UK banks today releasied their top 10 current phishing scams:
1. Fake government emails offering grants of up to £7,500. Clicking on the links allows scammers to steal personal and financial information
2. Scam emails offering access to "Covid-19 relief funds"
3. Official-looking emails offering a "council tax reduction" 4. Benefit recipients are offered help in applying for universal credit, but fraudsters grab some of the payment as an advance for their "services" 5. Phishing emails claiming that the recipient has been in contact with someone diagnosed with Covid-19 6. Fake adverts for non-existent coronavirus-related products 7. Fake emails and texts claiming to be from TV Licensing, offering six months free but asking people to update their payment information 8. Emails asking people to update their TV subscription services payment details by clicking on a link 9. Fake profiles on social media sites are used to manipulate victims into handing over their money 10. Fake investment opportunities are advertised on social media sites, encouraging victims to "take advantage of the financial downturn"
and phishing scams in general having escalated during lockdown - our friend and Cybersecurity Expert - Ian Harris, Head of the Cybersecurity Course at Robert Gordon's University in Aberdeen, has provided us with this advice to share.
When you receive an email check the following:
FROM: It’s not some from someone I normally have contact with It’s really unusual to get an email from this person It is from a person or organisation I usually get emails from BUT the from address is strange or not quite what I expect this person to send from (hover over the email address to check the return email - watch for missing letters, it may be only out by one letter or digit or a very tiny alteration) TO: It was sent to me and an unusual list of other people SUBJECT: The subject line is misleading or not related to the message The subject line is badly spelt, or with lots of numbers replacing letters. The subject line looks like a RE: reply message, but I didn’t send one first ATTACHMENTS: There’s an attachment I wasn’t expecting The attachment is a ‘dangerous file type’, you can only really trust .txt text documents CONTENT: The message is really short, doesn’t make sense, with a link to click The message has one or many spelling mistakes The message doesn’t address me by name, just ‘Customer, Sir, Madam, User’ The link in the message isn’t the normal address for the destination it claims to be The content is trying to make me do something, scare me, or worry me, a ‘call-to-action’, click a link or reply. The content claims to know something about me, trying to embarrass me. I just have a gut feeling, somethings not right about this message. And if you receive an email pressing you to act... Whatever happens, take a moment, read it twice, think about what it’s really trying to get you to do. An email never needs immediate action, they’d phone you if it was really important. You don’t have to trust the content of an email. And if they do phone you, hang-up, wait 5 minutes. Google search for the contact details, call or email them. Ian Harris Lecturer School of Computing Science and Digital Media, RGU