Dear DEREK
There are various banking scams at the moment, such as from HSBC and Santander. 'Which' magazine has advised that the fake HSBC text directs customers to call a fraudulent helpline - hoping to trick HSBC customers into giving away sensitive details. These texts display ‘PASSCODE’ as the sender and attempt to capitalise on security checks known as ‘strong customer authentication’ (SCA). An example of this text reads: ‘HSBC: Your OTP is 429384 for a payment of 850.00 GDP to EXPEDIA – REF: HS9X. If this wasn’t you, call us immediately on 0330 828 1274. If you call the number you will hear an automated recorded message or interactive voice response asking you to input your branch sort code and 15-digit card number or customer identification number before being supposedly put through to an adviser. Don't do it!

The previous Carphone Warehouse scammers have now realised that this name no longer exists and are using Currys/PC World to phone residents. Be wary of any unexpected calls saying that they are from Currys/PC World.

I am attaching a document which gives good advice on how to protect yourself when purchasing products online, especially leading up to Christmas. Also the Parcel Delivery scams will no doubt increase.

Regards
David

PS Thanks to our colleagues in Berkshire for the above detaills


Attachments
Neighbourhood Watch Flyer 2.0 (2) FINAL.pdf - 74.3 KB
Message Sent By
David Alder (NWN, Area Representative, Thames Valley, South Buckinghamshire (East))

************************************************

The text from the Neighbourhood Watch Flyer 2.0 (mentioned above) is reproduced below:

Computer and mobile device users can be at risk of being hacked, scammed, and phished, but when the Christmas holidays arrive, which means more time spent online shopping and browsing, crooks really have an opportunity to cause some mischief.

They’re hacking consumers using sophisticated phishing attacks that attempt to trick people into giving up their personal information, including bank account details or credit card data.

Follow these tips to help protect yourself during the holiday season.

Watch out for deals that are too good to be true

Black Friday deals have convinced the world that insane discounts are to be expected leading up to Christmas or in the sales.

Amazing discounts and promotions – delivered via email, text message, or an opportune pop-up window on the Web – may lead you to bogus ecommerce sites strictly designed to separate you from your credit card number. Order the merchandise promised, and it may never come – but you’ll be charged for it (and more) just the same.

Be extra vigilant when shopping for Christmas. Some deals sound too good to be true because they are. They could be outright scams.

Computer and mobile device users can be at risk of being hacked, scammed, and phished, but when the Christmas holidays arrive, which means more time spent online shopping and browsing, crooks really have an opportunity to cause some mischief.

They’re hacking consumers using sophisticated phishing attacks that attempt to trick people into giving up their personal information, including bank account details or credit card data.

Follow these tips to help protect yourself during the holiday season.

Watch out for deals that are too good to be true

Black Friday deals have convinced the world that insane discounts are to be expected leading up to Christmas or in the sales.

Amazing discounts and promotions – delivered via email, text message, or an opportune pop-up window on the Web – may lead you to bogus ecommerce sites strictly designed to separate you from your credit card number. Order the merchandise promised, and it may never come – but you’ll be charged for it (and more) just the same.

Be extra vigilant when shopping for Christmas. Some deals sound too good to be true because they are. They could be outright scams.

Double-check website domain names

Phishing is most effective when a scammer is pretending to be a brand you know and trust. A high-quality but phony store hawking well-known or high­demand products is likely to look almost identical to the real thing – so be vigilant in looking for signs that reveal its true colours.

For example, inspect logos, email address headers, and the text and content of messages before clicking anything.

Make sure merchant websites are secure

In recent years, websites have been moving from HTTP to HTTPS, a communication system that encrypts all traffic between users and the websites they visit, which can dramatically improve security against certain types of attacks.

It’s easy to tell whether a website is not secured with HTTPS. All major web browsers indicate this with an icon to the left of the site’s URL. The icon is a lowercase “i” with a circle around it on Microsoft Edge and Firefox; Google Chrome also notes “Not secure” on insecure sites.

HTTPS (with S on the end) is a secure protocol because it includes encryption and authentication, which keeps the information shared between your computer and the website private.

HTTPS might not be as important if you’re visiting your neighbour’s blog, but it is if you’re on a site where you plan to buy something, where you need to provide your payment card credentials, your address, and log in with your username and password.

Instead of, or next to, the lowercase “i” icon on every browser, look for a locked padlock icon on retail sites that shows they are using the most current security mechanisms, indicating that your shopping sessions are encrypted and secure.

Remember to be patient

When you’re in a rush to complete your shopping as quickly as possible, it is natural that you might miss something. Take a breath and slow down. Cyberthieves often prey upon people’s poor cyber habits or attempt to trick you with phishing messages designed to make you panic – such as warnings about a delayed package or a credit card purchase that didn’t go through. Just as a big discount might be too good to be true, an urgent warning might be too dramatic to be taken at face value.

Beware, this is a scam; there is no such event. If you have paid by credit or debit card, contact your bank.

http://bit.ly/3gqKs9Q

Just had a call to 'Dear Customer', from the Fraud Department of Visa, to say that a payment had just been made for £900 to an online shopping account and to press 1 if it wasn't me. I'm assuming it is a scam and just cut off.

I've 'who called my number' and number has not been mentioned before. The number was 02083125755

I have had an email that says it is a whatsapp voice message and click on to listen, I have nothing to do with whatsapp.
Is this a scam and something I should not click on ?

An email asking me to click the link to see the possible buyers.

I'm not actually selling my home!

https://bit.ly/3Wl7Wxh

https://www.scooploop.com/thread/scam-warning-f4967

https://www.scooploop.com/thread/scam-text-on-applying-for-energy-rebate

The magical money-saving boxes and other products that you see advertised may contain TrustPilot reviews and Facebook-like posts recommending the product. These reviews and posts can be fictitious, also the site advertising them may benefit financially from your purchase/interest.

The following is from the Top Gadget Trending website:

'MARKETING DISCLOSURE: This website is a market place. As such you should know that the owner has a monetary connection to the product and services advertised on the site. The owner receives payment whenever a qualified lead is referred but that is the extent of it.

ADVERTISING DISCLOSURE: This website and the products & services referred to on the site are advertising marketplaces. This website is an advertisement and not a news publication. Any photographs of persons used on this site are models. The owner of this site and of the products and services referred to on this site only provides a service where consumers can obtain and compare.'

Remember, the only thing magical about these devices, is that they get people to part with their money.

When you visit a selling website, you may see a pop-up box in the bottom left-hand corner of the screen which displays a recent purchaser of the product. This is fictitious, and is produced by the programming behind the webpage. To see the program that displays any webpage, right-click on the page, and select 'view page source'. If you do this for the WiFi Blast (magic box!) website, when the programming appears, go down to line number 743 shown on the left. This is the start of the imaginary purchasers. First list is forenames, then the surname initial, and then the location.
The program then selects combinations of the forenames, initials and locations.


https://bit.ly/3d1JD5H

When you connect to a website, not only does it know where you are (or where you are pretending to be!), it also knows what your computer operating system is (Windows etc.), and the web browser you are using.
Below is a website that offers to revive your PC. Due to an error in their programming, it may show that you are in Germany, but if you are in another country, it will show that. I changed my location to Singapore, and you can see the result in the attached image.
The date at the top of the page will always be the current date, and of course, the offer's availability is limited: 'Updated September 2022: Whilst it’s unknown how long this free offer will remain available, we anticipate it to expire soon so we strongly encourage all of our readers to claim their copy today to avoid disappointment.' This date will also change whenever it is viewed.

Should you click any of the links, you may find that they are no longer available.

Are you shocked!?



https://bit.ly/3f5zrcP

Now the cold weather is here, adverts are appearing for cost-saving magical heating devices. Sellers of all these wonderful devices all use the same selling techniques; ignore all such devices.
https://bit.ly/3dlJSZk

https://www.which.co.uk/news/article/notorious-hi-mum-and-dad-scam-spreads-from-whatsapp-to-text-message-an7N34c0gVbP?utm_medium=email&utm_source=engagingnetworks&utm_campaign=scam_alert&utm_content=Scam+Alert+150922.

https://www.which.co.uk/consumer-rights/advice/premium-rate-number-scams-ay3uY7c0jtju?utm_medium=email&utm_source=engagingnetworks&utm_campaign=scam_alert&utm_content=Scam+Alert+010922+C

This scam is extremely rare at the moment due to the cost. They typically target wealthy people.

The scam is the start of an attempt to infect your computer. An official looking package contains a USB keydrive with the office logo, and a product key to install Office professional plus. Plugging this in will result in a message being displayed to inform you that your computer has been infected, and to call the support line for help.

When surfing the web, you will see adverts for wondrous devices that will do things that your energy supplier/ internet provider does not want you to know about! One that you may know about, is the magical plug-in box that will save up to 95% of your electricity bill! This one will speed up your Internet (Internet suppliers don't want you buying one!). Attached is the advert for this product. Here is the sales pitch website: https://bit.ly/3B8KtFE
Here is an extract:
“You didn’t get this from me, man,” he said. “It’s a WiFiBlast. It reconnects the split channels from your router and blasts it across the house. Trust me, man, you’re not gonna have any troubles with speed anymore.”
Nearly speechless because of this internet angel, I thanked Barry for his amazing gift. He only had one thing to say:
“Thanks for the beer, man.”

This leads you to the website where you can purchase the device: 'Stock is extremely limited: Sell Out Risk: HIGH', and you can get up to 50% off! Wonder of wonders, a window with a countdown pops (see attached image) up offering you, as one of 5 lucky people this week, even more money off!

The website selling the product has the usual box popping up bottom left of the screen, telling you who has just bought one, and where they live: https://bit.ly/3d1JD5H

Whenever you see something like this, just google the product, including scam in the search.

From my bank:
'A sim-swap scam happens when a criminal obtains enough information to pose as you (Facebook!) and uses it to trick your mobile network provider into transferring your phone number to a sim card in their possession.

Gaining control of your mobile number allows a fraudster to receive all calls and texts intended for you – including the one-time security passcodes for online banking. It also allows them to intervene if we try to contact you to warn you about suspicious activity on your account.

If you ever notice anything unusual such as sudden changes in service or unusual messages from your provider, call them immediately using a trusted number from their website to check there is nothing untoward happening. The quicker you react, the quicker you can stop them in their tracks!'

https://www.which.co.uk/news/article/scam-alert-watch-out-for-this-fake-emirates-holiday-whatsapp-giveaway-azQJq5t3HdU9?utm_medium=email&utm_source=engagingnetworks&utm_campaign=scam_alert&utm_content=Scam+Alert+110822+B

https://www.which.co.uk/news/article/beware-the-cheap-car-insurance-thats-too-good-to-be-true-az5lP4w5Yqrl?utm_medium=email&utm_source=engagingnetworks&utm_campaign=scam_alert&utm_content=Scam+alert+020722+A

https://www.which.co.uk/news/article/watch-out-for-this-new-revolut-text-scam-aMOPV9m1xlpH?utm_medium=email&utm_source=engagingnetworks&utm_campaign=scam_alert&utm_content=Scam+Alert+040822+B

Scammers are buying people's Facebook data for as little as 16p. The BBC recently bought the data of 1000 people. The data is used to commit identity theft. Never put any personal information on Facebook, such as names, email and home address, or your date of birth. Also, don't post your holiday photos while you are on holiday; you might just as well hang up 'Burgle me' on your house.

https://bit.ly/3vl7QK9

Just had an email from something called info@hybridfabric.net
saying my email address has been reported several times as a trojan virus spreader.
Then it says to get Norton antivirus.

https://www.which.co.uk/news/article/watch-out-for-these-latest-paypal-email-scams-a2N390y0TXXH?utm_medium=email&utm_source=engagingnetworks&utm_campaign=scam_alert&utm_content=Scam+alert+140722+B

Just had a call from a guy with a very strong accent asking me about my arthritis. He said I'd spoken to him about it last year and he was wondering how it was.

Total scam. I don't have arthritis (yet).

https://bit.ly/3zgwiia

https://www.scooploop.com/thread/has-anyone-else-received-this

Avoiding scam calls, texts, and emails. You will find lots of information in this loop. Here are the basics:

Landline telephone scams can be avoided by screening calls if you have an answering machine, or getting a call blocker telephone. By call screening, I have not had one scam call for many years. A withheld number caller has never left a message!

Due to scammers using telephone number creating software, they can display any number they wish on your phone.

Never click a link in a text message unless you are sure who it is from and why you would have it sent to you. If in doubt, check by contacting the sender directly.

Emails: Check the sender's address and do not click any links unless you are expecting the email to verify the opening of a new on line service/account for example.

https://www.which.co.uk/news/article/7-energy-scams-to-watch-out-for-a7hWE2O98VCm

Saw this on another site

https://www.scooploop.com/thread/which-fake-email-bt

Action Fraud has received 752 reports in four days relating to fake emails purporting to be from Ofgem. The emails state that the recipient is eligible for a rebate as a result of a newly announced government scheme. The links in the emails lead to genuine-looking websites that are designed to steal your personal and financial information.

Please view our tweet to see a screenshot of the fake emails reported to Action Fraud: https://twitter.com/CyberProtectUK/status/1527657160586444800?s=20&t=RdAiopW83gUlsAymvjnu5g

• Remember, your bank, or any other official organisation, won’t ask you to share personal information over email or text. If you need to check that it’s a genuine message, contact the company using details from their official website or app.
• Spotted a suspicious email? Forward it to the Suspicious Email Reporting Service (SERS) - report@phishing.gov.uk

For more information on how to stay secure online, please visit: www.cyberaware.gov.uk

Message Sent By
Action Fraud
(Action Fraud, Administrator, National)

This is a familiar fraud that has been going on for years. The victims are older people who may not be aware of it.

****************************************************************************

Protect your loved ones from callous fraudsters after Hampshire and Isle of Wight residents lose more than £786,000 to courier fraud

Hampshire Constabulary is urging family members and friends of vulnerable people to be on their guard to help protect their loved ones from courier fraudsters.
Typically, courier fraudsters target their victims by claiming to be a police officer or a member of staff from a victim’s bank and they often pressure people into making quick financial decisions to assist with fictitious investigations.
In 2021 alone, 110 people in Hampshire and the Isle of Wight were victims of courier fraud, with losses totalling £786,963.
Across the whole of the UK, 3,625 people were victims of courier fraud, with people losing more than £15.2million through scams.
Hampshire Constabulary is now supporting a new campaign launched by the City of London Police to help tackle courier fraud.
To help raise awareness, the City of London Police has released a new list of tactics used by the fraudsters.
An analysis of data from the National Fraud Intelligence Bureau (NFIB) has highlighted four modus operandi (MOs) which are now more commonly being used by fraudsters.
Four common MOs used by courier fraudsters:
1) Bank card expiry: Fraudsters claim to be from the victim’s bank and say their card is no longer valid. They ask for the pin number and then send a “courier” to collect the card before using it for fraudulent purposes.
2) Purchasing high-end items: The suspects pretend to be police officers and ask the victim to help with an undercover operation by purchasing expensive items like watches, jewellery and gold. Once the item is bought, the victim will hand over the item to the criminal.
3) Counterfeit cash/bank investigation: A person claiming to be a police or banking official informs the victim that they need to help with a banking corruption investigation. The victim is told to withdraw a large amount of money and the cash is picked up later by a courier to “check for fingerprints or to identify counterfeit bank notes”.
4) Computer takeover: The fraudster telephones the victim, purporting to be from their internet service provider, saying that they have had an issue with their internet connectivity and they are due compensation. The victim is persuaded to download a remote access application, giving the suspects access to their home computers. The fraudster persuades the victims into thinking that they have been paid too much compensation and the victims then withdraw cash to pay the money back, which is later collected by a courier.
Detective Inspector Mark Carter, from Hampshire Constabulary’s Serious & Organised Crime Unit, said: “These fraudsters are heartless individuals who prey on some of the most vulnerable people living in our area.
“We know that victims of courier fraud are typically aged between 70 and 89, with women more likely to be targeted than men.
“I would like to urge everyone who has an elderly relative, friend or cares for someone in that age bracket to make them aware of this type of fraud.
“We want people to know the tactics used by fraudsters and to be aware of the warning signs to look out for.
“These incidents can often have a huge impact on victims as they come to terms with the fact they have fallen for a scam, and the financial losses that come with it.
“We want to ensure that people do not become repeat victims, so we want to educate them and their loved ones to ensure that fraudsters can no longer take advantage of Hampshire and Isle of Wight residents.
“Our officers are determined to bring an end to offences of this nature and will take appropriate steps to identify and prosecute the individuals responsible.”
Signs of courier fraud:
• Courier fraud usually starts with an unsolicited telephone call to the victim.
• Typically, the suspect will pose as a bank official, police officer or a computer or utility engineer.
• Courier fraudsters will usually request victims to purchase high-value items such as a Rolex watch and gold bullion, withdraw cash or provide a bank card for collection from a courier.
• Fraudsters will instruct victims not tell any family or friends about what they are doing.
• When carrying out courier fraud, criminals will request that the victim hangs up the phone to ring their bank for confirmation while keeping the line open. The suspect then purports to be bank official and provides false confirmation.
• Fraudsters will also make arrangements for a courier to meet the victim to collect the item they have purchased.
Anyone who receives an unexpected call from someone claiming to be one of these officials should verify they are speaking to someone genuine: hang up, wait five minutes and call back on a number they know is genuine.

Message Sent By
Abe Hawken
(Police, Corporate Communications Officer, Hampshire and Isle of Wight)

https://conversation.which.co.uk/scams/fake-supermarket-facebook-posts-morrisons-iceland/?utm_medium=email&utm_source=engagingnetworks&utm_campaign=Scamalert230422&utm_content=Scam+alert+230422

Had an email this morning supposed to be from Argos to claim my £500 reward
It had a customer number that was nothing like mine - I cannot see who the sender was.

https://conversation.which.co.uk/scams/fake-david-lloyd-puregym-phishing-emails/?utm_medium=email&utm_source=engagingnetworks&utm_campaign=ScamAlert080422&utm_content=Scam+alert+080422

https://bit.ly/3vmxf5m

https://www.which.co.uk/news/2022/04/nhs-covid-test-scam-exposed/?utm_medium=email&utm_source=engagingnetworks&utm_campaign=ScamAlert080422&utm_content=Scam+alert+080422

https://conversation.which.co.uk/scams/fake-david-lloyd-puregym-phishing-emails/?utm_medium=email&utm_source=engagingnetworks&utm_campaign=ScamAlert080422&utm_content=Scam+alert+080422

Experienced Voices
Dear

We would like to offer you an exclusive invitation to join our new feedback panel, Experienced Voices. As we value what you have to tell us, we have built Experienced Voices as a place to share your thoughts, ideas and opinions. Your experienced voices really do matter to us!

It’s really easy and there are lots of chances to win up to £50

Shoppers targeted with a fake Tesco refund email

An email claiming that you’re due compensation from Tesco ‘because of a system error’ has been confirmed as a fake. Unlike other phishing attempts this message didn’t have any branding and used random employee names to try to appear real.
http://ca.engagingnetworks.app/page/email/click/2249/5833683?email=qCh0IA0DML5UPnDQwiVPNkaF%2BegVuZ9O&campid=HKJj4Ivhe529awglrPTZ7Q==

Fake Cadbury ‘Easter Chocolate Basket’ message

A fake message posing as Cadbury is spreading quickly on WhatsApp. It's inviting people to grab a ‘Cadbury FREE Easter Chocolate Basket’ by clicking through to a site that has nothing to do with Cadbury.
http://ca.engagingnetworks.app/page/email/click/2249/5833681?email=qCh0IA0DML5UPnDQwiVPNkaF%2BegVuZ9O&campid=HKJj4Ivhe529awglrPTZ7Q==

Interesting, truth is stranger than fiction story on BBC Sounds, about how a fraudster, Russel King (Lord Voldemort), used a football club in a con that stretched around the world. Cast includes Sven-Göran Eriksson and Sol Campbell: https://bbc.in/3pIK6N2

https://bit.ly/3LKUiOJ

https://bit.ly/3BhZcxU

https://www.which.co.uk/news/2022/02/eon-email-scam-exposed-how-a-scammer-tried-to-steal-1000/

https://www.insurancechat.co.za/.../what-is-the-lebanese.../

https://www.which.co.uk/consumer-rights/advice/how-to-spot-a-fake-fraudulent-or-scam-website-aUBir8j8C3kZ

The two money saving plug scam posts, were prompted by this post in Anything:

https://bit.ly/3oiDDYr

If you use 1 unit of electricity, you will be charged for 1 unit of electricty. If you can produce a device that does otherwise, you will be a millionaire in no time, and the whole world would be using them.

The Motex website was created 71 days ago, and information is witheld by a Privacy Service. The TechTrends website which reviews (advertises) the product gives false information:

They are using the name of the famous (not to everyone) scientist to impress, and quote ridiculous amounts that can be saved: 'It is no secret that the price of electricity is steadily increasing each year, but thanks to this new Nikola-Tesla-inspired technology, consumers can save hundreds to thousands of pounds every year on their electric bills.' The device contains a capacitor, a few resistors, an LED and a fuse - all it does is light the LED!

The website does not change its text to agree with the location of the reader: there is no Public Utility Commission in the UK: 'It's very apparent that we as Brits have an energy crisis - a lack of energy from lawmakers and the Public Utility Commission about fixing the crooked business of selling overpriced electricity to consumers.'

The reviews are ficticious, and all the photos are 'models' The site is connected financially to the seller of Motex. Here is a statement from the end of their website:

THIS IS AN ADVERTISEMENT AND NOT AN ACTUAL NEWS ARTICLE, BLOG, OR CONSUMER PROTECTION UPDATE

MARKETING DISCLOSURE: THIS WEBSITE IS A MARKET PLACE. AS SUCH YOU SHOULD KNOW THAT THE OWNER HAS A MONETARY CONNECTION TO THE PRODUCT AND SERVICES ADVERTISED ON THE SITE. THE OWNER RECEIVES PAYMENT WHENEVER A QUALIFIED LEAD IS REFERRED BUT THAT IS THE EXTENT OF IT.

ADVERTISING DISCLOSURE: THIS WEBSITE AND THE PRODUCTS & SERVICES REFERRED TO ON THE SITE ARE ADVERTISING MARKETPLACES. THIS WEBSITE IS AN ADVERTISEMENT AND NOT A NEWS PUBLICATION. ANY PHOTOGRAPHS OF PERSONS USED ON THIS SITE ARE MODELS. THE OWNER OF THIS SITE AND OF THE PRODUCTS AND SERVICES REFERRED TO ON THIS SITE ONLY PROVIDES A SERVICE WHERE CONSUMERS CAN OBTAIN AND COMPARE.

Here is a jolly video explaining the scams. The video shows the same people in the Motex device:
https://bit.ly/3Hk47Ao