Information Now

Cyber crime, fraud and scams

Online crime or cyber crime is something that we need to be aware of. Be wary of any request for your personal information or bank detail to protect yourself and your data. If n doubt don’t click any links in texts or emails, even if they look genuine.

Don’t give your passwords or bank details to anyone. If you receive an unexpected phone call you can hang up, look up the public telephone number for the organisation and call them yourself. Read on for more information on current scams and how to spot them and what to do if you’re targeted.

Unfortunately, there is a wide range of fraud and crime that can be undertaken online and on your doorstep which has escalated because of the pandemic, Covid-19.  Read our alphabetical list of scams, fraud and cyber crime. Be wary and be alert.


Scams on your doorstep

Read more on our fraud and scams article.

If someone knocks at your door: if you are not sure – don’t open the door.  If you know and trust your neighbour you can ask a neighbour for help. Or contact CityLife line for help. This is coordinated jointly by the Council with the statutory sector.  This Citylife Line is a safe way to get your essential supplies – food, prescriptions and hygiene products.

You will not be asked to pay for a Covid19 vaccine. Vaccinations may be arranged with your GP or through the GOV.UK website


Cyber Crime

North East Regional Cyber Crime Unit (NERCCU) works to protect our communities from serious and organised crime. Their website has specialist advice and guidance around cyber crime prevention whether you’re a business, organisation or individual. They have free training sessions and online resources. They can help you if you’ve become a victim of online crime. Read more on how to report an online crime here.

There are different types of cyber crimes that are referred to as:

  • Phising scams: where an attacker tries to trick you into clicking a bad link that will download malware, or take you to a fake website. It can take place by email or text message. The attacker is trying to get you to reveal personal or sensitive information, such as passwords, email addresses, bank details. All of which can be used to steal money or sell your personal data on to other criminals.
  • Vishing scams: or ‘voice phishing’ is where a fraudster uses recorded voice messages, phone calls, online messaging or text messages to try to trick you into giving them your financial information like your PIN number, card or bank details and Digipass code. This data could also be used to steal identities or sell your personal data onto other criminals
  • Smishing scams: is a form of phishing but sent via text.  Phone providers allow you to report suspicious text messages for free.  If you forward a text, your provider can investigate the origin of the text and take action, if found to be malicious.

Don’t enter your personal bank account details and don’t click on phishing emails that may embed malware software.

Five to Stop Fraud  Take Five is a national campaign offering straight-forward, impartial advice that helps prevent email, phone-based and online fraud – particularly where criminals impersonate trusted organisations.

Cyber Aware

The NCSC has launched a Cyber Aware campaign to help the public stay secure on the internet.  Read their top tips to tackle and protect you from the growing cyber threats. Included in this is a new suspicious email reporting servicehelping the public to fight back against phishing. To find out more about this new service and for tips on the 6 most essential protective behaviours, visit their website.

If the worst happens and you are a victim of a scam or if you think you have been targeted contact Action Fraud – report Fraud & Internet Crime


Cyber bullying, stalking and harassment

Cyber stalking is online harassment and similar to cyberbullying it can be carried out by email, text message and social media post.

How to report an online crime.

Protecting your image online

Revenge porn helpline supports adult victims of intimate image abuse who live in the UK. They provide advice, guidance and support with helping to remove intimate content which has been non-consensually shared online.

Stop NCII.org is a free tool designed to support victims of Non-Consensual Intimate Image (NCII) abuse

Child


Report phishing and scams

Law enforcement are currently aware of a credential harvesting email phishing campaign. The email indicates the recipient has files to view/download and requests that users login using their credentials to access the files.

At present, these emails are known to have come from compromised law firms, however it is possible that these emails could come from any organisation that has been compromised. The difficulty of spotting these emails is increased due to them coming from a legitimate source or known sender.

Be wary of emails asking you to login to any system to view/download files, consider:

  • Were you expecting this email or has it come expectantly even if it is from a known sender?
  • Has the user ever previously asked you to login to a system to view/download files?
  • Are you able to verify with the sender by phone or in person that the email is genuine?

If you receive a phishing email you are reminded that you should follow your own organisations policies and procedures and that you may be required to notify your IT department. If you do not have an IT department you can forward phishing emails to report@phishing.gov.uk

If you have been a victim of a cyber-attack you are advised to report this to Action Fraud


How to spot an online scam

  1. Check the sender of the email is who they say they are. Read it slowly. Often the email sender may be misspelt slightly to trick you into thinking it’s your bank, email provider, HMRC, internet provider, Microsoft, a company you’ve bought something from like Amazon, Ebay or Apple
  2. Look out for spelling errors or incorrect grammar. A real company is usually very careful with how they write emails.
  3. Does the email or text or phone ask for immediate action? Be very wary if so. You do not need to respond immediately
  4. Hover over any links when using a desktop computer, or press and hold the link on your phone/tablet to see where the link is trying to take you. If it doesn’t match or it’s an unknown address, do not click the link

Scams to be aware of

  • EE Phishing email – do not click on email@moniquemol[.]nl
  • Phishing email asking you to pay for a redirect/delivery of a DPD parcel.
  • phishing email offering Bitcoin investments
  • phishing email claiming to be from A-Z Pharmaceuticals
  • Beware of internet domains impersonating Cleveland Police – if you are contacted by someone claiming to be from Cleveland Police, call them back through the 101 telephone number
  • Easyjet customer details have been compromised – beware of any unsolicited communications from them
  • android banking trojan bankbot – downloaded through downloading a symptom tracking app (but not through Google Play or Apple Store) called Covid Symptom Study or Covid 19.apk.
  • Fake British Gas emails about outstanding payments and threatening further action
  • Fake WordPress emails instructing recipients to do a DNS (Domain Name System) upgrade which is fake.
  • Firefox Cisco Talos has issued a security notice for a vulnerability found in Mozilla Firefox web browsers. Successful exploitation can lead to sensitive information disclosure. Products affected include:  Firefox version 76.0.2 x64 Firefox Nightly version 78.0a1 x64
  • Vaccine – do not follow or click on  suspicious text messages with a link to a booking site which mimics an NHS page, but asks for personal details including bank account numbers.  Your GP will contact you.

Fake charity appeals and crowdfunders
There are many worthy causes to support at this time, but be sure you are sending your money to the right organisation and not a fraudulent account. Check with friends and check the  Charities Commission website.

Visit Prevent Charity Fraud for help and support to keep your charity safe.

Good Samaritans
Be careful what personal information you post on Facebook and Instagram.  Fraudsters trawl online platforms for data like name, address, email, phone number, place of work, health issues, date of birth. They use these details to target or impersonate people to commit fraud.  Use CityLife line.

Gov.uk scams  ignore text messages from the government claiming to be fining you for leaving the house.

Health information scam
Be suspicious of unexpected emails from the NHS and the World Health Organisation claiming to offer help and advice.

HMRC relief scam
Fraudsters are sending texts supposedly from HMRC offering relief money to help those in need.

Investments
Be suspicious of investments that sound too good to be true – even green or ethical investments. Check the company is on the FCA register.

Microsoft

Phishing email uses DocuSign to steal Microsoft credentials.

Microsoft Teams phishing software – this is a fake version of Microsoft Teams intended to harvest your data.

Online offers for vaccinations
Ignore online adverts for vaccinations. Currently there are no vaccines, medicines, creams or other medical products that can treat or cure Covid-19.

Pets

Please don’t buy pets over the internet. Always purchase from a reputable breeder and you should see the animal before you pay.  Most offers at the moment are scams and the pet will not be delivered to you.

Safe video conferencing

Only download software from reputable brands such as Apple or Google Play or from the official website of the provider:
Skype  at  https://web.skype.com/  or https://www.skype.com/en/get-skype/ to download
Zoom at https://us04web.zoom.us/

  • Make sure your password cannot be matched with your other passwords for email and apps.
  • Set up 2 step authentication
  • Make sure you know how a meeting is recorded so you can spot the signs
  • Don’t post on social media – invite by email to keep the meetings private and avoid “bombing” (see below)
  • Keep your software and devices up to date to maximise security

Skype

With the rise in the use of Skype there has been an increase in copies /themed applications that are not Skype. This enables malware to be planted on your computer.  Malware is any software intentionally designed to cause damage to a computer, server or computer network. A  wide variety of types of malware exist, including: computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware.

Look for the padlock and https://web.skype.com/  or https://www.skype.com/en/get-skype/ to download

Tesco fake emails
The email states that the supermarket is offering free vouchers during the coronavirus outbreak. The link in the email leads to a genuine-looking phishing website that is designed to steal login credentials as well as personal and financial information.

Don’t click on the links or attachments in suspicious emails and never respond to messages that ask for your personal or financial details.

TV Licensing

Their emails come from donotreply@tvlicensing.co.uk They will always include your name in their emails.

They will never:

  • email you to tell you that you’re entitled to a refund
  • offer you a discounted TV Licence

On their website they’ll never ask for:

  • your card details to take a missed payment before we’ve first asked you to sign in to identify yourself using your licence number, surname and post code
  • your mother’s maiden name
  • your date of birth (unless you’re 74 or over and applying for a free TV Licence)

Find updated messaging on the TVL website tvl.co.uk/scam

Zoom and streaming bombing

There are numerous many examples of extremists seizing upon the Coronavirus pandemic as a vehicle to spread their hate, incitement and conspiracy theories.  They are “bombing” video meetings.  See video conferencing above.


How to report malicious accounts

To report and block a Facebook profile
  • click on the … on the person’s cover photo and select Find Support or Report Profile
  • then select the option that best describes the account
  • click at the top right of Facebook and choose Settings
  • click Blocking in the left side menu, select the person you want to block and click Block name
To report and block an Instagram profile
  • tap (iOS) or (Android) in the top right of the profile. Tap Report and follow the
    instructions
  • tap (iOS) or (Android) in the top right of the profile. Tap Block/Unblock
To report a Twitter profile and to block a Twitter profile
  • select the overflow icon on the profile you want to report
  • then select Report and select the type of issue you’d like to report
  • click the more icon on their profile page
  • then select Block from the menu. Click Block to confirm
To report and block spam emails on Google/gmail
  • on your computer, go to Gmail.
  • open the message, and click report spam near the top of the page !
  • on your computer, go to Gmail and open the message. In the top right, click More
  • click Block sender

Useful information

The Cyber Helpline support victims of cybercrime and online harm. Chat to their chatbot and get immediate advice on how to deal with your cyber security issue. If you need more help, it will pass you onto one of their volunteer cyber security experts.

Read our article on fraud and scams

Read bogus callers.

Read ways to report crime and community safety issues.

Last updated: January 14, 2022