Telephone, Internet and Letter Scams

Fraud and online crime is believed to cost the UK £2 million every day.

The Metropolitan Police publish videos and booklets to increase awareness of potential scams and avoid any financial loss.

At www.met.police.uk go to 'The Little Guide to... preventing fraud and cyber crime' webpage.

There are 10 video guides and a range of booklets to view or download:

The Little Book of Big Scams ~ The Little Book of Cyber Scams

The Little Leaflet of Cyber Advice ~ Little Booklet of Phone Scams

The National Cyber Security Centre's Cyber Aware campaign gives the government's advice on how to stay secure online.

It has 6 top tips and a range of advice and guidance.

People in the North East lost more than £8.7million to fraud in the last three years.

Data from Northumbria Police shows that there were 4,730 cases of fraud against individuals (excluding businesses) in the region over a three-year period.

Those most likely to be victims are those aged 22 to 37.

Which? have a wide range of advice about all sorts of scams - see the full list on their Scams webpage.

This webpage has some basic advice about some of the most common scams but if you think you have a problem you should read the appropriate Which? guide.

There's also advice on the Citizens Advice website:

Check if something might be a scam

What to do if you've been scammed

Check if you can get your money back after a scam

Report a scam

Get help dealing with the effects of scams

Nuisance and Scam Telephone Calls

You can cut down on unwanted telephone calls by registering your home phone and/or your mobile phone with the Telephone Preference Service 0345 070 0707 www.tpsonline.org.uk

Your phone company may have a blocking product or service to help protect you from nuisance calls.

Call your company’s customer service helpline to find out.

You can get help and advice from the Citizens Advice Consumer Service 03454 040506 and www.citizensadvice.org.uk

If you believe you have received a scam call, even if you didn't fall for it, you can report it to Action Fraud 0300 123 2040 www.actionfraud.police.uk

Always be suspicious of unsolicited phone calls - almost all unsolicited phone calls are scams.

Be aware that scam calls can display a telephone number that appears to be UK or local in order to make the call look more genuine - or even your own phone number so it isn’t blocked by a Call Barring system.

We hear of scam callers claiming to be from your internet service provider, Openreach, BT, HMRC, Northumberland County Council, British Gas, the police, banks, GPs, Amazon and many other companies.

Always treat unsolicited calls with suspicion.

"I'm calling from Microsoft" - no they are not, Microsoft never phone users.

"I'm aware of some problems on your PC" - no they are not, it's just a coincidence if you are.

"I can offer you a support plan" - no they can't, they are just after your money.

"Let me access your computer to fix this" - don't let them, hang up immediately.

"Your broadband will be terminated in 48 hours" - no it won't, hang up immediately.

If you receive an unsolicited phone call you should take the name of the caller and arrange to call them back.

Don’t use the telephone number they give you without checking it against a bill, statement or other reliable source.

If you immediately use the same phone they called you on, the call could be intercepted.

Dial 1471 first so you can check that the line is OK to use, or use a different phone.

If 1471 does tell you the number that called you, make a note of the number.

Never give out any personal details and never follow instructions to type commands into your PC - this could allow fraudsters to access your computer.

To reduce the risks of falling for cold call scams Public Protection has the following tips:

• Be wary of unsolicited calls suggesting that you are due money or you owe money

• Never provide your personal details or bank details

• Don’t take unsolicited calls when you are busy and can’t give the caller your full attention

• If you want to talk, ask them to call back at a convenient time

• Don’t agree to something just to get rid of a persistent caller

• And if you’re not clear who you are speaking to, terminate the call

More details from Citizens Advice - Take steps to avoid nuisance and scam calls

Your bank or the police will never:

• Phone and ask you for your PIN or full banking password

• Ask you to withdraw money to hand over to them for safe-keeping

• Ask you to transfer money out of your account

• Send someone to your home to collect cash, PINs, cards or cheque books

General Online Safety

AVG and McAfee both supply free site-checking software that warns you if a site you are about to visit is unsafe.

These work with any anti-virus program and can be downloaded from www.avg.com/gb-en/secure-search and www.siteadvisor.com

SuperAntiSpyware and Malwarebytes work alongside antivirus programs looking for other malware.

Download the FREE versions from www.SuperAntiSpyware.com and/or www.malwarebytes.org

The free versions don't scan realtime - run them manually every week or when you think you might have a problem.

The Microsoft Malware Protection Center is a useful source of information and has instructions to remove malware.

ActionFraud advice to protect yourself.

You should always make sure you have the latest version of the operating system for your device.

Windows 7 is no longer being updated and it is not safe to connect a Windows 7 device to the internet.

At the moment (December 2019) you can still upgrade from Window 7 to Windows 10 free of charge at the Microsoft Windows 10 Download page.

Older Android devices may no longer be receiving important security updates, potentially putting them at risk of malware, data loss and cyber attacks.

See the Which? article More than one billion Android devices at risk of malware threats

Having up-to-date virus protection is essential; however it will not always prevent your device(s) from becoming infected.

Please consider the following actions:

• • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages: Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication (you can find out how by searching the internet for relevant advice for your email provider).

  • Do not enable macros in downloads; enabling macros will allow Trojan/malware to be installed onto your device.

  • Always install software updates as soon as they become available.

  • Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.

  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider.

  • It is important that the device you back up to is not connected to your computer as any malware infection could spread to that as well.

  • If you think your bank details have been compromised, you should contact your bank immediately.

Phishing Emails

Phishing emails look like they come from a legitimate source but they are trying to extract personal details or direct you to a malicious website.

Opening an attachment or zip file, clicking on an action button or taking a link to a website could result in your computer being infected by a virus, a Trojan or other malware.

Which? have a wide range of advice including How to spot an email scam, How to spot a fake, fraudulent or scam website and How to spot an online scam.

Citizen's Advice say there are 14,000 known phishing websites sending out millions of scam emails.

Current scams include emails that appear to come from DVLA, HMRC, Facebook, banks, mobile apps, couriers and providers of other personal services.

Treat emails from these sources with suspicion.

Don't be fooled if it appears to come from the company it says it comes from - the "from" email address is easy to fake.

Look out for any of the following warning signs

The email ....

is identified as "bulk", "junk" or some such description by your security software

is sent to many people at a time

doesn't have your name (unless your email address contains your name)

contains bad grammar or spelling mistakes

asks for confidential information

asks for information they already have

highlights an issue they say is urgent

asks for money

If you hover over a button or a link you can see the address that link would really take you to.

You can check a link before you take it at any of these sites:

safeweb.norton.com www.avgthreatlabs.com www.siteadvisor.com

Unexpected Pop-Ups

Beware of unexpected pop-ups, particularly those telling you that your PC has a virus.

Learn to recognise genuine messages from your security software.

If in doubt, don't take any options and don't even click on the X to close the window - instead, press <Ctrl+Shift+Esc> to open Task Manager and close the browser from there.

Online Banking

The BBC report that Scammers steal half-a-billion pounds from UK banking customers in the first half of 2018.

£145m of that was due to authorised push payment (APP) scams, in which people are conned into sending money to another account.

Most victims of APP fraud do not get their money back because they are liable for any losses incurred if they authorise a payment themselves.

Bookmark your bank's website and always use that - never follow a link from an email, it may look like your bank's website but it may not be.

Never use online banking on a public network.

Copycat Websites

Be on your guard and to look out for so called ‘copycat’ websites when carrying out online transactions.

These websites can appear genuine and give the illusion they are official or authorised when this is not the case.

Copycat websites can offer services such as ordering new passports or USA ESTAs, booking driving tests and renewing car tax discs all at significantly higher costs than would be incurred using the official site.

The extra costs and links to the official site are normally in the small print in the Terms & Conditions.

That means these sites are not illegal and can be appear at the top of a search list.

More details in the NCC news item Copycat website warning from trading standards

Email Hijacking

We have also seen a big increase in phishing emails from contacts who's email account has been hijacked - one week we had emails from three hijacked contacts.

The emails can contain links to suspicious sites, dangerous attachments or requests for money.

These emails often don't contain much of a message and normally go to a lot of people.

Sometimes you can see all the people the email is going to, sometimes everyone is blind-copied.

Some times you'll see headings such as "Refund", "Invoice", "Thank you", "Re: Details" or "Re: Wicked Screensaver"

If you receive an email you are doubtful about, first check that the senders email address is exactly what it should be.

If it isn't exactly right then the scammer is impersonating the sender and may not have hijacked the email account.

If the email address is correct you should still check with the apparent sender before opening a link or an attachment, giving any details or sending any money.

If you can, check with them without replying to the email - text, phone or send a new email.

What to do if your email account has been hijacked

If your email account has been hijacked, you should

1. Warn everyone in your contacts list - use BCC so you don't share everyone's email addresses.

2. Sign into your email account and change the password - something really secure.

3. Make sure your anti-virus program is up to date then do a full scan.

4. Do additional scan(s) with SuperAntiSpyware and/or Malwarebytes - see General online safety above.

5. Check your email settings to make sure they haven't been changed.

6. Consider changing passwords and security questions for other sites - at least your online banking password.

7. If you forget your password, many sites will email you a temporary password so if someone can access your email they can get passwords to other sites.

8. If you still don't feel safe, change your email account.

SIM Hijacking

Also known as SIM-jacking, SIM splitting and SIM swap scam.

How the fraud works

First, fraudsters harvest your personal information then they use this information to call the your mobile phone provider and tell them that the handset has been lost, stolen or damaged. The old SIM is cancelled and a new one is activated. The first you know of a problem is when your mobile stops working. You may just think it is a signal problem. They then hack into your online banking and open a parallel business account and transfer money to these accounts.

How to protect yourself

As well as following the advice on this webpage you should try not to post information on social media such as your birth date, your first pet, or school as these are normally included in security questions.

You can also ask your mobile service provider to add extra security to your account - like requiring a PIN code to make changes to your details.

More details at the ActionFraud webpage Fraudsters are emptying bank accounts by diverting calls and text messages

Also see the Northumberland Gazette article SIM-jacking: what is it and how can I protect my mobile phone?

Online Marketplaces

Online marketplaces – websites where traders and private individuals list and sell products – are becoming increasingly popular for people trying to find the best deal, and Citizens Advice is warning residents in Northumberland to be aware of the dangers.

Citizens Advice Northumberland says people don’t always know they have fewer rights when they buy from a private seller compared to if they buy from a business.

If you buy from a private seller, the principle of ‘buyer beware’ applies.

Here are Citizens Advice’s tips for using online marketplaces:

• Check the product details. This should include photos, a description, cost, delivery charges, contact details for the seller and any cancellation rights.

• It should be clear if it is being sold by a trader or private seller – this is important as your rights are different. It is wise to read previous reviews as these can often flag potential issues, but watch out for fake reviews. If something sounds too good to be true, it probably is.

• Take screenshots of the item you want to buy. This will come in handy if the item you receive is different to what you saw on the website.

• Use a payment method that protects you. You’ll have a better chance of getting your money back if there’s a problem by using a card or Paypal, particularly if it’s an overseas seller. Avoid paying by bank transfer.

• Go back to the seller if there’s a problem. Explain what’s happened, how you’d like them to fix it and give a deadline for them to respond. If they don’t sort it out, see if there’s an alternative dispute resolution service that can help. Report them and the online marketplace to Trading Standards if you think the issue is unfair.

More details in the Morpeth Herald article Buyer beware of online markets

Letter Scams

Most fraudsters use phone and internet these days but there are still some scams by letter.

One we've heard of is an advance fee fraud - the recipient will be asked for fees upfront for release of the funds which, of course, will never happen.

Letters claiming to come from a Hong Kong-based bank are attempting to lure victims into a cash scam with the promise of a share in a large inheritance.

Courier Delivery Scam

Which? report that delivery scams are just one of the increasingly sophisticated methods fraudsters are using to leave victims out of pocket.

First a courier delivers a high-value package - something you didn't order.

Then another courier arrives collect the package that was delivered by mistake.

If this happens to you, check the couriers credentials and call the company they claim to be representing.

If you have any fears, contact the police.

The fraudsters had managed to get hold of your personal details to place the online order.

Identity theft is on the rise so if you spot any suspicious activity on your account report it to your bank immediately.