Coronavirus-related scamsFake webpages, emails and text messages
They might relate to vaccines, immunity tests, mortgage payments, payment holidays or tax rebates. Fraudsters may even ask you to move your money to a ‘safe account’, giving them access to your money.
They also include fake government web pages and text messages – some encourage you to input banking or security and personal details in order to access payments and tax refunds.
We've also seen fake emails from the World Health Organisation claiming that an attached document shows how you can prevent the spread of the disease. Clicking on the attachment infects computers with malicious key-logging software, which records every keystroke and allows the attackers to monitor your every move online.
It’s important not to let criminals rush or panic you into making a decision that you’d later wish you’d thought about for a bit longer. Taking a moment to stop and think before parting with your money or information, could keep you safe.
For more specific coronavirus-related scams information visit Take Five to Stop Fraud’s Covid-19 frauds and scams.
How you can stop fraud by taking fiveTake Five to Stop Fraud
Criminals are experts at impersonating people, organisations and the police. They spend hours researching you for their scams, hoping you’ll let your guard down for just a moment.
Stop: taking a moment to stop and think before parting with your money or information could keep you safe.
Challenge: could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Protect: contact us immediately if you think you’ve fallen for a scam and report it to Action Fraud. Call us on 0800 121 8899. If you're calling from abroad: +4427 7655 5255
Find out more on the Take Five to Stop Fraud website.
Fake websites and online scamsAbout fake websites and online scams
Closely check the website address of any site you're visiting. Watch out for small clues like a spelling mistake in the web address. Check the security certificate. On the login page of a website, click on the padlock symbol next to the address in your browser's top bar.
Be wary when buying goods online, especially from a listing site such as eBay. Goods might not arrive or are not what you ordered. Make sure you carefully check the seller’s history and use online payment options such as PayPal that can help protect you, instead of sending money direct.
Suspicious emailsAbout suspicious emails
Look out for emails from people or companies you don’t know or were not expecting. They sometimes have spelling mistakes and are often not personalised to you. Click on the email address of the sender to check if it looks legitimate. Most legitimate companies will include some personal reference, such as part of a postcode or your account number. Be particularly wary if you've been given new payment details to use. And if it looks suspicious and you’re being asked for confidential information, don’t click any links or open attachments.
Links can often take you to a fake webpage asking you to update or confirm your details or security information. Clicking the link might even trigger the download of a virus onto your device and an attachment can do the same.
Remember - we'll never send you an email asking you to enter your details or linking you directly to our online banking.
Don’t acknowledge or reply to the email. Report it by attaching the email, this will give us more information about the fraudster, and sending it to firstname.lastname@example.org and to the NCSC at email@example.com If attaching is not possible, then forwarding is fine.
How you attach an email depends on the programme you use. If you want to double check, you can find some instructions here:
Remote access scamsAbout remote access scams
Someone accesses your computer using software they’ve persuaded you to install.
Be wary of anyone who calls you telling you they need to ‘fix a problem’ with your computer. They might claim to be from your broadband provider for example, and tell you they need to correct an issue with the router. The only way they can do this is by gaining access to your computer.
They might even offer to pay you for doing it, then claim they’ve overpaid you and ask you to log in to your online banking to return the money. Before you know it they have your bank details.
Don’t allow a third party remote access to your computer and never log in to your accounts while you’re on the phone to someone else.
Don’t share your security details with anyone – even if you have a joint account, your login information should be unique.
Never agree to anything hastily – if you’re in any doubt, say you need time to think and end the call.
Online dating and social media scamsAbout online dating and social media scams
This is when you’re tricked to make a payment to a person you’ve never met and with whom you believe to be in a relationship, or you trust. It often takes place through online dating websites, but criminals may also use social media such as Facebook, Instagram or email to make contact.
Once trust is gained, they’ll ask (either subtly or directly) for money, gifts or banking/credit card details. They pretend to need the money for some sort of personal emergency. It could be for a severely ill family member who requires immediate medical attention or financial hardship due to an unfortunate run of bad luck such as a failed business or mugging.
Never send money or your bank details to someone you haven’t met in person.
Be alert to spelling and grammar mistakes, inconsistencies in their stories and other signs such as their camera never working if you want to video-call each other. Don’t rush into an online relationship – get to know the person, not the profile and ask plenty of questions.
Analyse their profile and check the person is genuine by putting their name, profile pictures or any repeatedly used phrases and the term ‘dating scam’ into your search engine. Perform an image search of your admirer to help determine if they really are who they say they are. You can use image search services such as Google or TinEye.
Talk to your friends and family about your dating choices. Be wary of anyone who tells you not to tell others about them.
Stay on the dating site messenger service until you’re confident the person is who they say they are. If you do decide to meet in person, make sure the first meeting is in a public place and let someone else know where you’re going to be.
Wi-fi hotspot fraudAbout wi-fi hotspot fraud
Not all publically available wi-fi hotspots are secure. Criminals could intercept your data, even if you access an app without retyping your password.
Your phone or tablet will still send your password details over wi-fi and this information could be intercepted.
Make sure the wi-fi you connect to is secure. Don’t use public wi-fi for doing anything you wouldn’t want a criminal to see, such as online banking, accessing emails, or anything that requires a username or password.
Use your 3G, 4G or 5G data connection if you’re not sure the wi-fi is secure. Data passed via 3G, 4G and 5G is encrypted.
You can also use a Virtual Private Network (VPN) when connecting to public wi-fi. A VPN will encrypt information you send, they can be downloaded as apps.