There has been a sharp rise in fraudsters sending out fake text messages (smishing) and phishing emails claiming to be from TSB. The increase in the number of reports corresponds with the timing of TSB’s computer system update, which resulted in 1.9 million users being locked out of their accounts. Opportunistic fraudsters are using TSB’s system issue to target people with this type of fraud. Since the start of May there have been 321 phishing reports of TSB phishing made to Action Fraud. This is an increase of 970% on the previous month. In the same reporting period, there have been 51 reports of cybercrime to Action Fraud which mention TSB – an increase of 112% on the previous month. Fraudsters are commonly using text messages as a way to defraud unsuspecting victims out of money. Known as smishing, this involves the victim receiving a text message purporting to be from TSB. The message requests that the recipient clicks onto a website link that leads to a phishing website designed to steal online banking details. Although text messages are currently the most common delivery method, similar communications have been reported with fraudsters using email and telephone to defraud individuals. In several cases, people have lost vast sums of money, with one victim losing £3,890 after initially receiving a text message claiming to be from TSB. Fraudsters used specialist software which changed the sender ID on the message so that it looked like it was from TSB. This added the spoofed text to an existing TSB message thread on the victim’s phone. The victim clicked on the link within the text message and entered their personal information. Armed with this information, the fraudsters then called the victim back and persuaded them to hand over their banking authentication code from their mobile phone. The fraudsters then moved all of the victim’s savings to a current account and paid a suspicious company.   Protect Yourself: Don’t assume an email or text is authentic: Always question uninvited approaches in case it’s a scam. Phone numbers and email addresses can be spoofed, so always contact the company directly via a known email or phone number (such as the one on the back of your bank card). Clicking on links/files Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected text or email. Remember, a genuine bank will never contact you out of the blue to ask for your full PIN or password. If you have received a suspicious TSB email, please do not respond to it, report it to https://www.actionfraud.police.uk/report_phishing and also forward it toemailscams@tsb.co.uk Every Report Matters. If you have been a victim of fraud or cyber crime, report it to online or by calling 0300 123 2040. Visit Take Five and Cyber Aware for more information about how to protect yourself online.

Message Sent By Action Fraud (Action Fraud, Administrator, National)

The National Fraud Intelligence Bureau (NFIB) has identified a number of reports where job seekers are being targeted by fraudsters trying to obtain personal and banking details from them, or requesting money to secure accommodation.

 Individuals registering with job seeking websites or searching for jobs on The Student Room website are being contacted by bogus recruitment companies/businesses asking them to complete application and interview forms which request personal details and banking details, as well as copies of identity documents.

In some instances the applicant is invited along for interview, either in person or over the phone, to make the process look as legitimate as possible. This is impacting on students and graduates looking for work both in the UK and overseas. Some job seekers, as well as divulging personal details, have paid money to the fraudsters in order to secure a bogus rental property alongside the job offer.

How to protect yourself: 

• Check emails and documents from the recruiter for poor spelling and grammar – this is often a sign that fraudsters are at work.
• If visa fees are mentioned, ask the embassy representing the country where you believe you will be working how to obtain a visa and how much it costs. Check that the answers the potential employer or recruiter gave you are the same – if they’re not, it may be a sign of fraud.
• Carry out thorough research to confirm that the organisation offering you the job actually exists. If it does exist, contact the organisation directly using contact details obtained through your own research or their website to confirm the job offer is genuine.

 What to do if you’re a victim: 

• If you think your bank details have been compromised or if you believe you have been defrauded contact your bank immediately.
• Stop all communication with the ‘agency’ but make a note of their details and report it to Action Fraud.
• Warn the operators of the job website you used that their site is being used by fraudsters.
• If you have been affected by this, or any other type of fraud, report it to Action Fraud by visitingwww.actionfraud.police.uk or by calling 0300 123 2040.

  

Gmail Phishing Attack

I have received the following alert from a security company regarding a widespread phishing attack running through Gmail.

In summary, people are receiving an email from someone they know (whose account has been hacked) and may include an image of an attachment you may recognise from the sender.

When you click on the image expecting Gmail to show a preview instead you get a Google login page except that the address bar will show

and not start with the usual https – otherwise its exactly the same as the Google login page!  As soon as you enter your details they have stolen your account name and password, will use them fairly quickly and pick up one of your emails and attachments and send it around your address book.  Because they have your email they can then use other services they find in your email and get your passwords (using the forgot password facility) and you are very compromised.

When you log into any service you should check the protocol in the address bar and it should look something like this

with nothing between the lock symbol and the https (apart perhaps for the word “Secure” or the company’s name as in)

I would recommend reading the full blog highlighting this attack method and offering advice regarding protecting yourself.

Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited

 

Action Fraud has received several reports from victims who have been sent convincing looking emails claiming to be from Amazon. The spoofed emails from “Service@Amazon.co.uk”claim recipients have made an order online and mimic an automatic customer email notification.
The scam email claims recipients have ordered an expensive vintage chandelier. Other reported examples include: Bose stereos, iPhone’s and luxury watches.

The emails cleverly state that if recipients haven’t authorised the transaction they can click on the help centre link to receive a full refund. The link leads to an authentic-looking website, which asks victims to confirm their name, address, and bank card information.

Amazon says that suspicious e-mails will often contain:

• Links to websites that look like Amazon.co.uk, but aren’t Amazon.co.uk.
• Attachments or prompts to install software on your computer.
• Typos or grammatical errors.
• Forged (or spoofed) e-mail addresses to make it look like the e-mail is coming from Amazon.co.uk.

Amazon will never ask for personal information to be supplied by e-mail.
You can read more about identifying suspicious emails claiming to be from Amazon by visiting https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=201489210

To report a fraud or cyber crime, call us on 0300 123 2040.

Fraudsters are targeting members of the public who are expecting to make a payment for property repairs. The fraudsters, via email, will purport to be a tradesman who has recently completed work at the property and use a similar email address to that of the genuine tradesman. They will ask for funds to be transferred via bank transfer and once payment is made the victims of the fraud soon realise they have been deceived when the genuine tradesman requests payment for their services.

Protect Yourself:

• Always check the email address is exactly the same as previous correspondence with the genuine contact.
• For any request of payment via email verify the validity of the request with a phone call to the person who carried out the work.
• Check the email for spelling and grammar as these signs can indicate that the email is not genuine.
• Payments via bank transfer offer no financial protection; consider using alternative methods such as a credit card or PayPal which offer some protection and avenue for recompense.

If you believe that you have been a victim of fraud you can report it online at:  http://www.actionfraud.police.uk/report_fraud or by telephone on: 0300 123 2040.

Fraudsters have set up a high specification website template advertising various electrical goods and domestic appliances. These goods are below market value and do not exist. The fraudsters will request your card details via the website; however the purchaser will then receive an email stating the payment failed and they must pay via bank transfer.

The fraudsters entice the purchaser and reassure them it is a legitimate purchase by using the widely recognised Trusted Shop Trustmark. The fraudsters are using the Trustmark fraudulently and have not been certified by Trusted Shops and therefore the purchaser is not covered by the Trusted Shop money-back guarantee.

Protect yourself:

• Check the authenticity of the websites before making any purchases. Conduct a ‘whois’ search on the website which will identify when the website has been created, be wary of newly formed domains. You can conduct this search using the following website – https://who.is/.
• Carry out online research in relation to the website, company name and the business address provided to identify any poor feedback or possible irregularities.
• Check the Trusted Shops Facebook page where warnings about websites using their Trustmark are published. If you are in doubt about the legitimacy of a Trustmark then you can contact Trusted Shops on 0203 364 5906 or by email service@trustedshops.co.uk. They will confirm whether they have certified that website.
• Payments made via bank transfer are not protected should you not received the item. Therefore always try to make the payment via PayPal or a credit card where you have some payment cover should you not receive your product.
• If the item advertised seems too good to be true, then it probably is.

If you believe that you have been a victim of fraud you can report it online http://www.actionfraud.police.uk/report_fraud or by telephone 0300 123 2040.

Cyber Attack
Talk Talk, the phone and broadband provider, has been the victim of a cyber attack on their website commonly referred to as DDoS – distributed denial of service attack. This has led to hackers accessing Talk Talks servers and stealing personal data, which could affect over four million customers. It is currently unknown exactly what data has been stolen but Talk Talk has stated that there is a chance that some of the following data could have been accessed:

• Name and addresses
• Dates of birth
• Email addresses
• Telephone numbers
• Talk Talk account information
• Credit card and banking details

Protect yourself
Be wary of any emails claiming to be from Talk Talk asking for additional information such as passwords even if they are able to tell you specific account details – this could be a phishing email and sent to gain access to your account.

If you have opened an email attachment please ensure you change the passwords for all your bank, email and online shopping accounts.

As well as e-mails be wary of any telephone calls claiming to be from Talk Talk that ask for additional information or want to gain remote access to your computer. Again they may tell you specific details about your account. If you get such a call do not give any details, terminate the call, use a separate telephone line/mobile phone and call Talk Talk back on one of their known numbers to ascertain if the call is genuine.

Monitor your bank accounts for any unusual activity that you believe may be fraudulent.

Fraudsters have been phoning victims telling them that they have been placed in the wrong council tax bracket for a number of years and are entitled to a rebate. They normally say that this rebate should be worth about £7,000. Once the victim is convinced, the fraudster tells them that in order to receive the rebate they will need to pay an administration fee in advance. The payment they ask for varies between £60–£350. The victim provides the details and makes the payment, but then is no longer able to make contact with the person they spoke to on the phone. When they phone their council about the rebate and the fact that they are in the wrong tax bracket, the council will confirm that they know nothing about it and that they have been contacted by fraudsters.

The fraudsters have mainly been targeting both male and female victims who are aged 60 and over and live in the Sussex area, but it is likely that the fraudsters will also start to target victims in other areas.

Protect Yourself:

• Never respond to unsolicited phone calls.
• Your local council won’t ever phone out-of-the-blue to discuss a council tax rebate. If you receive a call of this nature, put the phone down straight away.
• No legitimate organisation will ask you to pay an advanced fee in order to receive money, so never give them your card details.
• If you think you have been a victim of fraud, hang up the phone and wait five minutes to clear the line as fraudsters sometimes keep the line open. Then call your bank or card issuer to report the fraud. Where it is possible use a different phone line to make the phone call.

If you believe that you have been a victim of fraud you can report it online http://www.actionfraud.police.uk/report_fraud or by telephone 0300 123 2040.