07/04/22
Welcome to the latest edition of the Scam Share bulletin. Stay Scam Aware and please share any relevant information in this bulletin with friends and family.
Suspicious Text Messages
If you receive a suspicious text message you can forward it to 7726. The free-of-charge ‘7726’ service enables your provider to investigate and take action if malicious content is found.
Recently Reported Scams
Fake Cadbury Easter Giveaway
The Scam
As Easter approaches, consumers are being warned to be wary of scam messages currently circulating on WhatsApp which appear to offer a free Easter basket of Cadbury chocolate.
The message asks you to click on a link to take part in an 'Easter Egg Hunt', saying that 5,000 'free gifts' are available.
The link leads to a website which uses Cadbury branding and asks you to take part in a short game to win a prize. You are then asked to enter your personal details in order to claim the prize. The URL ends in .ru, suggesting that it is based in Russia.
Cadbury has confirmed that these messages are not genuine and have warned consumers not to click on the links.
How to Avoid
If you receive unsolicited emails or texts offering prizes or deals, do not click on any links or open any attachments and never enter any personal or banking details;
Check the spelling and grammar in the message. Scam offers or giveaways often contain small mistakes and unusual wording;
Read the terms and conditions before taking part in any giveaway – many fraudulent prize draws or offers do not list basic terms and conditions such as deadline dates or details on how winners will receive their prize;
Before taking part in an offer or competition which is supposedly being run by a big brand, look at their official website or social media channels to see if it is genuine.
The Scam
There have been hundreds of reports within the last week of scam emails which appear to have been sent by Norton, providers of antivirus software.
They say your antivirus subscription has expired or is set to be renewed automatically and ask you to contact a 'support team' if you want to cancel the subscription.
You may be asked to click on a link or to phone a number given in the email. Phoning the number will connect you with a scammer who will ask you to confirm your own contact details and bank account information in order to secure a 'refund'.
Similar emails, which appear to have been sent by McAfee, have also been reported. They also say that your subscription has expired and your device is unprotected. You are asked to click on a link to renew your subscription 'to keep your privacy online and protect your communications'.
The links in these emails lead to copycat websites with Norton or McAfee branding which ask for your personal and payment details.
How to Avoid Don't click on links in unexpected emails - if you are not sure about the status of your subscription to a particular software or product, log in to your account to check or contact the company using details found on their official website.
The Scottish Government are warning people to be wary of potential doorstep scams, as local field teams begin to visit the homes of those who have yet to submit their census return to provide guidance and support.
How to Avoid Census Scams
Official field teams will always show formal identification. You can verify their identity by calling the helpline on 0800 030 8308.
They will never ask you for money or personal financial information. If a caller who says they represent the census does ask you for these, it is a scam.
They will never ask to enter your property. If you feel uncomfortable or unsafe at any time, call Police Scotland on 101 or 999 in an emergency.
They will never phone unexpectedly to ask you to provide personal information.They will only phone, email or text you if you have requested this.
Don't click on links in unexpected text messages or emails. If you are unsure about a message you receive, you can contact the census online at www.scotlandscensus.gov.uk/contact-us or by calling the helpline on 0800 030 8308.
The Scam
This week there have been reports of cold callers visiting properties in the north of Scotland, who said they were working with the local council and were there to discuss putting in broadband.
They asked for a payment of £200 upfront and an ongoing monthly payment of £20, which they said they would return to collect.
One resident contacted the council, who advised that they have nothing to do with supplying broadband and had no workers in the area.
In another case, a man wearing a lanyard saying he worked for Martin Lewis was going door to door and asking residents if they knew what WiFi cable they had, as work was currently being carried out on cables in the local area. He asked to look at their phone or tablet to ‘check the WiFi cable’.
There have also been reports of cold callers who claim to be from BT and say they have received complaints about the internet speed in the area.
In one case, they asked to enter a house to "do a speed check"; however, the householder refused. They later contacted BT, who confirmed that the caller was not genuine and that they had no staff currently in the area.
How to Avoid Always verify the identity of a cold caller before dealing with them. If a cold caller claims to work for a particular company or for the council, close the door and, rather than phoning the number on the caller's ID card, look up the council or company’s number on their official website or in an official phone directory. Legitimate callers will be happy to wait while you perform these checks.
Never feel obliged to answer the door to a cold caller – it is your home and you should not let anyone in unless you feel comfortable.
In 2021, over 20,000 people reported falling victim to scams that involved fraudsters remotely connecting to their computer, with losses totalling over £57m. Police Scotland is working with City of London Police and TeamViewer to run a national campaign this week to raise awareness of these scams.
Scammers often pretend to be calling from an organisation you trust such as Microsoft, Amazon or your broadband provider. They may already have some of your personal details such as your email address.
They may ask you to
download software to allow the caller to 'fix the problem' remotely
visit a link to allow the caller to 'run a test' on your device
visit a 'secure website' to download an upgrade
download an app to your mobile phone to check your broadband speed
How to Avoid
Legitimate companies will not call or text you unexpectedly to tell you about a potential problem on your computer.
If you receive an unexpected call you about a computer problem, hang up and don't provide any information. Never follow instructions from an unsolicited caller or in a text message to download an app or software which would allow them to access your computer remotely.
Contact your bank immediately if you think you may have made a payment to a scammer or if you are worried that a fraudulent transaction has been made from your account.
The Scam
Scammers continue to take advantage of the new requirement for interlinked fire and smoke alarms.
In several areas across Scotland, cold callers have been visiting local residents, claiming to work for the council and asking to enter their properties to check their smoke alarms.
Bogus callers have also been going door to door, claiming to be firefighters and offering quotes to install interlinked alarms that comply with the new legislation.
How to Avoid If you get a cold call about the new fire alarms legislation, do not provide any details or agree to purchase any products.
Get at least three quotes from trusted traders before making any decisions. Find installers who have been vetted and approved by local Trading Standards officers at www.approvedtrader.scot
You may get a leaflet through the door from a company selling fire alarms that implies they have been endorsed by the Scottish Government. Neither the Scottish Government nor Scottish Ministers have endorsed any particular suppliers, products or services.
The best way to avoid scams related to the new legislation is to use trusted sources of information:
App - short for 'application', refers to a software program for computers or other devices such as smartphones and tablets.
Malware - malicious software that is designed to damage or gain unauthorised access to a computer or other device.
Phishing - the practice of sending fraudulent emails which often appear to be from well-known organisations or companies and ask the recipient to provide personal information or to visit a particular website.
QR Code - a square barcode that a smartphone camera can scan and read to provide quick access to a website or app.
Ransomware - malware that makes data or systems unusable until the victim makes a payment.
Remote Access - the ability to access a computer or device from another location. Anyone with remote access to a device can access all files stored on it.
Smishing - the same as phishing, but carried out via SMS (text) messages rather than emails.
Software - the set of instructions and programs that tells a computer how to operate.
Virus - a computer program designed to infect and damage legitimate software.
Official Contacts
If you feel threatened or unsafe, contact Police Scotland on 101 or 999 in an emergency.
