For people like teachers, youth group leaders, mentors, local authorities, charities, job centre staff, and parents or carers
Work with a group or a class
Coach an adult
Tools, tips and activities to help your family
Resources for educators
So what is phishing and online fraud? There are a variety of different types out there and they certainly have some strange names. Learning these names is one thing, but understanding when you’re being targeted – and how to avoid being duped – is another. By taking time to learn about how fraudsters work can help you to keep your information and money safe.
Recent figures from Cifas, the UK’s leading fraud prevention service revealed that 2019 saw the highest ever number of cases of fraud, so it’s important to be even more aware.
Let’s explore some of the different types of fraud out there, you can do this by watching our short film below or by scrolling through the definitions below.
The word vishing comes from combining the words ‘voice’ and ‘phishing’ – and as you may have guessed, it’s to do with phone calls.
A person will receive a phone call from a fraudster who's posing as an employee of a reputable company or organisation.
An example of vishing could be that Mohammed was using his laptop when his phone rang. The caller was an ‘IT specialist’ from his home internet provider, and they explained that there was a virus on Mohammed’s laptop, and that he would need to restore the settings with their help. They asked Mohammed to re-open his recently visited internet sites, which included his online banking. Mohammed provided some technical details, which allowed them to gain remote access to his laptop. Mohammed was advised not to use the laptop for 24 hours following the software and protection update. The next day, Mohammed went to take money out of his bank account, but his balance was zero. Mohammed contacted his bank, who confirmed that he had been a victim of fraud.
Email fraud is called ‘phishing’ – whereas ‘smishing’ comes from combining ‘SMS’ (Short Message Service) and ‘phishing’ and is fraud by text message.
Let’s take a text message example otherwise known as smishing, Sophia received a text message from her mobile phone provider to say that her account had been used by someone else to download lots of apps. In order to get a refund, Sophia was told that she needed to click on a link contained in the message. She was then asked to enter her bank details, and the three-digit security code from the back of her debit card into a form online. She was then told that her refund would appear in her account within the next few days.
The following day, when Sophia checked her bank account balance using her mobile banking app, she saw that a large sum of money had been withdrawn from her account. She phoned her bank, who advised that she had been a victim of social engineering.
‘Money mules’ or ‘money transfer agents’ are coerced into having stolen money transferred into their accounts, and are then directed to move the money on, typically sending it overseas.
Fraudsters can open an account themselves using fraudulent ID, or may convince someone who already has a bank account to receive money on their behalf.
An example of a money mule could look something like this - Chris received a direct message (DM) from someone he didn’t know on social media. The fraudster promised Chris a large amount of money if they could use his bank account to move money. Chris was suspicious, but the fraudster said it happens all the time. Chris eventually gave over his bank account details. The next day, a large sum of money was deposited into his account.
Chris was then instructed to go to his bank and withdraw all of the deposited cash – and was told how much he’d get to keep.
What Chris was actually doing is laundering money that came from a criminal act. The bank asked lots of questions, which exposed Chris as a money mule and also highlighted that he had acted illegally, even though he was unaware he was breaking the law.
Fraudsters can use fake online adverts to advertise when people are shopping or looking for a holiday. These products or services don’t exist or aren’t theirs to sell. To pay for the goods, they convince you to send a transfer directly to their bank account but the goods never arrive, or are not as advertised.
Lauren was looking to upgrade her mobile phone which gives an example of how shopping fraud could take place.
She found someone online selling a top-of-the-range model she liked for half the store price. When she contacted the individual, they asked Lauren to make an online transfer directly to their bank account before they sent her the phone in the post. When she received the phone, it was a much older and more basic model than advertised. When she tried to get in touch with the seller for a refund, her phone calls and emails were rejected. Lauren then realised that it was too late, and she had been duped.
The term social engineering manipulates or tricks people into exposing their personal or financial information through fake emails, phone calls, texts and posts on social media. These can be very complex attacks, some combining various sources of information about you to appear more convincing.
You should never divulge your PINs, PINsentry codes or Activation codes with anyone contacting you, including by phone. The police or any other genuine organisation will never ask you to do this.
Genuine organisations would also never ask you to move money to a different or ‘new’ account, or to withdraw funds.
Which? scams alert service provide examples on the latest scams doing the rounds https://campaigns.which.co.uk/scam-alert-service/?utm_source=barclays&utm_medium=website&utm_campaign=scamalertservice