This post is a follow on from our previous post covering the most common scams circulating over the past year. In this article we will be looking at another 6 forms of online fraud that are being used to scam victims out of millions of pounds.
Gift card fraud
Over the past 3 days over 10,000 reports have been made to Action Fraud about fraud involving iTunes and other gift cards. Fraudsters are contacting potential victims claiming to be from organisations like HMRC and tricking them into making payments via gift cards.
Since gift cards have few restrictions over use, it’s very easy for criminals to redeem or sell them on. The scam relies on a victims ignorance over the use of gift cards and a scammer will spend a lot of time convincing them that this is a legitimate payment option, often referring to gift cards as “payment cards”
No organisation will ever request that you make any payments using gift cards. If you are requested to do this by an organisation you would otherwise trust, it is a clear sign that this is a scam.
An increasingly common online scam is the sextortion scam. Cyber criminals send victims one of their own passwords in an attempt to trick them into believing they have been filmed on their computer watching porn and demanding a payment.
Although these emails have been common for years, the novel element with these modern methods is the inclusion of a users password, likely found from an old data breach. We’ve written an entire article on this type of scam, so head over there to read more.
Spoof university emails
Fraudsters are increasingly registering domains similar to UK university, using them to trick unsuspecting businesses and causing losses of up to £350,000 per company.
It’s more commonly known as European Distribution Fraud and happens when a company from overseas delivers products to the UK but isn’t paid for the goods. Using a fake domain (like xxxacu.org), scammers receive an email claiming to be from a university, requesting a quote for high value equipment like IT equipment. The fraudster then sends a purchase order that is branded in a similar fashion to a university form. Once the items are shipped the criminals disappear, leaving a company with heavy losses.
Fake WannaCry emails
The word “WannaCry” is burnt into the consciousness of everybody that worked through the exploit in May 2017. Unfortunately scammers are still capitalising on the effectiveness of the original attack by sending out fake ransomware emails to unsuspecting individuals.
These emails are are designed to panic and trick you into believing your computer is infected with the WannaCry ransomware. The likelihood of this being true is slim but the scam is effective because of the prominence of the ransomware.
If you receive an email such as this, the best thing to do is to delete it – do not email the fraudsters or make any payments. If you are concerned about your IT security, give us a call instead.
Romance fraud is a very prominent type of scam that still fleeces victims out of their cash. In fact, a staggering £41 million was taken in 2017 alone and women are almost twice as likely to fall prey to these scams than men.
Romance fraud involves creating a fake identity to enter into a relationship online with the sole intent to steal funds or personal information. These profiles may be on dating sites or social media networks but either way they rely on misleading victims into false online relationships where they are vulnerable.
You should never rush into an online relationship, instead taking the time to get to know the person, not the profile. You can do your own research by googling the profile name + dating scam into a search engine and always talk to your friends and family about your dating choices – always be wary of anybody that tells you not to.
Fake Government Grants
Over the past year there have been numerous reports of fake government grants causing a total loss so far of £255,000 and an average loss of £3000.
Fraudsters either cold call or send an email and claim to be operating on behalf of the UK government. Victims are then directed to fill out an online application form that includes a whole host of personal information. Once an application is submitted the victim is contacted again to be notified that they have been “accepted”.
Once congratulated, the victim is then instructed to get a pre paid card to deposit their own contribution to the fake grant scheme. Pre paid cards are used just the same as credit cards but funds are preloaded.
The government will never contact you directly regarding available grants and even if you are contacted by an agent of such a scheme, you will never be required to submit pre-paid card details. The government should have all the information required without you having to submit your personal and financial information.
Always stay vigilant to the fraud attempts being made. You can read more about how to avoid becoming a victim to phishing attempts here. If you are a business and are concerned about your staff awareness or security of your network, get in touch.
17th April 2019
4th April 2019
8th March 2019