Do you need breathing space from your debts?
Find out which debt solution is right for youGet started
Answer a few simple questions
See if you are suitable
Understand your next steps
Everyone is susceptible to being scammed, keep yourself protected with our guide.
Have you ever had a call from someone claiming to be your bank? Or an email from Paypal, HMRC or BT stating that your account has been blocked? If you have, you may have been targeted by social engineers, or as they’re better known, scammers.
You may think that being scammed is just a case of not using your common sense. In fact, the reality, as we’ll show you, is that anyone can be scammed, or socially engineered, as it’s now known. Why? Because unlike the relatively well-known scam, involving an African princess asking you to help her transfer money in return for a fee, many new ways types of socially engineering people are truly complex, so much so that even the experts would have trouble spotting them.
So, don’t ever think you are immune to a scam. Scammers are clever, they spend lots of time and money thinking up ways to part you from your money. And scams don’t always have to come from an online source either. More and more often these days, people are being scammed using fake phone calls, text messages, landline calls and even by post. The reason these scams are sometimes called social engineering is that the scammers will find out some information about you – for example from your Facebook page – and then use that to tailor the scam so that it looks really believable.
If you ever find yourself the victim of a scam, don’t be embarrassed about it, report it straight away. The quicker you let your bank, and the police, know about the scam, the better.
Read on and with the help of Get Safe Online, we’ll show you how.
How can you protect yourself?
One of the first things you can do is familiarise yourself with what the social engineers get up to. So here a list of the 11 most commonly used themes for trying to get information out of you, taken from a report from Jan 2016, created by fraud-prevention agency Cifas:
BT account updates
HMRC tax refund scheme
Tesco vouchers, Apple ID, accident injury claim and other
Suspended credit card account
Suspended Tesco bank account
Sky service updates
It’s also useful to remember that around 1 in 3 of all phishing emails that land in your inbox will contain a malicious link. That link will usually contain a virus that will allow the social engineers to take personal details from your computer or phone. However, the report also states that phishing scams that contain links are, thankfully, on the decrease. These days, you’re more likely to get an email asking for your personal details directly, as people are getting wise to the link scam.
Next let’s look at what things you can do to prevent yourself from becoming the victim of a scam.
Use your common sense
There are some common sense things you can do to protect yourself from social engineering. It’s nothing tricky, in fact, it’s not much different to what you’d think about if someone were to approach you on the street and ask for personal details about yourself. Would you give someone you didn’t know you name, address, date of birth and bank details, without wanting to verify who they were, who they worked for and what they needed the information for? Probably not, so why would you do it in response to a text, email, or phone call?
In any case, if you ever receive a call or message from someone and you’re not sure if it’s genuine, do nothing, and contact the people they claim to be using another method. Here are some other ways you can spot a scammer:
1. Never give out your name, address, date of birth or anything else that’s personal, to people you don’t know.
2. Same goes for your passwords, pin numbers, ID codes and your bank account number or sort code. If you bank calls you, they will never ask for the whole of your pin number, so if you get asked for this, you can be pretty sure it’s a scam of some kind.
3. Be sure to remember that scam emails can take information from your computer, phone or tablet, in fact any device that allows you to open emails, so make sure that you have the most up-to-date virus protection. Hopefully, this will help to prevent, or at least warn you, about dodgy sites.
4. Try to make sure, as far as you can, that any website you give your personal and financial details to is genuine. You can do this by calling any telephone numbers you see on there to see who picks up. By looking for other contact details, like an address or landline number. Also look at the quality of the website and think about whether it looks genuine. Are any pictures good quality? Does the website address match the name of the company? Do the links work?
5. If you’re on a call with someone who advises you to call your bank, for example, to verify the transaction is genuine, make sure you use a different phone to make the call from. This is because the scammers can take over your phone line and make it seem like you are making a genuine call, when in fact, it’s still them on the line.
6. If you receive an email from someone you don’t know that has links in it or attachments with it, don’t click them.
7. Check the email address matches where the mail is supposed to be coming from. For example, if you get an email supposedly from Paypal, but the email address is something like [email protected] it’s not likely to be genuine.
8. Check the contents of the email. If it’s a genuine email from a company you shop with or your bank, it will usually include your name. If you get a scam email it’s usually a generic greeting, like Good afternoon, with no name included. And, if there’s a sense of urgency – you must do something right now to stop fraud – that’s also a sign of a scam. And the final hint that the social engineers are targeting you is if the email is badly written, with poor spelling and grammar.
9. Even if you know the sender, if the email looks wrong somehow, still don’t click on it. Email the person it came from on a different message and ask if they sent you anything. You can, with certain email providers like Outlook, report phishing emails for when you’ve received a message from a friend, but you think they’ve been hacked.
10. Don’t attach any external storage devices, like external USB drives or pen drives as they’re more commonly known, to your computers. This is one of the favoured methods for introducing viruses.
If you think you’ve been subjected to a scam, you should report it. This helps others, as the more we know about the various scams there are, the more vigilant we can be at spotting them. You can report any suspected fraud to Action Fraud, by calling 0300 123 2040 or online at Action Fraud.
by Shelley BowersBack to blog home