scam email claims recipients have ordered an expensive vintage chandelier. Other reported examples include: Bose stereos, iPhone’s and luxury watches. 

The emails cleverly state that if recipients haven’t authorised the transaction they can click on the help centre link to receive a full refund. The link leads to an authentic-looking website, which asks victims to confirm their name, address, and bank card information.

Amazon says that suspicious e-mails will often contain:

  • Links to websites that look like Amazon.co.uk, but aren’t Amazon.co.uk.
  • Attachments or prompts to install software on your computer.
  • Typos or grammatical errors.
  • Forged (or spoofed) e-mail addresses to make it look like the e-mail is coming from Amazon.co.uk.

Amazon will never ask for personal information to be supplied by e-mail.
You can read more about identifying suspicious emails claiming to be from Amazon by visiting https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=201489210

 

Fake Bank Letters – 13/12/2016

Lloyds customers should be on the lookout for a new sophisticated fraud that involves fraudsters sending fake bank letters. 

The convincing letters being sent are a replica template from Lloyds and include their logo, address and signature from a customer service representative.  
The letter tells recipients that there have been some “unusual transactions” on their personal account and asks them to call a number highlighted in bold to confirm they are genuine. 
When victims call the number, an automated welcome message is played and the caller is asked to enter their card number, account number and sort code followed by their date of birth.Victims are then instructed to enter the first and last digit of their security number.
The fraud was spotted by the Daily Telegraph who was alerted to it by a reader who had three identical letters sent to an office address. On separate occasions the Daily Telegraph ran some tests using fake details and were passed to fraudsters who claimed to be from a Lloyds contact centre. The bank has confirmed that the phone number and letters are fake. 
The letters are essentially a sophisticated phishing attempt and serves as a warning to consumers to question written correspondence from their banks. 

If you are ever suspicious about correspondence from your bank you should call the customer serviced number on the back of their card. 

 

Phishing Email Alert  – 12/09/2016

There is a phishing email currently in circulation that claims to be from the City of London Police. The departments that it claims to represent include the ‘Fraud Intelligence Unit’ and the ‘National Fraud Intelligence Bureau’. The email is titled ‘compensation fund’ and has a letter attachment that claims to be offering financial compensation to victims of fraud. The letter uses the City of London Police logo.

The letter states that in order for compensation to be arranged, the receiver of the email should reply disclosing personal information. It states that HSBC and the South African Reserve Bank have been chosen to handle the compensation claims. All of these claims are false.

The email and letter are fraudulent and should not be replied to.

Protect Yourself

  • Opening attachments or clicking links contained within emails from unknown sources could result in your device being infected with malware or a virus.
  • The City of London Police and the National Fraud Intelligence Bureau will never email you asking for you to disclose personal information.

 

Don’t Be A Money Mule – 22/08/2016

Students are being recruited, sometimes unwittingly, as “mules” by criminals to transfer illegally obtained money between different bank accounts.

What is a money mule?
A money mule is someone who is recruited by those needing to launder money obtained illegally. Criminals advertise fake jobs in newspapers and on the internet in a number of ways, usually offering opportunities to make money quickly, in order to lure potential money mule recruits. These include:

Social media posts
Copying genuine company’s websites to create impression of legitimacy
Sending mass emails offering employment
Targeting individuals that have posted their CVs on employment websites

Students are particularly susceptible to adverts of this nature. For someone in full-time education, the opportunity for making money quickly can understandably be an attractive one. The mule will accept money into their bank account, before following further instructions on what to do with the funds. Instructions could include transferring the money into a separate specified account or withdrawing the cash and forwarding it on via money transfer service companies like Western Union or MoneyGram. The mule is generally paid a small percentage of the funds as they pass through their account.

Money Laundering is a criminal offence which can lead to prosecution and a custodial sentence. Furthermore, it can lead to the mule being unable to obtain credit in the UK and prevented from holding a bank account.

Protect Yourself
Be aware that the offence of money laundering carries a maximum prison sentence, in the UK, of 14 years.
Never give the details of your bank account to anyone that you do not trust.
No legitimate company will ever ask you to use your own bank account to transfer their money. Don’t accept any job offers that ask you to do this.
Be wary of unsolicited emails or social media posts promising ways of earning easy money. If it seems too good to be true, it probably is.
Don’t be afraid to question the legitimacy of any businesses that make you a job offer, especially if the recruitment procedure strays from the conventional.

 

Advance Fee Fraud (Courier) – 11/08/2016

People selling their items on online platforms are falling victim to a new type of advance fee fraud. This involves a fraudster, posing as a buyer, sending an email to the seller (victim), agreeing to the full asking price of the item. They state that they are unable to collect the item themselves and will arrange for a courier to pick it up instead.

The fraudster then sends a fake payment confirmation email from a different email address, one which falsely purports to be from a payment platform. In the course of the email exchange, the seller/victim is requested to pay the courier fee. Once the payment is made the contact is broken, the item is not picked up and the money paid for the ‘courier’ is gone. 

 An example of the most recent emails received by the victim/seller, from the ‘Buyer’, read:

“I want you to consider this a deal as i am willing to pay your full asking price! i actually want to buy it for a family member who is urgently in need of it, i have checked through your posting and i’m fully satisfied with it. Unfortunately, i would not be able to come personally to view/collect, i work offshore as an instructor on a oil rig so i dont have time at all, but like i said i am 100% OK with the advert”

Protect Yourself:

  • Be wary when buyers wish to purchase items at the full asking price without viewing them.
  • Check the validity of the payment receipt confirmation
  • Avoid paying an advanced fee if you are a seller; should you choose to use a courier, arrange your own.
  • Check feedback online by searching the associated phone numbers or email addresses of the seller/buyer. Feedback will give you useful information about recent transactions other buyers/sellers have made.

Upgrade Fraud – 15/07/2016

Fraudsters are impersonating telephone service providers and contacting their clients offering a phone upgrade on a low monthly payment contract. The fraudsters will glean all your personal and financial details which will then be used to contact the genuine phone provider and order a new mobile phone handset. The fraudsters will either intercept the delivery before it reaches the victim’s address or order the handset to a different address.

Protect yourself

  • Never provide your personal information to a third party from an unsolicited communication.
  • Obtain the genuine number of the organisation being represented and verify the legitimacy of the communication.
  • If the offer is too good to be true it probably is.
  • If you have provided personal information and you are concerned that your identity may be compromised consider Cifas Protection Registration.

 

Holiday Booking Fraud – 11/07/2016

With summer holidays fast approaching, individuals are often more exposed to travel booking frauds when looking for last minute package deals / cheap flights. Whether paying upfront for a family holiday or simply booking a flight, payments are transferred only to discover that the holiday / airline ticket does not exist and was sold to you by a bogus travel company. Fraudsters will often lure in potential customers with low prices and ‘one time only’ offers that are simply too good to pass up, requesting payment by the preferred method of direct bank transfer.

Avoid
Paying for a holiday / airline tickets / accommodation via direct bank transfer. No reputable company will ever request payment via this method.
Responding to unsolicited calls, texts or emails offering holidays at incredibly low prices.

Protect Yourself

  • Whenever possible, pay for your holiday by credit card as it offers increased protection.
  • Always remember to look for the ‘https’ and locked padlock icon in the address bar before entering your payment details.
  • Never feel pressured to make a booking for fear that you will miss out on this ‘low price’ opportunity. If you have never used the company before, take your time to do some online research to ensure they are reputable.
  • Should you make a flight or hotel booking through a travel company, feel free to separately check with the hotel / particular airline that your booking does indeed exist.

 

Rio 2016 Olympics Ticket Fraud – 28/06/2016

The Olympic Games in Rio de Janeiro begin on 6th August 2016 and as of late June, you will be able to purchase tickets from the Rio 2016 ticket offices.  Purchasing from an unauthorised seller or a ticket tout could leave you out of pocket; not only are the tickets advertised at inflated prices, but there is also a risk that the tickets purchased are counterfeit or do not exist. Any individual with a counterfeit ticket will be refused entry.

To help protect yourself, the list of authorised sellers has been published on the official website and provides a list of trusted resellers; this can be found at www.rio2016.com. Equally, tickets purchased that are no longer needed can be sold through the Rio 2016 website for a 100% reimbursement of the amount paid if the tickets are resold.

Protect yourself

  • When purchasing from another company or individual, ask questions; specifically when you will receive the ticket and what type of ticket you are purchasing.
  • Pay for tickets by using a credit card or trusted payment service. Payments made by bank transfer may not be recoverable.
  • Always check that the payment screen is secure by looking for the padlock symbol or making sure the website/url begins with “https”.

 

Phishing Campaign Targeting University Students – 13/06/2016

A new phishing campaign which has hit students of UK universities claims that the student has been awarded an educational grant by the Department for Education. The email purports to have come from the finance department of the student’s university and tricks the recipient into clicking on a link contained in the message to provide personal and banking details.

One victim reported that after submitting their sensitive information (including name, address, date of birth, contact details, telephone provider, bank account details, student ID, National Insurance Number, driving licence number and mother’s maiden name), they were taken to a spoofed website which appeared like a genuine website of their bank, where they were asked to type in their online banking login credentials.

Protect Yourself:

  • Do not click on any links or open attachments contained within unsolicited emails.
  • Do not reply to scam emails or contact the senders in any way.
  • If an email appears to have come from a person or organisation you know of but the message is unexpected or unusual, contact them directly via another method to confirm that they sent you the email.
  • If you receive an email which asks you to login to an online account via a link provided in the email, instead of clicking on the link, open your browser and go directly to the company’s website yourself.
  • If you have clicked on a link in the email, do not supply any information on the website that may open.

 

Counterfeit Cheques – 10/06/2016

Businesses are being contacted for the sale of goods or services by fraudsters, who request to pay by cheque. The fraudster sends a cheque with a higher value than the amount expected, and then sends the business a request for the difference with instructions on how it should be paid back. This is usually by bank transfer or through a money transfer service, such as Western Union or PaySafe. Once the ‘refund’ has been provided, it is realised that the cheque provided was fraudulent and no funds are credited to the business’s account.

The NFIB has seen an increase of 84% in the number of counterfeit cheque frauds reported to Action Fraud since November 2015. Criminals are targeting a wide range of services including paintings or other artwork, photography and lessons, with various amounts requested to be refunded.  The average amount requested to be refunded is £1,818. The highest amount requested was over £80,000.

The suspects have used pressure tactics to persuade victims to refund the amounts immediately prior to the cheques clearing.

Crime Prevention Advice

  • Be cautious of payments where the amount provided is higher than expected. Refuse to provide the service unless the correct balance is received or wait until the cheque has cleared before refunding the difference.
  • Always contact banks on a trusted number found on their website or correspondence that is known to be authentic to confirm whether the cheque has cleared.
  • Do not feel pressured to provide a refund before the cheque has cleared.

 

Euro 2016 Ticketing Fraud – 08/06/2016

The 2016 European Football Championships will begin shortly and those wanting to purchase last minute tickets are likely to be targeted by fraudsters posing as official sellers.  Purchasing from an unauthorised seller or a ticket tout could leave you out of pocket; not only are the tickets advertised at inflated prices, there is a risk that the tickets purchased are counterfeit or do not exist. Any individual with a counterfeit ticket will be refused entry.

Resale Platform

Consumers wanting to sell their tickets can do so through the resale platform, where tickets will be resold at face value. For further information please visit UEFA’s website. Those seeking to purchase tickets are advised to check the site regularly as tickets will be sold on a first come first serve basis and are likely to change regularly as different tickets become available to purchase.

  • Only purchase tickets from an authorised seller by using the exchange portal.
  • When using the portal do not be encouraged to contact the seller privately and complete the transaction outside of the portal.
  • Be wary of purchasing tickets from a social media account. There is a risk that the ticket does not exist or is counterfeit. Consider conducting research on the information provided by the seller, for example a mobile phone number or email address used by the seller could alert you to any negative information associated to them online.
  • Avoid making payments through bank transfer or money transfer services, as the payment may not be recoverable.

 

 

Urgent: Online Extortion Demand Affecting Uk Businesses – 29/04/2016

Within the past 24 hours a number of businesses throughout the UK have received extortion demands from a group calling themselves ‘Lizard Squad’.

Method of Attack:
The group have sent emails demanding payment of 5 Bitcoins, to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid. 
If their demand is not met, they have threatened to launch a Denial of Service attack against the businesses’ websites and networks, taking them offline until payment is made.  The demand states that once their actions have started, they cannot be undone.
What to do if you’ve received  one of these demands:

  • Report it to Action Fraud by calling 0300 123 2040 or by using the online reporting tool
  • Do not pay the demand
  • Retain the original emails (with headers)
  • Maintain a timeline of the attack, recording all times, type and content of the contact

If you are experiencing a DDoS right now you should:

  • Report it to Action Fraud by calling 0300 123 2040 immediately.
  • Call your Internet Service Provider (ISP) (or hosting provider if you do not host your own Web server), tell them you are under attack and ask for help.
  • Keep a timeline of events and save server logs, web logs, email logs, any packet capture, network graphs, reports etc.

Get Safe Online top tips for protecting your business from a DDoS:

  • Consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place.
  • If you consider that protection is necessary, speak to a DDoS prevention specialist.
  • Whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits.

 

Online Job Recruitment – 26/04/2016

The National Fraud Intelligence Bureau (NFIB) and Action Fraud have noticed a rise in the reporting of victims being recruited via Facebook to sell items for suspects on eBay – often stating that it is a quick way of making money.

The items are said to be bankrupt stock, purchased via auctions, and need to be sold on quickly. The majority of the items reported have been Apple Mac Book Pro/Electrical Items.

The victim places the items on eBay and once the items are sold, the victim will get paid and transfer the funds to the suspect/recruiter.

Once the suspect/recruiter gets the funds, the purchasers are claiming that they have received empty cereal boxes or often no goods at all, leaving the victim being reported as the actual suspect, and leaving them out of pocket as their account will be debited.

Protect yourself:
 

  • Consider conducting research on other information provided by the seller, for example: a mobile phone number or email address could alert you to negative information associated with the number/email address online. 
  • Be very cautious of unsolicited emails or approaches over social media promising opportunities to make easy money. 
  • When accepting offers, verify the company/entity details provided to you and check whether they have been registered in the UK. 
  • If you think the deal or offer is too good to be true then it probably is!

 

HMRC Tax Rebate Scam – 23/04/2016

Fraudsters are texting members of the public offering a tax rebate. The text message contains a link to a website and requests to provide personal information, such as bank account information, to claim the nonexistent rebate.

Protect Yourself

  • Don’t click on web links contained in unsolicited texts or emails.
  • Never provide your personal information to a third party from an unsolicited communication.
  • Obtain the genuine number of the organisation being represented and verify the legitimacy of the communication.
  • HMRC will never use texts or emails or tell you about a potential rebate or ask for personal information.
  • If you have provided personal information and you are concerned that your identity may be compromised consider Cifas Protection Registration.

 

Wine Investment Fraud – 22/04/2016

A new investment fraud trend is targeting members of the public who are seeking to sell their wine investment.  Fraudsters agree to purchase the victim’s wine, but instead transfer the stock into their own account without paying the victim.  The fraudulently obtained wine is then believed to be sold on to other, unsuspecting victims.  
How does it work?
Fraudsters set up fake companies and websites as well as exploit the names of legitimate, established companies to facilitate this fraud.  They cold-call the victims and offer to purchase their wine for significantly more than the actual market value.  
Fraudulent documents, such as purchase agreements, are used to facilitate the fraud and are sent to the victims via post and email.  Some fraudsters have gone as far as setting up fake escrow services in order to fool the potential sellers that the payments have been transferred.    
The fraudsters send the victims instructions to transfer their wine into storage accounts held within legitimate bonded warehouses.  The victims are informed that upon doing this they will be paid the agreed amount.  The use of storage accounts held within legitimate bonded warehouses adds an air of legitimacy to the process but in actual fact these storage accounts are controlled by the fraudsters.      
Once the wine is transferred into the new storage accounts the suspects break off all contact with the victims.  The wine is then moved again, normally within days and often abroad, and, needless to say, the victim never receives the money from the agreed sale.

Protect Yourself
 

  • Never respond to unsolicited phone calls – if in doubt, hang up
  • Always check that the details of the organisation or company contacting you (such as website, address and phone number) are correct – the fraudsters may be masquerading as a legitimate organisation
  • Never sign over your wine (or any other investment) to another party without first checking they are authentic
  • Don’t be fooled by a professional looking website, as the cost of creating a professional website is easily affordable
  • Escrow services are regulated by the FCA under the Payment Services Directive 2009.  Only deal with a registered Authorised Payment Institution.  You can check the FCA register online at www.fca.org.uk/register
  • Consider seeking independent legal and/or financial advice before making a decision

 

Payment Diversion Alert – 11/04/2016

Fraudsters are targeting members of the public who are expecting to make a payment for property repairs. The fraudsters, via email, will purport to be a tradesman who has recently completed work at the property and use a similar email address to that of the genuine tradesman. They will ask for funds to be transferred via bank transfer and once payment is made the victims of the fraud soon realise they have been deceived when the genuine tradesman requests payment for their services.

Protect Yourself:

  • Always check the email address is exactly the same as previous correspondence with the genuine contact.
  • For any request of payment via email verify the validity of the request with a phone call to the person who carried out the work.
  • Check the email for spelling and grammar as these signs can indicate that the email is not genuine.
  • Payments via bank transfer offer no financial protection; consider using alternative methods such as a credit card or PayPal which offer some protection and avenue for recompense.

 

Fake Email Addresses – 01/04/2016

This alert is a reminder to be aware of emails that appear to have been sent from a legitimate organisation. Fraudsters often use fake email addresses designed to encourage recipients to open attachments or links. You are advised that if you are in any doubt as to the origin of an email, do not open it. Consider that emails can be spoofed and used to generate spam to recipients far and wide. If you receive a spam email, you MUST NOT open it. Instead, delete it from your email system to avoid infecting your device. If you have opened an attachment from a spam email, you should get your device checked over by a professional and change the passwords for all your bank, email and online shopping accounts.

Protect yourself:

  • Do not click or open unfamiliar links in emails or on websites.
  • Make sure you install and use up-to-date anti-virus software.
  • Have a pop-up blocker running in the background of your web browser.
  • If you have opened an attachment and ‘enabled macros’ it is very likely that all your personal data will have been breached. You MUST change all your passwords for personal accounts, including your bank accounts.
  • Ensure Adobe, Flash and any similar software is up to date on your computer.

If you think you have been a victim of this type of email you should report the email to Action Fraud, the UK’s national fraud and cyber crime reporting centre: www.actionfraud.police.uk If you do make a report please provide as much detail as you can about the email and any effects it has had on your computer. Additionally if your Anti-Virus software detects any issues in relation to this email please provide us with the details.

 

Businesses Across The Uk Being Extorted – 02/03/2016

Action Fraud has received several reports in the last 24 hours from businesses who have been sent online extortion demands from scammers threatening a cyber attack. 

The scammers, who call themselves the “RepKiller Team”, have been sending emails to businesses across the UK demanding payment of between £300-£500 in Bitcoins by a certain date and time. 

If the demands are not met, the team have threatened to launch a cyber attack against the businesses and their reputation by automating hundreds of negative reviews online. 

The emails also claim that once actions have started, they cannot be undone. Although these scammers are currently calling themselves “RepKiller”, it is common for fraudsters to continually change and adopt new tactics – email names can be made and changed easily.

What to do if you receive one of these emails?

  • Whether the attack is attempted or successful, you should report it to Action Fraud on 0300 123 2040 or by using our online reporting tool
  • Do not pay the demand. There is no guarantee the scammers won’t launch an attack and could encourage further extortion demands in the future.  
  • Retain all the original emails. Should law enforcement investigate, the information contained within the email headers can be used as evidence. 
  • Maintain a timeline of the attack recording all times, type and content of contact.

 

Protect Yourself From Bogus Websites – 19/02/2016

Fraudsters are setting up high specification websites advertising various electrical goods and domestic appliances. These goods are below market value and do not exist. The website will state you can pay via card; however when the purchaser goes to pay, this option is not available and the payment must be made via bank transfer.

The fraudster entices the purchaser and reassures them it is a legitimate purchase by using the widely recognised Trusted Shop Trustmark. They then use the Trustmark fraudulently and provide a link on the bogus electrical website to another bogus website (which purports to be Trusted Shops). This website shows a fake certificate purporting to be from Trusted Shops and provides thousands of reviews for the bogus electrical website. These reviews are all fraudulent. The website has not been certified by Trusted Shops and therefore the purchaser is not covered by the Trusted Shop money-back guarantee.

Protect yourself:

  • Check the authenticity of the website before making any purchases. Conduct a ‘Whois’ search on the website which will identify when the website has been created- Be wary of newly formed domains. You can conduct this search using the following website – https://who.is/
  • Conduct online research in relation to the website, company name and the business address provided to identify any poor feedback or possible irregularities.
  • Check the Trusted Shops Facebook page where warnings about websites using their Trustmark are published. If you are in doubt about the legitimacy of a Trustmark then you can contact Trusted Shops on 0203 364 5906 or by email [email protected]. They will confirm whether they have certified that website.
  • Payments made via bank transfer are not protected should you not receive the item. Therefore always try to make the payment via PayPal or a credit card where you have some payment cover should you not receive your product.
  • If the item advertised seems too good to be true, then it probably is. 

 

Advice For Flood Victims: Bogus Trades People – 05/02/2016

In December 2015 the UK was hit by three severe storms resulting in widespread flooding across the North of England and Scotland.

The NFIB would like to make flood victims aware of the possible threat that Rogue Traders and Bogus Trades People pose to them. Buying on your doorstep can be convenient. However, a salesman who uses clever tactics can pressurise you into buying something you actually don’t want or something that’s poor value for money.

Protect yourself against bogus trades people fraud

  • Always ask for identification before letting anyone you don’t know into your house.
  • Check credentials, including a permanent business address and landline telephone number. The mobile phone numbers given on business cards are often pay-as-you-go numbers which are virtually impossible to trace.
  • Take control by asking the questions. Ask for references from previous customers or to see examples of their work.
  • Don’t sign on the spot – shop around. Get at least three written quotes to make sure you’re not being ripped off.
  • If in any doubt, ask the person to leave or call the Citizens Advice consumer helpline on 03454 04 05 06.

If you do decide to buy:

  • Always get any agreement you make in writing.
  • Beware when filling in forms or when speaking to the salesperson, and ensure you don’t reveal confidential details that a fraudster could use to assume your identity or take control of your finances. This may allow a fraudster to steal money from your account or order goods and services in your name.
  • Usually, you have a seven-day cooling off period. So if you decide to cancel the contract, act fast.
  • Think very carefully about having any work done or goods delivered during the cooling off period. You may have to pay, even if you change your mind.
  • Never pay for work before it has been completed, and only then if you are happy with it.

 

Your Package Has Been Seized” Royal Mail Scam Email – 01/02/2016

Fraudsters are sending out virus infected emails that claim a package has been seized by HM Revenue & Customs upon arrival into the United Kingdom. The official looking scam emails claiming to be from Royal Mail contain a link to a document which will install malicious software on your computer designed to steal credentials like account names, email addresses and passwords.

An example email reads:

Title: Your parcel has been seized
Royal Mail is sorry to inform you that a package addressed to you was seized by HM Revenue & Customs upon arrival into the United Kingdom.
A close inspection deemed your items as counterfeit and the manufacturers have been notified. If your items are declared genuine then they will be returned back to you with the appropriate custom charges.
You may have been a victim of counterfeit merchandise and the RM Group UK will notify you on how to get your money back. Please review the attached PDF document for more information. 
Document (RM7002137GB).Zip
Please accept our apologies for any inconvenience this may have caused.

To help the spread of the virus, the email also says: “you will need to have access to a computer to download and open the Zip file”. If you receive one of these emails, do not click on any links or download any attachments and report it to Action Fraud.

Protect Yourself

  • Royal Mail will never send an email asking for credit card numbers or other personal or confidential information.
  • Royal Mail will never ask customers to enter information on a page that isn’t part of the Royal Mail website.
  • Royal Mail will never include attachments unless the email was solicited by a customer e.g. customer has contacted Royal Mail with an enquiry or has signed up for updates from Royal Mail.
  • Royal Mail have also stressed that they do not receive a person’s email address as part of any home shopping experience.

Timeshare Recovery Room Fraud – 28/01/2016

The National Fraud Intelligence Bureau (NFIB) is warning people of the dangers of Recovery Room fraudsters targeting former victims of Timeshare fraud.
Recovery Room Fraud refers to a scam whereby fraudsters contact the victims of previous frauds, often by way of cold calling them, and claim to be able to recover previously lost funds. In July 2014 the Financial Services Authority (FSA) estimated that 30% of people who had lost money through Investment fraud would also fall victim to a Recovery Room fraud.

When Recovery Room fraudsters target victims of timeshare frauds they usually claim to be a legal professional or a representative of a government agency (normally within the country where the original timeshare property was based) in order to legitimise the scam. The fraudsters know personal details about the victim and their previous investment which gives them credibility. They claim that the advanced fees requested are for ‘local taxes’ or ‘litigation costs’ incurred during the recovery of the funds. It is suspected that the persons behind Recovery Room frauds are often the same people involved in the original scams even though these crimes may have occurred years earlier.

Initially, a small fee, typically in the region of £200-400, is requested by the fraudsters which they often claim is refundable as part of a ‘no-win no-fee’ basis.  The fraudsters rely on the victims seeing this as a nominal fee compared to the amounts lost, which often run into the tens-of-thousands of pounds, and therefore worth paying if it facilitates the return of their money. Once paid, various excuses are made by the fraudsters to explain delays in the recovery of the funds.  Subsequently, further larger amounts are then requested by the fraudsters.  Needless to say, no refunds ever materialise and no money is ever recovered.

Protect Yourself

  • Never respond to unsolicited phone calls – if in doubt, hang up.
  • Always check that the details of the organisation or company contacting you (such as website, address and phone number) are correct – the fraudsters may be masquerading as a legitimate organization.
  • Don’t be fooled by a professional looking website as nowadays the cost of creating a professional website is easily affordable.
  • Be wary of any firms or individuals asking for advanced fees.
  • Consider seeking independent legal and/or financial advice before making a decision.

Elderly Targeted By Fake Police Officers – 30/11/2015

There has been a recent series of incidents whereby fraudsters either phone or attend the home address of elderly members of the public, claiming to be police officers.

The fake officer/s will claim that they are investigating a fraud which they believe the elderly person to be a victim of. The fake officer/s will then request the bank cards and personal identification numbers (PIN) of the victim and claim these are needed for investigation purposes. If the first contact was made by a phone call, the fake officer/s will tell the victim that someone will be over to collect the evidence. In one case the victim was instructed to attend their local bank and withdraw all of the money from their account. The suspect was left alone in the victim’s house whilst the victim carried out the instructions.

Protect Yourself

  • Before letting anyone into your home who claims to be from any law enforcement agency, ask to see their identity card and check it by calling 101.
  • Ask if they can attend at a pre-arranged time when a family member or friend can also be present.
  • If you receive a phone call from a police officer,  ask for their name and force and tell them you will call them back. Wait a few minutes and then use 101 to call them back through their force’s switchboard and verify their identity.
  • The Police will never ask for your PIN or passwords. Do not give this information to anyone.
  • The Police will never request that you withdraw/transfer any money to them.

Protect Yourself From Bogus Electrical Websites – 23/11/2015

Fraudsters have set up a high specification website template advertising various electrical goods and domestic appliances. These goods are below market value and do not exist. The fraudsters will request your card details via the website; however the purchaser will then receive an email stating the payment failed and they must pay via bank transfer.

The fraudsters entice the purchaser and reassure them it is a legitimate purchase by using the widely recognised Trusted Shop Trustmark. The fraudsters are using the Trustmark fraudulently and have not been certified by Trusted Shops and therefore the purchaser is not covered by the Trusted Shop money-back guarantee.

Protect yourself:

  • Check the authenticity of the websites before making any purchases. Conduct a ‘whois’ search on the website which will identify when the website has been created, be wary of newly formed domains. You can conduct this search using the following website – https://who.is/.
  • Carry out online research in relation to the website, company name and the business address provided to identify any poor feedback or possible irregularities.
  • Check the Trusted Shops Facebook page where warnings about websites using their Trustmark are published. If you are in doubt about the legitimacy of a Trustmark then you can contact Trusted Shops on 0203 364 5906 or by email [email protected]. They will confirm whether they have certified that website.
  • Payments made via bank transfer are not protected should you not received the item. Therefore always try to make the payment via PayPal or a credit card where you have some payment cover should you not receive your product.
  • If the item advertised seems too good to be true, then it probably is.

Talk Talk Cyber Attack – 24/10/2015

Cyber Attack
Talk Talk, the phone and broadband provider, has been the victim of a cyber attack on their website commonly referred to as DDoS – distributed denial of service attack. This has led to hackers accessing Talk Talks servers and stealing personal data, which could affect over four million customers. It is currently unknown exactly what data has been stolen but Talk Talk has stated that there is a chance that some of the following data could have been accessed:

  • Name and addresses
  • Dates of birth
  • Email addresses
  • Telephone numbers
  • Talk Talk account information
  • Credit card and banking details

Protect yourself

  • Be wary of any emails claiming to be from Talk Talk asking for additional information such as passwords even if they are able to tell you specific account details – this could be a phishing email and sent to gain access to your account.
  • If you have opened an email attachment please ensure you change the passwords for all your bank, email and online shopping accounts.
  • As well as e-mails be wary of any telephone calls claiming to be from Talk Talk that ask for additional information or want to gain remote access to your computer. Again they may tell you specific details about your account. If you get such a call do not give any details, terminate the call, use a separate telephone line/mobile phone and call Talk Talk back on one of their known numbers to ascertain if the call is genuine.
  • Monitor your bank accounts for any unusual activity that you believe may be fraudulent.

Police Spam Email – 23/10/2015

There is email in circulation that appears to have been sent from a legitimate Lancashire Constabulary email address. The email appears to come from ‘Lyn Whitehead’ and is asking the recipient to pay an invoice that is attached to the email.

The email has not been generated from inside the Constabulary or by the Constabulary. This email has not been sent from Lancashire Constabulary. A third party supplier to the Constabulary has had their data breached, as a result of the breach this Lancashire Constabulary email address has been spoofed and used to generate spam to recipients far and wide.

This type of email is commonly referred to as spam, and if you have received it you MUST NOT open it. Instead delete it from your email system to avoid infecting your device.

Protect Yourself: 

  • Do not click or open unfamiliar links in emails or on websites
  • Make sure you install and use up-to-date anti-virus software
  • Have a pop-up blocker running in the background of your web browser
  • If you have opened the attachment and ‘enabled macros’ it is very likely that all your personal data will have been breached. You MUST change all your passwords for personal accounts, including your bank accounts.

If you believe you have become a victim of this get your device checked over by a professional.

If you think you have been a victim of this type of email you should report it to Action Fraud, the UK’s national fraud and cyber crime reporting centre. www.actionfraud.police.uk

If you do make a report please provide as much detail as you can about the email and any effects it has had on your computer. Additionally if your Anti-Virus software detects any issues in relation to this email please provide us with the details.

More information can be found on Lancashire Constabulary website
http://www.lancashire.police.uk/news/2015/october/email-virus-alert.aspx
You can get more advice on this by visiting the following websites:
The most common Internet Scams are updated on http://www.cyberstreetwise.com/common-scams

Pension Scam Alert – Cape Verde – 21/10/2015

The National Fraud Intelligence Bureau (NFIB) has been alerted to a pension scam whereby cold callers continue to target members of the public aged 50 to 60 years old to release and transfer their pension early. Suspected firms who advertise and arrange pensions are offering investments in alternative commodities such as hotel developments or property in Cape Verde, and operate as unregulated collective investment schemes.

Often, the cold calling ‘pension companies’ involved are neither regulated nor qualified to give financial advice and classify themselves as a ‘trustee’, ‘consultant’ or an ‘independent advisor’ and offer exceptionally high return rates for investors.  

Some victims have signed documents that authorises a limited company to be set up using their personal details, including utilising a Small Self–Administered Scheme (SSAS). Whilst SSAS accounts and limited companies are essential for legitimate schemes, the fact that victims are unaware that this will happen suggests that the scheme may not have been fully explained to them, increasing the likelihood that there may be an element of fraud involved.

Protect yourself:

Further advice can be found at:
http://www.fca.org.uk/your-fca/documents/protect-your-pension-pot
http://www.fca.org.uk/consumers/financial-services-products/pensions/protect
http://www.thepensionsregulator.gov.uk/individuals/dangers-of-pension-scams.aspx

Ensure that you request that the risks and growth rates are explained and that you fully understand them before transferring your pension

Check whether the pension arrangement company is registered with the FCA. Registered companies can be checked using the FCA register online at: https://register.fca.org.uk/

Remember that if the offer seems too good to be true, then it generally is

Council Tax Scam – 20/10/2015

Fraudsters have been phoning victims telling them that they have been placed in the wrong council tax bracket for a number of years and are entitled to a rebate. They normally say that this rebate should be worth about £7,000. Once the victim is convinced, the fraudster tells them that in order to receive the rebate they will need to pay an administration fee in advance. The payment they ask for varies between £60–£350. The victim provides the details and makes the payment, but then is no longer able to make contact with the person they spoke to on the phone. When they phone their council about the rebate and the fact that they are in the wrong tax bracket, the council will confirm that they know nothing about it and that they have been contacted by fraudsters.

The fraudsters have mainly been targeting both male and female victims who are aged 60 and over and live in the Sussex area, but it is likely that the fraudsters will also start to target victims in other areas.

Protect Yourself:Never respond to unsolicited phone calls.
Your local council won’t ever phone out-of-the-blue to discuss a council tax rebate. If you receive a call of this nature, put the phone down straight away.
No legitimate organisation will ask you to pay an advanced fee in order to receive money, so never give them your card details.
If you think you have been a victim of fraud, hang up the phone and wait five minutes to clear the line as fraudsters sometimes keep the line open. Then call your bank or card issuer to report the fraud. Where it is possible use a different phone line to make the phone call.


 

Action Fraud

Who is Action Fraud?

Action Fraud is the UK’s national fraud reporting centre where you should report fraud if you have been scammed or defrauded.

We provide a central point of contact for information about fraud and financially motivated internet crime. People are scammed, ripped off or conned everyday and we want this to stop. We believe that we can beat fraud if we talk about it.

We work with partners in law enforcement – the National Fraud Intelligence Bureau, run by the City of London Police – to make sure your fraud reports reach the right place

Report fraud and internet crime

You can report fraud using our online fraud reporting service any time of the day or night; the service enables you to both report a fraud and find help and support. We also provide help and advice over the phone through the Action Fraud contact centre. You can talk to our fraud specialists by calling 0300 123 2040.

When you report to us you will receive a police crime reference number. Reports taken are passed to the police who may contact you for further information. Action Fraud does not investigate the cases and cannot advise you on the progress of a case.

 


Identity Fraud Prevention

Identify fraud could affect any one of us!
Identity Fraud is one of the UK’s fastest growing crimes, affecting individuals and businesses alike. Although most people know about it, our research shows that consumers and businesses are not aware of, or not taking the steps they could and should be taking to fully protect themselves.

National Identity Fraud Prevention Week is a nationwide effort to help in the battle against identity fraud. How can you protect your identity and safeguard your business? This website offers a range of resources to help you and your business avoid the costly and debilitating effects of this crime.

Website >> Stop IdFraud


Get Safe Online

Get Safe Online a joint initiative between the Government, law enforcement, leading businesses and the public sector. Our aim is to provide computer users and small businesses with free, independent, user-friendly advice that will allow them to use the internet confidently, safely and securely.
Get Safe Online.

Website >>Get Safe Online