Fake emails are a favourite way for fraudsters to approach their victims. Unfortunately, it is almost impossible to keep up with the variety of fraudulent emails and other online scams that are increasingly appearing on our computer screens and smartphones. However, by taking your time and following the simple steps below, you can better protect yourself from falling victim to attempted fraud.

SPOTTING SCAM EMAILS

Look out for the following signs:

  • the sender’s email address looks suspicious. Roll your mouse pointer over the sender’s name to check it. If it doesn’t match the organisation's website address it says it’s from - it could be a scam
  • the email doesn’t use your name – it says something like ‘Dear customer’ instead
  • there’s a sense of urgency, asking you to act immediately
  • there’s a prominent website link that may look like the proper address but has one letter missing or spelt wrong
  • there’s a request for personal information
  • the email has poor grammar and spelling mistakes
  • the entire text of the email is contained within an image rather than the usual text format, and the image contains an embedded hyperlink to a bogus site. So again, roll your mouse pointer over the link to reveal its true destination. But don’t click!

PROTECTION ONLINE

It’s important to use strong passwords on all your online accounts, always have anti-virus software and a firewall installed, and update these to the latest versions as soon as these become available.

  • Create a separate password for your email accounts. Make sure you have strong passwords and change these regularly. For a secure password, use three random words and include a symbol, numbers and upper and lower-case letters. Find out more about strong passwords here.
  • Install two-factor authentication (2FA) for your email accounts as an additional process to secure your account. Find out more in this Little Guide to 2 Factor Authentication.

Further actions you can take to keep safe online

  • Look after your mobile devices. Remember not to leave them unattended in public places and protect them with a PIN or passcode.
  • Ensure you always have internet security software loaded on computers and update to new versions immediately. Have a look at this Little Guide to Always Updating Your Software.
  • Don’t assume that Wi-Fi hotspots in places like cafes and hotels are secure. Never use them when you’re doing anything confidential online, like banking. Instead, use 3G or 4G or a Virtual Private Network (VPN). Find out more about public Wifi here.
  • Never reveal too much personal or financial information (when using emails, social networking, and dating sites). You never know who might see it or use it. Find out more here.
  • Always consider that online or on the phone, people aren’t always who they claim to be. Watch this video from Action Fraud.
  • Don’t click on links or open attachments if the source isn’t 100% known and trustworthy, or it seems strange that you’d be receiving them. For more information, click here.
  • Always access internet banking sites by typing the bank’s address into your web browser.
  • Never respond to emails, texts, letters, or social media that look suspicious, including bad spelling or grammar messages.
  • Be cautious when going to a website from a link in an email and then enter personal details – the email could be fraudulent.
  • If someone you’ve never met in person asks you for money, that should be a red flag. Tell them you’re not interested and stop all contact.
  • Never pay for anything by direct bank transfer unless it’s to someone you know personally and is reputable.
  • When shopping online, sign up to American Express SafeKey, Verified by Visa and MasterCard SecureCode, so look for the padlock or unbroken key symbol when you first visit a site. Where possible, make your purchase with a credit card or via a credible online payment system (such as PayPal) which protects you in the event of fraud.

If you are at all suspicious, heed your instincts! You are most probably right to be concerned.

REMEMBER: IF SOMETHING SEEMS TOO GOOD TO BE TRUE, IT USUALLY IS!

Report all emails that you believe to be fraudulent to report@phishing.gov.uk

Resources

  • Action Fraud’s video series called The Devil’s in their Details has films on online fraud and infographics on email spoofing, Identity Fraud, using public wifi and money mules.
  • Get Safe Online (GSOL) provides practical advice on protecting yourself, your computers and mobile devices against fraud, identity theft, viruses, and many other problems encountered online.
  • GSOL has also made short films explaining some of the online risks and providing simple advice on avoiding them.  View these here.