Online scams

Phishing

Phishing emails will attempt to trick you, so they can steal your login and / or personal details. They will often ask you to send personal details such as your login ID, password or security question.

How to identify a phishing email:

• Check the actual sender in the ‘from’ field – the sender email address and name may not match.
• Check the ‘to’ field if it’s impersonal, addressing you as customer or user, then this is a warning sign as legitimate companies address by names.
• Does the email include a threat if action isn’t taken straight away? Phishing emails contain threats, such as account closure if you don’t complete an action. 
• Does the email have an attachment you are not expecting? If it is a link hover your mouse over it before sending, as that way you can see if it takes you to a legitimate link.
• Check for spelling and grammar mistakes, phishing emails often have mistakes.

Vishing

Vishing is where fraudsters will try and trick you into giving them personal information over the phone by pretending to be a person or organisation you trust like a building society, HMRC or the police. Fraudsters will try to gain your trust to trick you into handing over personal or security details.

How to identify a vishing call:

• If you have any suspicions about a call, even if you recognise the phone number, remember that fraudsters can make a number appear on your phone screen to make it look genuine, so don’t answer.
• If the caller is claiming to be from the police, HMRC, DWP or any other government agency asking for information, please be wary. You should never be asked to provide bank details or make any payments to them during an initial call.
• If someone asks for your online username or password end the call straight away.

Smishing

Smishing will often involve a text message highlighting fraudulent activity on one of your accounts, directing you to call a number or visit a website. Fraudsters use your trust to trick you into giving them personal information. They’ll usually tell you there’s been fraudulent activity on your account and will ask you to call a number or visit a fake website to update your personal details.

What to look out for:

• Be careful with messages from unknown numbers. Even those that appear legitimate may not be.
• Ignore requests for personal information.
• Don’t reply to suspicious messages.
• Beware of ‘urgent’ requests.
• Avoid hyperlinks.

How to prevent digital scams

If you're in any doubt about the email's legitimacy don’t:

• Click on links.
• Open any attachments.
• Provide any personal or security information.