Sim-swap fraud warning

Sim-swap fraud is when a scammer steals your phone number by tricking your network provider into transferring it to a Sim card they own. The scammer then attempts to hack into your accounts using one-time passwords sent via text.

Recent cases point to weak email security opening the door to fraudsters, but are mobile networks doing enough to protect customers? Find out what's really happening and what you can do to protect yourself against this nasty scam. 

Source: Which? (30 Apr 2026) 

5 scam calls and texts to watch out for

You're much more likely to answer a call or text that comes from a familiar contact, but criminals can use software to change the number displayed on your phone – they can even mimic your bank's phone number.

This is known as number spoofing, and despite efforts by the government and mobile networks to stop it, fraudsters continue to exploit loopholes to carry out their schemes. We reveal the latest tactics and give you four ways to avoid number-spoofing scams

Source: Which? (29 Apr 2026) 

The rise of fake days out on social media

We're warning social media users about a growing trend for fake days out. From Buckingham Palace markets to hot air balloon festivals, scammers are using AI images and videos to lure visitors to attractions that don’t exist.

Our travel experts have investigated – they explain how to identify fake or AI-generated social media posts, plus tips to buy event tickets safely. 

Source: Which? (30 Apr 2026) 

Local Priorities Anti Social Behaviour Message - MetEngage Falconwood and Welling

Please review the following update regarding Anti Social Behaviour which some members around this area have highlighted as an issue of concern on the Met Engage priority survey.

Officers from your team will be proactively patrolling the Ward on foot and in vehicles concentrating on area affected by Anti Social Behaviour including Danson Park and the surrounding areas. Please approach us if you have any concerns.

Antisocial behaviour can come in many forms and can require support from more organisations than just the police. There are 13 different types of antisocial behaviour that we may be able to help with, including abandoned vehicles, littering or drugs paraphernalia and street drinking. A full list of what we categorise as antisocial behaviour is available on our website.  

 

If you have witnessed or experienced antisocial behaviour, you can report it online.

 

If you ever experience this issue or have information regarding an incident, please report it using our online reporting tools at https://www.met.police.uk/, speak to an operator in our Force Communications Room via our online web chat or call the non-emergency number 101.  

 

Alternatively, you can stay 100% anonymous by contacting the independent charity Crimestoppers on 0800 555 111 or via their untraceable online form at crimestoppers-uk.org. 

 

Get Involved

 

We are working on our brand-new strategy for how we police London and we want your help. Our New Met for London: Phase 2 strategy will guide how we deliver on behalf of Londoners over the next three years.

 

Please consider getting involved by registering for these messages, this will enable you to contribute to the local priority survey.  We may be unaware of issues that you would like us to focus on.  Take a few minutes to securely and privately register and have your say using the button below, this will mean we can focus on things that matter to you. 

Please click here to complete the survey

Source: https://www.metengage.co.uk/Alerts/A/435994/Local-Priorities-Anti-Social-Behaviour-Message

Beware the "AI PDF Assistant": The Remote Access Scam Catching Out Thousands

You may have seen it featured on BBC's Rip Off Britain: a chilling new wave of cybercrime targeting UK residents through what looks like a helpful browser tool. Fraudsters are now using the hype around Artificial Intelligence to trick people into installing malicious software that grants criminals complete control over their computers.

Here is everything you need to know to stay safe.

How the Scam Works

The "AiFrame" campaign is a sophisticated operation that has already claimed over 300,000 victims. It doesn't start with a shady email, but often with a simple search for productivity tools.

1. The Hook: You find a browser extension (usually for Chrome) that promises to be an "AI PDF Reader," "AI Sidebar," or "Gemini/ChatGPT Assistant".
   
2. The Installation: Once installed, the extension looks and acts like a real AI. It might even give you plausible answers to your questions by "proxying" a real AI service in the background.
   
3. The Hidden Payload: While you think you're just summarising a document, the extension is actually a remote access broker. It uses hidden code (iframes) to connect your browser to a server controlled by hackers.
   
4. The Theft: The scammers can now "scrape" everything you do. This includes:
   
• Reading your private emails and drafts in Gmail.
  
• Capturing passwords as you type them.
  
• Stealing API keys or session tokens to bypass two-factor authentication.
  

Why It Is So Convincing

Unlike the clunky scams of the past, these "AI assistants" are incredibly polished.

• Official Stores: Many of these were found on the official Chrome Web Store, some even sporting "Featured" badges from Google, which gives users a false sense of security.
  
• Brand Hijacking: They often use names like "Gemini AI" or "ChatGPT" to piggyback on the trust you have in major tech companies.
  
• Professional Logic: The extensions use "Readability" libraries—the same tech used by legitimate "Reader Mode" apps—to scan your pages, making their activity look like normal browser behaviour to most security software.

Red Flags: How to Spot a Fake AI Tool

As highlighted on Rip Off Britain, you should be on high alert if an add-on:

• Requests "Read and change all your data on all websites". While some legitimate tools need this, it is a massive red flag for a simple PDF reader.
  
• Comes from an unknown developer. Always click the developer name in the Web Store. If they have no website or a very generic-looking one (like "tapnetic[.]pro"), steer clear.
  
• Is pushed via unsolicited ads. Be wary of "sponsored" links at the top of search results or adverts on social media promising "free" pro-level AI features.
  

What to Do if You’ve Been Ripped Off

If you have installed one of these extensions, or something similar, take these steps immediately:

1. Remove the Extension: Go to your browser settings and delete any AI-related add-ons you don't 100% recognise.
2. Change Your Passwords: Because these tools can "scrape" your screen, consider all passwords entered while the extension was active to be compromised.
3. Check Your "Sent" Folder: Scammers often use your Gmail to send "Hi Mum/Dad" or recruitment scams to your contacts.
4. Report It: In the UK, you should report the incident to Action Fraud (the UK’s national reporting centre for fraud and cybercrime) and JobsAware if it involved a fake job offer
   

The Bottom Line: If a new AI tool feels "too good to be true" or asks for deep access to your browser, it probably is. Stick to well-known, verified applications from major developers.

Beware the "AI PDF" SCAM

[click image to view enlarged]

Protect Your Inbox: A Quick Guide to Spotting Phishing Scams

Cybersecurity is a team effort. If you’ve recently spotted a suspicious email in your inbox, you aren’t alone. Scammers are becoming increasingly sophisticated, using convincing branding and urgent language to trick people into handing over personal details or financial information.

Here is what you need to know to stay safe and how to help the authorities fight back.

---

How to Spot a Phishing Attempt

Phishing emails often masquerade as legitimate organisations like HMRC, Royal Mail, your bank, or even popular streaming services. Look out for these common red flags:

• The "Urgent" Tone: Emails that threaten to close your account or fine you if you do not act immediately.

• Suspicious Sender Addresses: Check the actual email address, not just the "Friendly Name". If it’s a string of random characters or a personal account (like @hotmail.com or @gmail.com) claiming to be an official service, it’s a scam.

• Generic Greetings: Phrases like "Dear Customer" instead of your actual name.

• Dodgy Links: Hover your mouse over any links (without clicking!) to see the actual web address they lead to.

What to Do if You Receive One

1. Do Not Click: Avoid clicking links or downloading attachments, as these can install malware or lead to fraudulent websites.

2. Report It: Forward any suspicious emails to report@phishing.gov.uk. This goes to the National Cyber Security Centre (NCSC), which can take down malicious sites.

3. Delete and Block: Once reported, delete the email from your inbox and your "Deleted Items" folder.

Better Safe Than Sorry

If you are ever unsure, the safest route is to log in directly through an official app or website by typing the address into your browser yourself. Never use the links provided in a suspicious message.

---

Received a suspicious text? You can also report "smishing" by forwarding the message to 7726 (which spells 'SPAM' on most keypads). It is free of charge and alerts your mobile provider.

Phishing Email Scam

Phishing Email Scam

Phishing Email Scam

Phishing scam guide

[click the images above to view enlarged]

The AnyDesk Trap: Lessons from BBC’s Scam Interceptors

If you’ve been watching the latest series of Scam Interceptors on BBC One, you’ll know the feeling of shouting at the telly. Watching the team, led by Rav Wilding and ethical hacker Jim Browning, race to stop a remote-access theft in progress is gripping, but it’s also a sobering reminder of how easily "standard" tech is being weaponised.

The most common tool in the scammer's arsenal? AnyDesk.

What is the "AnyDesk Scam"?

AnyDesk is a legitimate piece of software used by IT professionals to help people with computer problems remotely. However, scammers use it as a digital skeleton key.

In Series 4 and 5 of Scam Interceptors, we see this play out repeatedly. A victim receives a call—often claiming to be from "Sky Technical Support," "Amazon," or "BT"—warning of a security breach. They are told to download AnyDesk to "fix" the issue. The moment the victim hands over their unique ID code and clicks "Accept," the scammer has total control of their device.

Why it’s so Effective (and Dangerous)

It’s easy to think we’d never fall for it, but these episodes show just how sophisticated the manipulation is. In Series 4, Episode 9, we watched in horror as a scammer used a remote connection to take photos of a man’s credit cards. In Series 5, Episode 1, the interceptors showed how scammers black out the victim's screen so they can’t see the money being moved out of their bank account in real-time.

The "AnyDesk" red flags include:

• The "Black Screen": If your screen goes dark and they claim "it's just an update," they are actually hiding their movements.

• Banking "Verification": They will ask you to log into your bank while they are connected. Never do this.

• The Sense of Urgency: They will tell you your money is at immediate risk to stop you from thinking clearly.

How to Stay Safe

The best way to fight back is to spread the word. If you have friends or family who aren't tech-savvy, share these three golden rules:

1. Zero Remote Access: No legitimate bank or utility company will ever cold-call you and ask to "remote in" to your computer.

2. The "Ten-Minute" Rule: If a caller pressures you, hang up. Wait ten minutes for the line to clear, then call the company back using a trusted number from an official statement or the back of your bank card.

3. The AnyDesk ID is a Key: Treat your AnyDesk ID like your house keys. You wouldn't give them to a stranger on the street; don't give them to a voice on the phone.

Take Action

If you want to help "highlight" this beyond just talking about it:

• Report IDs: If you receive a scam call, report the AnyDesk ID directly to AnyDesk’s Abuse Channel to get their access revoked.

• Community Groups: Post warnings on Nextdoor or local Facebook groups. Scammers often target specific UK regions in "waves," so a local heads-up can save a neighbour’s life savings.

• Watch and Learn: Encourage others to watch Scam Interceptors (specifically Series 4, Episode 3). Seeing the scam in action is often the best deterrent.

Scam Interceptors does a brilliant job of showing the reality of these crimes, but the best "interception" starts at home. By staying informed, we can make sure these scammers find a dial tone instead of a victim.

• https://www.bbc.co.uk/programmes/m00164f1/episodes/guide
• https://anydesk.com/en/abuse-prevention

Beware the "AnyDesk" scam

[click The AnyDesk Trap image to view enlarged]