Fraudster contact methods

Keeping safe from fraud

One of the most valuable tools to protect yourself from fraud is knowledge and understanding of how a fraudster might contact you, and the tactics they will typically employ. Whether they contact you by email, over the phone or via social media, it helps to know how fraudsters may attempt to gain access to your information.

Always remember to take the time to ask yourself if the contact and request makes sense, act with care, and never share your personal or sensitive information.

Phishing > Vishing > Smishing > Social Media > 

Phishing

Don't get hooked

It’s easy to click on an email that you don’t recognise and be fooled by its contents. Whether it’s offering a great deal or asking for an urgent payment, beware – things might not be what they seem.  Stop and think - is it fraudulent?

Email fraud is commonly referred to as ‘phishing’.  Typically, you will receive what looks like a genuine email from a reputable company asking you to click a link for further information, or claiming you are entitled to a refund.  You might be asked to download something. This may be malicious software masquerading as something else. The software helps fraudsters access your details, and your money.

What to look out for

Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorised login attempt”.

  • Is the subject line irrelevant? Does it match the content of the rest of the email?
  • Is the email out of the ordinary, or does it have bad grammar or spelling errors?
  • Does the email ask you to click on a link or open an attachment that seems odd or illogical?
  • Were you expecting the attachment? If you weren’t expecting it, don’t open it, it could be a potentially dangerous file.
  • Is the hyperlink a misspelling of a known website? 
  • If you hover over a hyperlink, is the URL for a different website?

 

In summary, be sceptical when it comes to your emails – if one looks even remotely suspicious, don't open it.

Vishing

Vishing ("voice phishing") is the telephone version of phishing.

These are unsolicited phone calls from fraudsters which will encourage you to give out your personal details, such as sensitive financial information.

Fraudsters will call you on your mobile phone or landline pretending to be calling from your bank in order to get your personal information or ask you to provide financial details.  They may already have some of your personal information such as your name, address, or phone number to make them sound genuine.

These calls will often seem urgent to encourage you to act as quickly as possible; giving you minimal time to think about whether the call is fraudulent. The atmosphere and background noises can help the calls sound more convincing.

How to avoid becoming a victim

If you receive a suspicious or unexpected call, always verify the caller using an independently checked phone number.

Never give out your personal details (such as your PIN or password) over the phone, even to a caller claiming to be from your bank or the police. If you get a call asking for this information, end the call immediately.

If you receive a request to download software to connect to your computer and you have not initiated the conversation with the company, decline to do so.

If you accidentally share your details, call your financial institution immediately. You should use a different phone to the one they called you on.  This is because vishing fraudsters can intercept your outgoing calls, even after you’ve ended the fraudulent call – so they could pretend to be your bank, for example, when you try to report them.  Always verify the number you are calling.

Smishing

Smishing is when a fraudster sends a text message pretending to be from your bank or a financial institution you have agreements with to say there’s a problem, ask you for sensitive information and try to trick you into giving away your personal and security information.

The term "smishing"; comes from combining ‘SMS’ (Short Message Service) and ‘phishing’.  Typically you will receive a text message that you weren’t expecting containing a link to a website which asks you to either click through or call a number which you don’t recognise.  When you click or call, you’re asked to provide personal information, for example your bank account password.

What you should do if you receive a text?

  • Don’t click on any of the links, and check the number with your bank or financial institution to ensure that it is genuine – If the number isn’t genuine, delete the text message from your phone.
  • If you’ve clicked on the link by mistake, it is advised to run a scan with your antivirus software to check for any malicious software.

Social media

It’s been known for fraudsters to hack social media accounts and impersonate the account owners. Once the account has been taken over, the fraudster will make contact with the owner’s friends and family to convince them to part with their money or sensitive financial information by taking advantage of their personal relationships.

Social media has provided a platform for everyone to speak their mind online, and to share something they think would be interesting to others.  Fraudsters are increasingly using social media as a ‘hunting ground’ for personal information including your name, data of birth, address and the name of your bank.  They will use social media to put the pieces of someone’s identity together in order to apply for financial services or products in their name.

The rise of social media has made it more critical than ever that people keep their personal information safe and secure

Getting the balance right

The information you share online can be used by hackers and cyber-criminals to attack you. These days, thieves don’t burgle your home; they go after your finances and personal information.

  • Check the settings on your social media accounts
  • Check the terms and conditions for any apps and games you download, so you know how they'll access your information
  • Be wary of links sent from friends' accounts. Someone may have compromised their account
  • Be wary of offers on your newsfeed that look ‘too good to be true’ – they probably are
  • Regularly change your password and make sure it isn’t something obvious that a hacker could guess
  • Choose a username which doesn’t include too much personal information