As the winter festive period approaches, more email scams are to be expected. To shed some light on these issues, first direct looked at the latest scams and most common tactics used by cyber criminals and collated tips on how people can protect themselves against these attacks ahead of the Christmas shopping season.
Phishing emails & texts
Phishing emails are a common way scammers target their victims, and we expect to see an influx of phishing emails in the run-up to the festive period, promoting deals and services you might want to make the most of for Christmas. Fake emails will be sent with the pretence they are from large organisations that customers will usually trust, selling services or products at discounted prices.
These emails will direct victims to a convincing copy of the company website they think they are interacting with, before asking users to input personal details, which will then be stolen.
Action Fraud, The UK’s fraud reporting center, advises that if you have received an email which you’re not sure about, forward it to the Suspicious Email Reporting Service (SERS): firstname.lastname@example.org. You can also report those directly to your bank.
Once the email is sent, the National Cyber Security Centre (NCSC) will analyse the suspicious email and any websites it links to. They'll use any additional information you’ve provided to look for and monitor suspicious activity.
If they discover any activity that they believe is malicious, they may:
- Seek to block the address the email came from, so it can no longer send emails
- Work with hosting companies to remove links to malicious websites
- Raise awareness of commonly reported suspicious emails and methods used (via partners)
Festive holiday fraud
In the run-up to Christmas, you might be wanting to book a winter break, or make the most of online deals to book a holiday for 2023. However, stay vigilant.
Scammers sometimes target holiday and accommodation booking websites to trick customers into paying for services that are not available or do not exist.
In a lot of these situations, victims only realise they have been the victim of scamming when they turn up for flights or accommodation.
Here are ways consumers can spot a potential holiday scam:
- You’re contacted unexpectedly by a travel agent or company you’ve never spoken to before, offering a holiday at an unusually low price.
- The details, pictures or address of the property or hotel on offer look suspicious, or independent website reviews aren’t favourable or don’t exist.
- You’re asked to pay using bank transfer or cash; pay with a credit card or with a debit card if you can for extra protection.
- It looks too good to be true! If a holiday deal you see online feels a little bit too cheap, there’s a chance this could be a scam. Pause and consider the legitimacy of the website selling the deal.
Bank impersonation scams
There's been a steep rise in scammers pretending to be from your bank and urging you to move money into ‘safe accounts’. As we come up to Christmas, scammers might use this occasion as a way to lure you into sharing your details by pretending to be your bank and telling you you’ve been victim of an online scam, assuming you might have made a purchase around this time.
They use clever techniques to seem legitimate, such as sending scam emails or texts, which urge you to click on a link, using information they've found out about you or calling from a number that looks legitimate.
There are a number of ways stay safe from these scams:
- Never move money to a ‘safe account’ if asked to do so
- Never share any one-time codes
- Remember to challenge suspicious calls or texts and contact your bank directly using the number on your card
Parcel delivery scams
A very common scam around this time of year are parcel delivery scams, where you will receive a text or email appearing to be from a courier company or from Royal Mail, telling you you’ve missed a parcel and need to input personal details to organise a redelivery.
At a time of year where you’ll likely be buying things online and expecting deliveries, it can be very easy to fall victim to this type of scam, particularly as the text or email will often look perfectly legitimate.
To protect yourself, it’s important to do the following:
- Don’t click any links in the email or text
- Check the text or email for misspellings of your name or the courier company – if a text, this will often come from a random mobile number, and a fake email will often come from an email address that doesn’t look like a legitimate company email
- Don’t input any personal information – a legitimate company won’t ask for personal details to book a redelivery
- Treat any unexpected requests for money to request the delivery with suspicion
Other Ways to Protect Yourself Against Online Scams
You can protect yourself in a number of ways by applying some simple ground rules. Here are some tips for staying safe online compiled by first direct:
- Stick with trusted companies and always check online reviews
- If a deal feels ‘too good to be true’ – it usually is! Be mindful of anything that feels too cheap – there is usually a reason for this
- Always use secure sites with “HTTPS” in the web address
- Never give your passwords, PINs or bank account numbers
- Never pay for goods by bank transfer and be suspicious if you are asked to do so
- Use different “strong” passwords for different accounts, as this will help protect your information in data breaches
- When entering sensitive information or online shopping while away from home, try to use your network data rather than less secure public Wi-Fi hotspots
- Do not open suspicious texts, pop-up windows or click on links or attachments in emails – delete them
- Instead of clicking on links in online ads, it can be more secure to visit retailer websites directly
- Install security software such as anti-virus and two-factor authentication. This kind of software is often available for free.
- Keep all security software and operating systems updated (this can be set to update automatically)
- Book holidays directly with an airline or hotel, or through a reputable agent. Check whether they’re a member of the Association of British Travel Agents