28/03/24
Welcome to the latest edition of the Scam Share bulletin.
Stay Scam Aware and please keep sharing any relevant information in this bulletin with friends and family.
Suspicious Text Messages
If you receive a suspicious text message you can forward it to 7726. The free-of-charge ‘7726’ service enables your provider to investigate and take action if malicious content is found.
Recently Reported Scams
Amazon Scams
The Scam
Amazon has recently reported that two thirds of all impersonation scams reported by their customers in 2023 claimed to be related to order or account issues.
The most common scam calls, texts, and emails:
refer to an unauthorised order and ask you to act urgently to confirm or cancel the purchase by providing personal or payment information;
say there has been unauthorised activity on your account and that it will be suspended or locked. They try to convince you to provide personal or payment information or sign-in credentials.
In one recent case a woman was cold called and told that her Amazon account had been hacked and an unknown individual had placed several items in her basket. The caller asked her to download an app which would allow him to access her computer remotely, supposedly so that he could fix the problem.
She agreed and was then told to access her bank account online. At this point, she became suspicious and ended the call. She has since changed her Amazon account details.
How to Avoid
Amazon advise that if you receive a suspicious call, email or text claiming to be from them which asks for personal information, a payment, or offers a refund you don't expect, you should not give out any personal information.
If a message or cold caller tells you that a suspicious payment has been made, log in to your account on the official website or app to check this rather than providing any details over the phone.
Amazon will never cold call you to ask you to make a payment. They will never call and ask you to install an app or download software which will allow them to access to your computer remotely.
If you are not sure if a text message or email that appears to be from Amazon is legitimate, you can check the Message Centre via your account, which displays a log of authentic communications.
Never follow instructions from an unsolicited caller to download an app or software which would allow them to access your computer remotely.
Contact your bank immediately if you think you may have made a payment to a scammer or if you are worried that a fraudulent transaction has been made from your account.
The Scam
There have been hundreds of reports of scam emails which appear to have been sent by providers of antivirus software such as McAfee or Norton.
Some of the messages say that your internet protection is about to end and ask you to click on a link to renew your subscription.
The links in these emails lead to copycat websites with McAfee or Norton branding which ask for your personal and payment details.
Others say that your antivirus subscription is set to be renewed automatically and ask you to contact a 'support team' if you want to cancel the subscription.
You may be asked to phone a number given in the email - this will connect you with a scammer who will ask you to confirm your own contact details and bank account information in order to secure a 'refund'.
Many of the messages warn that if you don't take action urgently your devices will not be protected from cyber attacks - this is a common tactic used by scammers.
How to Avoid Don't click on links in unexpected emails - if you are not sure about the status of your subscription to a particular software or product, log in to your account via the official website/app to check or contact the company using details found on their official website.
You can send suspicious emails to the National Cyber Security Centre at report@phishing.gov.uk.
The Scam
There has been an increase in reports of scammers posing as recruiters and posting non-existent jobs on reputable job sites such as Linkedin and Indeed, using the details of legitimate companies.
One woman responded to an advert for a well-paid job that appeared to have been posted by a legitimate recruitment company. She was asked to send them her passport, supposedly so that they could 'verify' her before offering an interview.
She didn't hear anything for a few weeks, so phoned the recruitment company. They confirmed that they hadn't posted the advert.
In another case, applicants for a job with an insurance company were asked to provide their passport, driving license, bank account and contact details. They were also asked to visit a cryptocurrency exchange platform to 'pass verification checks'.
There have also been reports of scammers impersonating recruiters and sending messages via text, email and WhatsApp with promises of better-paid and more flexible work.
If you respond to these messages, the scammers go on to ask for your personal information and CV. You may also be asked to pay fees for administration and travel, or in some cases for fraudulent courses, background checks and other non-existent services.
How to Avoid Genuine recruiters don't usually send unsolicited job offers via text message or WhatsApp.
Avoid clicking on links in unexpected messages and don't provide your personal details, employment history or bank details unless you have verified that the sender is a genuine recruiter.
Verify that the employer/recruiter you are speaking with is legitimate by contacting them using a phone number or email address listed on their official website or social media accounts. Check official records on websites such as companies house to confirm that the organisation offering you the job actually exists.
Don't include personal information such as your address, date of birth or NI number on your CV or public profiles on a recruitment sites.
Never accept a job without a formal interview. If the interview is carried out remotely, it should be conducted via a recognised video platform where you can see the interviewer and talk in real time.
The Scam
Holidaymakers looking to book Easter and summer getaways are being warned to be wary of scams such as:
fake accommodation listings on social media
cold calls and unsolicited emails offering deals
scam websites
fake reviews on popular travel websites
Demand for popular destinations is likely to be high, particularly during the spring and summer months, and scammers may look to take advantage of this by creating fake social media accounts and websites to advertise accommodation that does not exist or that has already been booked.
How to Avoid
Do plenty of research before booking a holiday online. Before booking a holiday you’ve seen on social media or in an unsolicited email, contact the company via their official website or publicly listed phone number to check that it is legitimately available at the price quoted and for the required dates. Where possible, book directly with the provider or through a reputable agent.
If you are unfamiliar with a company, check that they are a member of a recognised trade association such as ABTA or that they have been recognised by a national tourism organisation such as Visit Scotland.
Avoid clicking on links in unsolicited emails or social media adverts as they could lead to copycat websites which look similar to genuine booking websites, with similar URLs.
Where possible, pay using acredit card rather than via bank transfer – this will offer you more protection if you are a victim of fraud or if something goes wrong. Be suspicious if a provider will only give you the option to pay by cash or bank transfer.
Before making any payments, check the terms and conditions of the booking and the cancellation policy. Make sure you have contact details for the company or provider.
Scammers may also post fake accommodation listings to sites such as Airbnb and often ask for payment via bank transfer or outside the site’s payment system. Be wary if a listing asks you to contact the host outside the website’s mail system.
The Scam
There are regular reports of scams linked to spray foam insulation across Scotland, with a 42% increase in complaints in 2023 compared to 2022.
Rogue traders cold call and offer a 'free' loft survey, then go on to provide misleading information about the safety of householders' existing insulation.
One consumer recently received a cold call from a man who said that his company had to come and check the loft insulation in the house to ensure it was up to standard. He said this work had to be signed off in order to keep the insulation warranty in place, and claimed that they were already doing this at other properties in the area.
Believing that this was some form of official check, the consumer agreed a date and time for someone to visit. However, after researching the company online and discovering they were a business offering spray foam insulation, they then cancelled the appointment.
The original caller phoned again and, despite being told that the consumer wasn’t interested, repeatedly stated that they “had” to come round and check the insulation.
Some consumers who have had spray foam insulation installed are also now being targeted by cold callers who say they are working with the government to do checks on the work carried out. They say they will check for dampness and will make sure the insulation has been installed correctly using the correct materials.
How to Avoid Don't deal with cold callers who offer a 'free' loft inspection - they may try to sell you energy saving or home improvement measures that you don’t actually need and which won’t provide any benefit.
If you are shown pictures of mould in your roof space, or are told about serious defects in your house, get a second opinion before starting any work.
If you are concerned about your existing insulation or any other energy saving measures in your home, seek impartial advice from trusted companies rather than cold callers or online adverts. Have an impartial assessment carried out to determine which energy saving measures will actually benefit your home.
Always take time to think before making a decision - don't agree to make any payments for goods or services on the spot.
Do plenty of research - get at least 3 quotes and check 3 review sites. If you need to call a trader for emergency repair work, find someone who has been vetted through a national or local authority approved trader scheme.
Home Energy Scotland offer free and impartial advice on energy saving measures and information about funding available in your area - call them free on 0808 808 2282 or visit www.homeenergyscotland.org.
You can check that products you own are safe via the Product Safety Alerts, Reports and Recalls site
The site lists unsafe products available on the UK market, as identified by the Office for Product Safety and Standards (OPSS) or another market surveillance authority.
The three types of alert added to the list are:
Product recalls – for specific products that have been sold in the UK and may require you to act to receive a free replacement, repair or refund from the manufacturer or a retailer.
Product safety reports – for specific products found in the UK where corrective measures other than a recall have either been ordered by an authority or are being undertaken voluntarily by a business.
Product safety alerts – to highlight product categories or sectors in the UK with risks of serious injury or fatality and where immediate steps are requested by OPSS from businesses, authorities and possibly consumers.
Recent product recalls include e-bike batteries and chargers, life jackets, LED floodlights and portable heaters.
App - short for 'application', refers to a software program for computers or other devices such as smartphones and tablets.
Malware - malicious software that is designed to damage or gain unauthorised access to a computer or other device.
Phishing - the practice of sending fraudulent emails which often appear to be from well-known organisations or companies and ask the recipient to provide personal information or to visit a particular website.
QR Code - a square barcode that a smartphone camera can scan and read to provide quick access to a website or app.
Ransomware - malware that makes data or systems unusable until the victim makes a payment.
Remote Access - the ability to access a computer or device from another location. Anyone with remote access to a device can access all files stored on it.
Smishing - the same as phishing, but carried out via SMS (text) messages rather than emails.
Software - the set of instructions and programs that tells a computer how to operate.
Virus - a computer program designed to infect and damage legitimate software.
Official Contacts
If you feel threatened or unsafe, contact Police Scotland on 101 or 999 in an emergency.
