Online fraudsters use a wide variety of techniques to steal their victims’ identities. But one of the most popular activities is phishing: a type of email scam where the victim is persuaded to give away personal information such as passwords and credit card numbers.
These emails pretend to come from banks, credit card companies and other trusted organisations. They usually contain a link to a website that looks like the real thing, but is actually a fake designed to trick you into entering your personal information.
Some of these emails are obviously fraudulent – but by stealing the logos and imitating the style of legitimate companies, cybercriminals have been able to fool even the most careful internet users. That’s why we thought we’d share a few tips, to help you fish out some of the subtler scammers.
Here are the things you should be watching out for:
1. Asking for you to confirm personal information
First of all, genuine banks and businesses will NEVER ask you to do this. You will never be asked to “confirm” or “re-enter” your credit card details, account number, address, password or security questions. If you receive an email asking you for this information, you know it’s a fraudulent one.
2. Spelling and grammar mistakes
Brands – and especially banks – take a lot of care over wording, proof reading, and reviewing their email communications properly. So if it doesn’t sound like your bank talking, or the English is poor, that’s a red flag.
3. ‘Dear customer’
Most businesses take the time to personalise their emails. So if an email uses a vague greeting and doesn’t use your name, it could be a sign that it’s not legitimate.
4. Urgent or threatening language
Scammers love telling people that if they don’t supply details or click a link, their account will be suspended or they’ll be charged money. Don’t panic – a real business wouldn’t cancel your account just because you failed to reply to one email. You’re a valued customer, after all.
5. Order confirmations for goods you haven’t purchased
Ever had an ‘Amazon’ confirmation for £70 worth of Scrabble tiles, or something else equally random? The natural reaction is to scramble to cancel the order and complain as quickly as possible – but that’s exactly what the scammer is banking on.
If you receive an email like this, never click on any links. Take a breath, open your browser in a separate window, and sign in that way. When you check your order history, 99% of the time you won’t find any Scrabble tiles there.
6. Winning competitions you didn’t enter
It’s important to remember that you have to actually enter a competition / play the lottery in order to win. If it sounds too good to be true, it probably is.
The same goes for those emails from the taxman. If you’re entitled to a tax rebate, they’ll send you a letter – not a dodgy-looking email.
7. Suspicious links and surveys from friends
As for those “surveys” your friends and relatives send you, where you can win £100 in Sainsbury’s vouchers? Take a closer look at the message that comes with them. Does it sound like your friend? Or is it a generic message sent by a scammer, in the hope of taking you in?
It’s likely that your friend doesn’t even know they sent you an email – they probably clicked on a link in an email from another friend, and automatically spammed their entire contact list. Don’t fall for it too.
So there we have it. Whether your emails appear to be coming from a legitimate company, a well-known brand or even a close friend, it’s always important to scrutinise them carefully.
And don’t forget, if you’re in any doubt whether an email is genuine, don’t open or forward it or click on any links contained within the email. Instead, contact the person or organisation the email claims to have been sent by and get confirmation that it’s genuine.
Email isn’t the only method by which a fraudster may try to obtain your details, so remain vigilant. Other common methods that fraudsters may use include telephone fraud (vishing) and text messages scams (smishing). Again, if you’re in any doubt whether a phone call or text message is genuine, contact the organisation it claims to be from and if you’re returning a call, always make sure that the line has been disconnected before you redial.
By keeping your wits about you, you should be able to defend yourself against even the cleverest fraudsters.