You should be careful when clicking on links, especially in your emails. These links could inadvertently activate malware or make you visit a fake website.
If you are logging into online banking or committing to a purchase when shopping online, the website address bar should change from http://www.exampleofawebsite.co.uk to https://www.exampleofawebsite.co.uk. A padlock should also be displayed next to the company name in the address bar, which indicates a secure site. If you do not see this when being asked for your payment details, do not continue.
Email accounts are a growing target for fraudsters. With access to an email account, a fraudster can profile the contacts and read the email history to look for upcoming financial transactions or deals. Fraudsters can then impersonate the account holder, typically telling their contacts that their bank account details have changed and rerouting all future payments to the fraudster.
For example, if a fraudster gains access to an email account when a house purchase is taking place, he/she may be able to change the beneficiary details for the sale a few days before the sale is due to take place. The compromised email account could be that of the seller or the solicitors.
There are certain measures you can take to try and protect yourself:
- Always verify sensitive information requests, especially payments, using another means such as a telephone call to the beneficiary to check the details.
- Always use strong passwords which are generally long and have a mixture of characters.
- Consider using a two-factor authorisation process for your email account.
If you think your email has been compromised, change your password, inform the bank and seek professional IT assistance.
“Malware” or malicious software can be used to perpetrate a variety of scams online, many of which go undetected at the time. Typically, fraudsters will send an unsolicited email which contains an attachment or a link to another website. Simply by clicking on the attachment or link, the malware can be downloaded onto the victim’s device without any noticeable request of permission. Sophisticated malware may try to check the stored data on your internet browser by looking at your cookies. For example, you may have asked your internet browser to remember the password for an online retailer.
Spying activity can allow a fraudster access to websites you visit. This means that they can profile your behaviour or prompt an attempt at fraud from another channel such as a telephone call. Malware may also allow a fraudster access to your files and folders which may contain sensitive documents. Malware can also enable a fraudster to take control of your device remotely, allowing them complete control of your device and any programmes or applications you have open.
To avoid malware fraud, there are certain measures you can take:
- Avoid clicking on links or attachments in your emails unless you have verified the content.
- Ensure your antivirus software is up to date.
- Seek professional IT advice if you suspect your device has been compromised.
We continue to see examples of the public buying goods online which turn out to be a scam. Wherever possible, you should buy goods from trusted brands and merchants. The old adage “if it looks too good to be true, it probably is” rings true to many victims of this type of fraud. Take care when making payments that the address bar is still for the same company you are dealing with and you have not been redirected to another website.
To avoid fraud from shopping online, you should:
- Only buy goods from well-known and recognised merchants.
- Research companies you are unsure of. For example, you could check Companies House or see if they have some kind of recognised accreditation such as “ATOL protected” for holiday purchases.