Sunday, 9 May 2021

Beware HSBC and Census Scam texts

 





Don't:

  • click on any links
  • download any attachments
  • reply

 

Do:

Needless to say please be aware of such phishing scams or report to report@phishing.gov.uk. Do not click on links or attachments in unexpected or suspicious texts or emails.

You can also report the scam to Action Fraud, the national fraud reporting centre.

For further information, visit https://www.hsbc.co.uk/help/security-centre/received-a-text/

Vehicle theft Sunday 9 May 2021 early morning - appeal for information

A blue Jaguar car was stolen at 4.30am Sunday 9 May 2021 and reported on Facebook. It was stolen in Dartford Road, Bexley, and the car drove towards the village from Joydens Wood after the theft.

The VRM is WO05 HSE , it is taxed till 1 July 2021 and the MOT expires 20 July 2021.

If you have any information, seen or have CCTV footage, please contact the local police on 101.

Thursday, 6 May 2021

5 Things to Say to Doorstep Scammers

Doorstep scammers are masters at separating you from your hard earned cash. Make sure you have these five quick phrases to hand next time someone suspicious comes a-knocking.

5 Things to Say to Doorstep Scammers [Which? Facebook video]

Source: Which?

5 Red flags a loved one is being scammed

In the time it takes you to watch this video £5049 will be lost to scams. If you're worried about a loved one being scammed then here are five red flags to watch out for:

🚩 They're sending unexplained payments
🚩 They're short of money when they shouldn't be
🚩 They have lots of post lying around
🚩 They've had an increase of phone calls from strangers
🚩 They seem anxious or upset



Source: Which?

Holidaymakers and festivalgoers urged to be vigilant from scams as lockdown restrictions ease

Fraudsters are poised to target the British public with ticketing, travel and health insurance scams as consumers look to book in much-needed social activities as lockdown restrictions ease, warns UK Finance. The scam alert comes as the Take Five to Stop Fraud campaign publishes guidance below on how consumers can protect themselves in the lead-up to further easing of lockdown restrictions from 17 May.

With many people booking holidays and tickets to concerts and summer festivals, criminals are staying one step ahead by advertising holidays and tickets at low prices or for sold out events, illegally profiting from consumers who are looking for good deals or wanting to attend fully booked events. In some instances, scammers are charging people for the new Global Health Insurance Card (GHIC), which is available free of charge, or advertising fake ‘vaccine certificates’ online.

Experts at impersonating trusted organisations such as travel agencies and hospitality firms, these fraudsters are using a range of sophisticated methods to approach their victims, including scam emails, telephone calls, fake websites and posts on social media. To stay safe when booking holidays and tickets, people are reminded to always follow the advice of the Take Five to Stop Fraud campaign and take a moment to stop and think before parting with their money or information in case it’s a scam.

Katy Worobec, Managing Director of Economic Crime at UK Finance, commented:

“Criminals have been capitalising on the pandemic to commit fraud, and the easing of lockdown restrictions provides another opportunity for them to target victims. 

“As you start booking holidays and planning social activities, don’t let criminals take you for a ride. Follow the advice of the Take Five to Stop Fraud campaign and always visit websites you’re buying from by typing it in to the web browser – avoid clicking on links in unsolicited emails or text messages. Be wary of any requests to pay by bank transfer when buying or booking services online, and instead use a credit card or the secure payment options recommended by reputable websites.”

Take Five to Stop Fraud advice

Holiday scams

Travel deal scams

Criminals will set up fake websites offering ‘travel deals’ which are used to obtain your money and information. Websites may look similar to the genuine organisation’s but subtle changes in the URL can indicate that it’s fraudulent. These websites may also seem professional and convincing, using images of luxury villas and apartments that don’t exist to convince victims they’re trusted and genuine. These are offered for rent, often at discounted prices and require a deposit to be made which is never returned.

Always remember:

  • Be suspicious of any “too good to be true” offers or prices – if it’s at a rock bottom price ask yourself why.
  • Where possible, book directly with an established hotel or through a reputable travel company/agent that is a member of a trade body such as ABTA or ATOL. If you do decide to book independently, establish if you’re dealing with the property owner or a letting agent or via the local tourist information desk, and verify that the address exists through web searches and online maps.
  • Always access the website you’re purchasing from by typing it in to the web browser and avoid clicking on links in unsolicited emails or social media posts. The website should use the padlock symbol to indicate that the site is secure.
  • Always use the secure payment options recommended by reputable online travel providers and don’t accept requests to pay separately via a bank transfer.
  • Where possible, use a credit card when booking holidays over £100 and up to £30,000 as you receive protection under Section 75 of the Credit Consumer Act.

Global Health Insurance Card (GHIC) scams

When travelling in the EU, people can access emergency and medical care with a Global Health Insurance Card (GHIC). This card has replaced the European Health Insurance Card (EHIC) however criminals are capitalising on this new card to commit fraud, asking victims for payment details when the GHIC is free. They are advertising these cards on fake websites that look like that of the NHS. The sites claim to either fast-track or manage your application process before charging you an up-front fee.

Always remember:

  • The GHIC, which replaces the European Health Insurance Card, is FREE to use and can only be obtained directly via the NHS website: https://www.nhs.uk/using-the-nhs/healthcare-abroad/apply-for-a-free-uk-global-health-insurance-card-ghic/
  • You also don’t need to apply for a GHIC until your current EHIC expires.
  • You can report scam ads appearing in paid-for space online by visiting the Advertising Standard Authority’s website where you can complete their quick reporting form.
  • Always question uninvited approaches and contact organisations directly to confirm requests using a known email or phone number.
  • Only give out your personal or financial information to services you have consented to and organisations you are expecting to be contacted by.

Vaccine certificate scams  

The UK government is currently looking into the use of vaccine certificates or a passport for people to use once restrictions lift, which shows whether people have been vaccinated, have recently tested negative or have natural immunity after being ill with Covid. As we await the government’s announcement, criminals will be using the opportunity to target people with fake Covid certificates and passports. They may defraud people via phishing emails, ‘spoofed’ calls, social media posts, fake apps or adverts claiming to be offering Covid certificates or passports. Often posts include a link leading to a fraudulent website used to steal personal and financial information in order for the criminal to commit fraud.

Always remember:

  • Don’t click on links or attachments in social media posts or emails.
  • Question uninvited approaches and contact organisations directly to confirm requests using a known email or phone number.
  • Only give out your personal or financial information to services you have consented to and organisations you are expecting to be contacted by.

Ticketing scams  

As events, concerts, festivals and theatre shows reopen from 17 May, criminals will be on the look out to take advantage of people booking these events. Criminals either set up fake websites or social media profiles to sell tickets that are either fraudulent or don’t exist. Websites may even look similar to the genuine organisation’s one but subtle changes in the URL can indicate that it’s fraudulent. Make sure you book tickets directly through official sellers who are members of the self-regulatory body STAR, as anything else could be a scam.

Always remember:

  • Use the secure payment method recommended by reputable online retailers and auction sites.
  • Always access the website you’re purchasing from by typing it into your web browser and be wary of clicking on links in unsolicited emails or social media posts.
  • Criminals are experts at impersonating people and trusted organisations so always make sure to research who you are buying tickets from and be wary of celebrity-endorsements in case it’s a scam.
  • Be suspicious of any “too good to be true” offers or prices and always be wary of any requests to pay by bank transfer when buying tickets online or on social media.

For more information please call the UK Finance press office on 020 7416 6750 or email press@ukfinance.org.uk

Source: Take Five - Stop Fraud [19th April 2021]

Action Fraud [30th April 2021]


Tuesday, 4 May 2021

FluBot: Guidance for ‘package delivery’ text message scam

The NCSC is aware that a malicious piece of spyware – known as FluBot – is affecting Android phones and devices across the UK.

The spyware is installed when a victim receives a text message, asking them to install a tracking app due to a ‘missed package delivery’. The tracking app is in fact spyware that steals passwords and other sensitive data. It will also access contact details and send out additional text messages – further spreading the spyware.

The text message requests that victims click a link. Doing so directs them to a scam website, such as the one shown below (although the branding may vary).

  • Users of Android devices (such as those manufactured by Google, Huawei and Samsung) will be encouraged to download an app.
  • Users of Apple devices are not currently at risk, although the scam text messages may still redirect them to a scam website which may to steal your personal information.

If you receive a scam text message:

  1. Do not click the link in the message, and do not install any apps if prompted.
  2. Forward the message to 7726, a free spam-reporting service provided by phone operators.
  3. Delete the message.

If you were expecting a DHL delivery, you should visit the official DHL website (track.dhlparcel.co.uk) to track your delivery. Do not use the link in the scam text message.

If you have already clicked the link to download the application:

You must take the following steps to clean your device, as your passwords and online accounts are now at risk from hackers.

  • Do not enter your password, or log into any accounts until you have followed the below steps.
  • To clean your device, you should:

- Perform a factory reset as soon as possible. The process for doing this will vary based on the device manufacturer and guidance can be found here. Note that if you don’t have backups enabled, you will lose data.

- When you set up the device after the reset, it may ask you if you want to restore from a backup. You should avoid restoring from any backups created after you downloaded the app, as they will also be infected.

  • To protect your accounts:

- If you have logged in to any accounts or apps using a password since downloading the app, that account password needs to be changed.

- If you have used these same passwords for any other accounts, then these also need to be changed.

To protect yourself from future scams like this, you should:

  1. Back up your device to ensure you don’t lose important information like photos and documents. The CyberAware campaign explains how to do this.
  2. Only install new apps onto your device from the app store that your manufacturer recommends. For example, most Android devices use Google’s Play Store. Some manufacturers, such as Huawei, provide their own app store.
  3. For Android devices, make sure that Google’s Play Protect service is enabled if your device supports it. Some Huawei devices provide a similar tool to scan devices for viruses. This will ensure that any malware on your device can be detected and removed.

Footnote - While messages so far have claimed to be from DHL, the scam could change to abuse other company brands.  



Source: https://www.ncsc.gov.uk/guidance/flubot-guidance-for-text-message-scam

Visit How to spot a text message - Which? for further information.

Friday, 23 April 2021

Stay alert and aware of your pension options


Action Fraud is warning savers to remain vigilant and protect their pensions, as figures from the national reporting centre for fraud and cyber crime reveal £1.8 million has already been lost to pension fraud this year.

Source and further details: Action Fraud 20-04-2021 

Further easing of lockdown restrictions

The latest planned easing of lockdown restrictions takes effect today  12 April 2021. It  includes the reopening of outdoor hospitality, gym...