14/04/22
Welcome to the latest edition of the Scam Share bulletin. Stay Scam Aware and please share any relevant information in this bulletin with friends and family.
Suspicious Text Messages
If you receive a suspicious text message you can forward it to 7726. The free-of-charge ‘7726’ service enables your provider to investigate and take action if malicious content is found.
Recently Reported Scams
Electricity Meter Scams
The Scam
Several energy companies have warned pre-payment consumers to be wary of scammers who are knocking on doors and offering discounted energy prices. They claim that they can top up electricity meters for a cut-price fee.
In some cases, scammers have offered £50 of electricity meter top-up for a cash payment of just £25. However, energy companies can detect when they have not received correct payment for the energy used and will charge the individual for this. This means that those affected will pay twice for their energy - first to a scammer and then to the energy company.
Almost 200,000 people, including customers of EDF Energy, E.On, British Gas, SSE and Scottish Power have been targeted by this scam so far.
How to Avoid
Do not engage with any cold caller who offers to save you money on your energy bills by topping up your meter or who offers a cloned key to top up your energy credit. Electricity companies do not sell electricity top-ups door-to-door.
Report suspicious callers to Police Scotland on 101 or call 999 in an emergency.
The Scam
The National Cyber Security Centre (NCSC) has this week warned about a new scam which impersonates WhatsApp’s voice message feature. The aim of the scam is to spread malicious software.
The attack starts with an email claiming to be a notification from WhatsApp of a new private voice message. The email contains a creation date and clip duration for the supposed message, and a ‘Play’ button.
The ‘Play’ button will take you to a website which then asks you to click a box to ‘confirm you are not a robot’. Once the button has been clicked, software will be installed on your device. This software will allow those behind the scam to view and steal any information stored on the device.
This scam relies on the fact that many people will be waiting to receive a voice message from a friend or family member, so are likely to click on the link.
How to Avoid
Don't click on links in unexpected emails.
Use the official WhatsApp application on your device to read and listen to messages.
The Scam
There have been several recent reports of Scottish consumers who have signed up for 'free' or low-cost trials of products online, only to discover that they have also been signed up for a costly monthly subscription.
In one case, a consumer saw an advert for vitamins on social media. There was no mention of any ongoing costs or subscriptions in the advert and they happily purchased the vitamins. However, they then found that a £50 monthly rolling subscription had automatically started.
No details were given on how to cancel the subscription and no company address or contact details were provided.
Another consumer recently saw an advert for a 'free trial' of vitamin pills. They clicked through to a website where they were asked to enter their billing details to pay a small postage fee. They received the vitamins, but then noticed that almost £200 had been taken from their bank account. They found a phone number for the company, but were told that a refund could not be provided as the item had been shipped and received.
How to Avoid
Check the terms and conditions carefully before purchasing anything or signing up to a 'free trial' online. The website should list a valid return address and contact details – be suspicious if a UK website has a returns address overseas and check that the address is listed with Companies House.
Never provide bank details to a company without doing plenty of research on them - check independent reviews of the seller/store on official websites rather than relying on reviews hosted on the website itself.
Keep a copy of any advertisement (print it or take a screenshot) that you reply to, and to keep a note of the webpage.
Think carefully before providing payment details for a 'free' trial. Check your bank statements regularly for unexpected payments.
The Scam
The Disclosure and Barring Service is warning those looking for temporary jobs to be wary of job scams and employment fraud and to ensure that any role being applied for is legitimate before providing personal information or documents.
Scammers usually ask for personal details that job applicants typically provide to employers, including National Insurance numbers, bank details, birth certificates or passport information.
This information could be used by fraudsters to commit identity theft.
Last autumn, the director of a London-based company that offered jobs via an online recruitment website was given a suspended sentence for his part in a fraud that saw job applicants apply for positions that didn’t exist. Job applicants had been invited for interviews for fake jobs in London, with most of them being offered positions, but having to pay a training fee of between £500 and £1,200 before being accepted.
Some scammers also aim to encourage job seekers to pay for fraudulent courses, background checks and other non-existent services.
How to Avoid
Don't include personal information such as your address, date of birth or NI number on your CV or public profiles on a recruitment sites.
Verify that the employer/recruiter you’re speaking with is legitimate are by contacting them using a phone number or email address listed on their official website or social media accounts.
This week Take Five to Stop Fraud are running a new campaign, The Art of Impersonation, which focuses on raising awareness of impersonation scams.
UK Finance figures show the number of impersonation scam cases more than doubled in the first half of last year to 33,115, and resulted in criminals stealing £129.4 million.
Impersonation scams involve criminals posing as trusted organisations such as a bank, the police, a delivery or utility company or a Government department such as HMRC. They may even impersonate friends and family, or a love interest.
They spend hours researching people for their scams, hoping they'll let their guard down for just a moment.
How to Avoid
If you receive a message from someone asking for your information or money, always remember to Stop, Challenge, Protect.
Ask yourself if the request could be a scam?
Verify the request directly on a known phone number or in person first. It may feel awkward checking with friends or family but they’ll be grateful that you are helping to protect them and yourself.
It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Your bank or the police will never ask you to transfer money to a safe account or contact you to ask for your full PINs, passwords or passcodes.
Contact your bank immediately if you think you may have made a payment to a scammer or if you are worried that a fraudulent transaction has been made from your account.
The Office for Product Safety and Standards (OPSS) has launched a new product safety alerts, reports and recalls site to help consumers and businesses identify unsafe products available on the UK market, as identified by OPSS or another market surveillance authority: www.gov.uk/guidance/product-recalls-and-alerts
You can search the list to check that products you own are safe and to subscribe to email updates for new products added. The three types of alert added to the list are:
Product recalls – for specific products that have been sold in the UK and may require you to act to receive a free replacement, repair or refund from the manufacturer or a retailer.
Product safety reports – for specific products found in the UK where corrective measures other than a recall have either been ordered by an authority or are being undertaken voluntarily by a business.
Product safety alerts – to highlight product categories or sectors in the UK with risks of serious injury or fatality and where immediate steps are requested by OPSS from businesses, authorities and possibly consumers.
Recent product recalls include pushchairs, electric bikes, candles and toy robots.
App - short for 'application', refers to a software program for computers or other devices such as smartphones and tablets.
Malware - malicious software that is designed to damage or gain unauthorised access to a computer or other device.
Phishing - the practice of sending fraudulent emails which often appear to be from well-known organisations or companies and ask the recipient to provide personal information or to visit a particular website.
QR Code - a square barcode that a smartphone camera can scan and read to provide quick access to a website or app.
Ransomware - malware that makes data or systems unusable until the victim makes a payment.
Remote Access - the ability to access a computer or device from another location. Anyone with remote access to a device can access all files stored on it.
Smishing - the same as phishing, but carried out via SMS (text) messages rather than emails.
Software - the set of instructions and programs that tells a computer how to operate.
Virus - a computer program designed to infect and damage legitimate software.
Official Contacts
If you feel threatened or unsafe, contact Police Scotland on 101 or 999 in an emergency.
