During these challenging times, it’s important to be extra vigilant when receiving emails and text messages as many fraudsters are attempting to use the coronavirus pandemic to take advantage of the most vulnerable in our society.
Keeping your money safe during the coronavirus pandemic
We have been alerted to phishing texts and emails impersonating HMRC and asking victims to provide personal data including full bank details to apply for a bogus “goodwill payment”. No such payment exists, and the personal data collected will be used for attacks on victim’s interment bank accounts.
We’ve also been made aware of a new scam where a text message purporting to be from the government informs the recipient that they have been issued a fine for leaving the house during the lockdown as the government have been tracking their movements using their phone.
You can report any scams to Action Fraud.
Different types of fraud explained
In this type of attack, hackers impersonate a real company to obtain your login credentials. You may receive an e-mail asking you to verify your account details with a link that takes you to an imposter login screen that delivers your information directly to the attackers.
Spear phishing is a more sophisticated phishing attack that includes customized information that makes the attacker seem like a legitimate source. They may use your name and phone number, or refer to another company to trick you into thinking they have a connection to you, making you more likely to click a link or attachment that they provide.
Whaling is a popular ploy aimed at getting you to transfer money or send sensitive information to an attacker via email by impersonating a real company executive. Using a fake domain that appears similar to your own, they look like normal emails from a high-level official of the company, and ask you for sensitive information, including usernames and passwords.
Shared Document Phishing
You may receive an e-mail that appears to come from file-sharing site alerting you that a document has been shared with you. The link provided in these e-mails will take you to a fake login page that mimics the real login page and will steal your account credentials.
Top tips on how to keep yourself safe from fraud online
- Do not click on links or attachments from senders that you don’t recognise
- Do not provide sensitive personal information (like usernames and passwords) over email
- Watch for email senders that use suspicious or misleading domain names.
- Inspect URLs carefully to make sure they’re legitimate and not imposter sites
- Do not try to open any shared document that you’re not expecting to receive
- If you can’t tell if an email is legitimate or not, do not click on any links within the email
- Be especially cautious when opening attachments or clicking links if you receive a warning banner