30/06/22
Welcome to the latest edition of the Scam Share bulletin. Stay Scam Aware and please share any relevant information in this bulletin with friends and family.
Suspicious Text Messages
If you receive a suspicious text message you can forward it to 7726. The free-of-charge ‘7726’ service enables your provider to investigate and take action if malicious content is found.
Recently Reported Scams
Holiday Fraud: Fake Caravan Listing
The Scam
A family from Midlothian recently saw an advert on Facebook offering two weeks in a caravan in the Craig Tara holiday park in Ayrshire for £900. The person advertising the caravan claimed to be the owner and asked for payment via bank transfer.
The family paid the money, but the supposed owner then cut off all contact with them. When they contacted the park, they had no record of the person who posted the advert owning a caravan there.
Similar scams were reported in 2020, when several families paid to rent caravans at the same holiday park, only to discover that the listings were fake and the caravans were not in fact owned by the person posting the advert. One woman paid £250 in cash for a four-night break at the park, only to discover on arrival that the caravan was not owned by the person advertising it. The fraudster had used pictures of a different caravan and did not have any affiliation with the park.
A recent report by Lloyds Bank has shown that scams related to caravan holidays have increased by 108% in the last year.
Scammers may exploit the pressures on the travel industry and increased demand for popular UK destinations this summer by creating fake social media accounts and websites to advertise accommodation that does not exist or that has already been booked.
They may also cold call or send unsolicited emails offering holiday deals, set up scam websites or post fake reviews on popular travel websites.
How to Avoid
Do plenty of research before booking a holiday online. Before booking a holiday you have seen on social media or in an unsolicited email, contact the company via their official website or publicly listed phone number to check that it is legitimately available at the price quoted and for the required dates. Where possible, book directly with the provider or through a reputable agent.
If you are unfamiliar with a company, check that they are a member of a recognised trade association such as ABTA or that they have been recognised by a national tourism organisation such as Visit Scotland.
Avoid clicking on links in unsolicited emails or social media adverts as they could lead to copycat websites that look similar to genuine booking websites, with similar URLs.
Where possible, pay using acredit card rather than via bank transfer – this will offer you more protection if you are a victim of fraud or if something goes wrong. Be suspicious if a provider will only give you the option to pay by cash or bank transfer.
Before making any payments, check the terms and conditions of the booking and the cancellation policy. Make sure you have contact details for the company or provider.
Scammers may also post fake accommodation listings to sites such as Airbnb and often ask for payment via bank transfer or outside the site’s payment system. Be wary if a listing asks you to contact the host outside the website’s mail system.
The Scam
In another scam targeting those who are anxious about rising fuel prices and the cost of living crisis, fraudsters are posting adverts on social media impersonating BP and offering you the chance to receive 200 litres of fuel for just £1.78.
Two different adverts have been reported: the first says that 'BP is leaving Russia and redirecting leftover fuel to the UK'. You are asked to click on a link to complete a survey, which will give you the chance to win a 200 litre fuel card for £1.78.
The other says that BP is running a promotion 'due to the current rise in fuel prices' and asks you to click a button labelled ‘Order Now’ to claim the fuel card.
Links in both adverts lead to a cloned BP website designed to gather your personal details.
How to Avoid
Before taking part in an offer or competition on social media that is supposedly being run by a big brand, look at their official website or social media channels to see if it is genuine.
Read the terms and conditions before taking part in any giveaway – many fraudulent prize draws or offers do not list basic terms and conditions such as deadline dates or details on how winners will receive their prize.
If you receive unsolicited emails or texts offering prizes or deals, do not click on any links or open any attachments and never enter any personal or banking details.
If you receive an unexpected social media message offering prizes or deals, particularly if you don't remember entering a competition, contact the company’s customer services on a verifiable number to check whether it’s genuine.
Don't provide any personal or banking details unless you are sure of the identity of the person/company who is messaging you.
Check the spelling and grammar in the message. Scam offers or giveaways often contain small mistakes and unusual wording.
The Scam
The Disclosure and Barring Service is warning those looking for a job that recruitment scams are rising. Ensure that any role being applied for is legitimate before providing personal information or documents.
Scammers usually ask for personal details that job applicants typically provide to employers, including National Insurance numbers, bank details, birth certificates or passport information.
This information could be used by fraudsters to commit identity theft.
Some scammers also aim to encourage job seekers to pay for fraudulent courses, background checks and other non-existent services.
How to Avoid
Don't include personal information such as your address, date of birth or NI number on your CV or public profiles on a recruitment sites.
Verify that the employer/recruiter you are speaking with is legitimate by contacting them using a phone number or email address listed on their official website or social media accounts. Check official records on websites such as companies house to confirm that the organisation offering you the job actually exists.
The Scam
There have been recent reports from across Scotland of rogue traders going door to door and offering to carry out gardening work.
In one case, a couple agreed to pay £250 to have their garden tidied up. They agreed to pay in advance so that the traders could purchase materials; however, the traders did not return to carry out the work.
How to Avoid
Any unsolicited trader who offers to carry out work on your property must give you their business name and address.
Don't agree to let a cold caller start work straight away - do plenty of research into their company and, if something doesn’t look right, don’t deal with them
Rather than dealing with cold callers, find traders who have been vetted through a national or local authority approved trader scheme at www.trustedtrader.scot.
Sign up for Neighbourhood Watch Scotland Alerts to stay up to date with what is going on in your community: www.neighbourhoodwatchscotland.co.uk
Find out more
Find traders in Scotland who have been vetted by Trading Standards:www.trustedtrader.scot
The Scam
There are still reports of scam text messages targeting those who use Apple Pay. The messages, similar to the one pictured on the left, say that your account has been suspended.
You are asked to click on a link to update your details - this leads to a legitimate-looking webpage with Apple branding that claims that Apple Pay has been suspended on your device and that you can continue to make contactless purchases once you reactivate your wallet. You are then asked to enter your personal and account details and possibly financial information.
How to Avoid
If you receive an unexpected message about your Apple account, don't click on any links.
If you have clicked on a link, never enter your account information on websites linked from these messages, and never download or open attachments included within them.
Apple advise that, if you receive an email asking you to update your account or payment information, you should only do so via Settings directly on your device or via iTunes or the App Store. You should only update your password via Settings on your device or at appleid.apple.com.
Apple will never ask you to share your Apple ID password or verification codes in order for them to provide support.
The Scottish Business Resilience Centre (SBRC) has launched the Little Book of Big Scams in partnership with Police Scotland and Royal Bank of Scotland. The book explains some of the most common scams in Scotland and provides essential advice to help you avoid them.
Online fraud and scams in Scotland have increased 69% since 2011/12, according to the Recorded Crime in Scotland Survey.
Three of the main targets for scammers are:
Holidays – online scammers are exploiting pressures on the travel industry and may advertise accommodation and other travel services that do not exist.
Ticketing fraud – the return of sports and music events has led to the return of these scams, where criminals offer tickets for sale that do not exist or are fake.
Scam mail – emails or letters advertising amazing deals, offers or competitions, which usually do not exist.
The Scam
People across the country are being targeted by scammers, who are taking advantage of their financial worries during the ongoing cost of living crisis.
We are currently asking people to respond to the Big Scottish Scam Survey to find out about the most commonly experienced scams in Scotland so that we can help consumers recognise and avoid them.
The results of this survey will be used to inform the content of a month-long campaign to be run in September, which will aim to raise awareness of scams linked to the cost of living crisis.
If you have experienced any kind of scam in the past year - via email, text message, phone call, letter, online advert or on the doorstep - we would like to hear about it.
App - short for 'application', refers to a software program for computers or other devices such as smartphones and tablets.
Malware - malicious software that is designed to damage or gain unauthorised access to a computer or other device.
Phishing - the practice of sending fraudulent emails which often appear to be from well-known organisations or companies and ask the recipient to provide personal information or to visit a particular website.
QR Code - a square barcode that a smartphone camera can scan and read to provide quick access to a website or app.
Ransomware - malware that makes data or systems unusable until the victim makes a payment.
Remote Access - the ability to access a computer or device from another location. Anyone with remote access to a device can access all files stored on it.
Smishing - the same as phishing, but carried out via SMS (text) messages rather than emails.
Software - the set of instructions and programs that tells a computer how to operate.
Virus - a computer program designed to infect and damage legitimate software.
Official Contacts
If you feel threatened or unsafe, contact Police Scotland on 101 or 999 in an emergency.
