Too good to be true? Protecting yourself and others from scams online

 

Safer Internet Day is a global initiative which promotes the safe and responsible use of digital technology.

Each year, it’s the UK’s biggest celebration of online safety.

This year it focuses on the issue of scams online, and how to protect yourself and others, especially young people.

Access to the internet is more important than ever, with health, education, finance, and social interaction all firmly situated online – but with the growing power of the internet comes growing risk.

How do you know what’s safe, and what is a scam?

Is that offer too good to be true?

Cwmpas, the organisation that delivers the Digital Communities Wales programme, has been delivering Welsh Government initiatives to help residents in Wales get online for 20 years.

Here, Digital Communities Wales staff members offer their top tips to raise awareness of online scams, and to help you to stay safe online.

 

Beware of Fraudulent Text Messages (‘Smishing’)

In today’s digital world, our smartphones are an integral part of our lives. From communicating with friends and family, to shopping and banking, we’re bombarded with messages day in and day out.

But how do we know which messages are safe, and which are fraudulent?

Fraudulent text messages (also known as ‘smishing’) are on the rise. These malicious texts often mimic legitimate messages from banks, delivery companies, or government agencies.

Examples of these texts include:

• Bank account – ‘there has been suspicious activity on your account, please click this link to verify your account’.
• Delivery companies, informing you of a missed package and directing you to a payment link.
• Government-related scams might claim you are due a tax rebate, with a link to click to claim your rebate.

All of these examples stress urgency and ask you to click a link which takes you to a fake website which can obtain your log in details, bank account details or ask you to pay a fake company.

The ‘missed delivery’ fake text is particularly common in the run up to Christmas, when lots of people are indeed awaiting deliveries. However, a legitimate delivery company would never contact you in this way.

How to Spot a Smishing Text:

• Check the sender. Be wary of unexpected messages or those from unknown numbers. Legitimate companies rarely send urgent requests via text.
• Look for grammatical errors and suspicious links. Phishing texts often contain spelling mistakes and poor grammar.
• Avoid Clicking Links. Do not click on links or attachments unless you’re sure of their legitimacy.
• Stay vigilant and remember, if a message seems too urgent or suspicious, it’s always better to double-check before taking action.

Matthew Bevan – Digital Inclusion Advisor

 

Be wary of website spoofing

Website spoofing is when a fraudulent website is created that closely resembles or accurately mimics a legitimate one.

Cyber attackers are increasingly using spoofed communications to deceive victims into handing over their personal information or money.

Attackers often use phishing emails or smishing texts (see above) or malicious ads to get users to click on a link that directs them to the spoofed website.

Steps to take to avoid getting scammed:

• Avoid suspicious links and unknown attachments.
• Double-check the website’s address.
• Most websites now have a padlock icon next to the URL, indicating that the site is encrypted. This means that browsing or making payments cannot be intercepted. If you notice a site does not have one, it could be a red flag.
• Watch out for poor English, such as spelling and grammar mistakes, or phrases that don’t sound quite right.
• If prices seem too good to be true, they probably are.
• If the website does not have a ‘Contact Us’ page, it could be fraudulent.
• To verify a website’s legitimacy, use a website checker tool like Free Website Scam Checker – Check a website by Get Safe Online

If you notice something doesn’t look right, STOP.

Don’t click anything. Report the website.

If you’ve already interacted with the website, support is available. If you have lost money to a scam and paid with a credit or debit card, or transferred money from your account, notify your bank or payment provider as soon as possible, and report the incident to Action Fraud.

Anita Leimane – Digital Communities Wales Intern

 

The ‘family emergency’ scam

Impersonation scams are fraudulent attempts where scammers pretend to be someone you know or trust in order to steal money or personal information. These scams can happen through phone calls, emails, text messages or social media. The scammer might pose as a government official, a bank representative, a tech support agent, or a friend or family member.

A common version of this scam is the ‘family emergency’ scam, where scammers impersonate a relative in distress, claiming they are in trouble and urgently need money. They may say they’ve been in an accident, have urgent bills or they are stranded and unable to get home. The scammer’s goal is to create a sense of panic, encouraging you to act quickly and send money without questioning the situation.

To avoid falling victim to the ‘family emergency’ scam:

• Always verify the identity of the person contacting you.
• Never share sensitive information like passwords or bank information without being 100% sure of the requester’s identity.
• Be cautious of high pressure tactics that demand immediate action.
• If you suspect a scam, contact the person or company directly using trusted channels of communication to confirm.

Jared Jones – Digital Communities Wales Communications Intern

 

The ‘your device has a virus’ scam

With the ‘tech support’ scam, you may receive a fake notification or phone call from scammers claiming your digital device is infected or has a virus, and offering costly, unnecessary ‘fixes’.

How the Scam Works:

• Phishing Calls: Scammers impersonating well known legitimate companies call your phone, using scare tactics to convince and pressurise you to give them remote access to your digital device.
• Fake Notifications: Pop-ups or browser warnings encourage you to ‘Call This Number Urgently!’ for assistance.
• Email Scams: Emails with alarming subject lines like ‘Immediate Action Required!’ These emails often contain links to malicious websites or attachments that can infect your device.

Tips to protect yourself and others:

• Legitimate support would not use fearmongering and urgency to make you respond.
• Be wary of unknown numbers calling you, especially mobile numbers.
• Unless you are 100% certain of the identity of your tech support, do not give remote access.
• Unless you’re 100% certain, don’t click on a link or enter a ‘unique code’.

Mohammed Basit – Digital Inclusion Advisor

 

Too good to be true? It’s probably a scam.

Giveaway competitions that promise free products or prizes aren’t always what they seem.

The promise of something for nothing can be tempting, but the danger lies in what scammers do with your information.

How the Scam Works:

• Scammers use social media, emails, or pop-up ads to entice you in with offers of free products, gift cards, or exclusive prizes.
• To claim the prize, they will ask for your personal details – your name, address, phone numbe – and often a small ‘fee’ for delivery costs.
• In reality, there is no prize, fraudsters use these details to scam you.

Tips to protect yourself and others:

• If you receive an offer like this, be suspicious.
• Never share personal or financial information with unfamiliar sources.
• If you’ve lost money to a scam, call your bank immediately using the number on the back of your card and report the scam to Action Fraud or call 0300 123 2040.

The internet keeps us entertained, informed, and in touch – but we need to make sure it doesn’t put us or our loved ones in danger.

The best advice is to stay vigilant and report any suspicious activity to protect yourself and others from falling victim to these scams.

Remember: if it seems too good to be true, it probably is.

Angela Jones – Digital Inclusion Advisor