The best way to protect yourself and your loved ones against scammers is to arm yourself with knowledge. In the examples below, we cover the most common scams, so you know what to watch out for, but as a general rule:
- Never share your financial and personal information unless you are sure that the person you are dealing with is legitimate. Never respond to a request for this type of information in response to a call or email that you weren’t expecting.
- Never rush a payment. A genuine organisation won't mind waiting.
- Never divert a payment or move your savings. There is never a reason for a bank, financial institution or government department to ask you to move money.
Phishing
Example:
You receive an email claiming to be from a trusted friend or authority. You are asked to provide your passwords or personal information such as your address, telephone number, or other data.
What you should do:
- Never provide sensitive personal information online, especially in response to an email you weren’t expecting.
- Delete the email immediately. If you received it on your work email, inform your IT department.
- Perform these simple checks:
- Check the email greeting. Phishing emails can start with generic phrases like: 'Dear Friend’, or your email account name, like 'Dear abc123@hotmail.co.uk’.
- Check the sender address. Cyber-criminals often change the display name to make it look more like the company or organisation they are pretending to be. A scam email will have a strange email address behind what looks like a genuine display name e.g. "Your Friend@ramadan.co.uk". Right-click on or hover your cursor over the sender’s name to see the email address behind it.
- Check links in the email. Right-click on or hover your cursor over any links in the body of the email. If the link address doesn't look like an official site address or is different from the text description, don’t click on it.
- Call Action Fraud on 0300 123 2040 or use their online portal to report any concerns. https://www.actionfraud.police.uk/
Vishing (or Voice Phishing)
Example:
You receive a call claiming to be from a trusted friend or authority. You are asked to provide information such as bank account details, card details, three-digit security numbers, PINs, online banking username and passwords or telephone banking security passwords. You may receive several calls so that the cybercriminal can gather all the information they need (different calls asking for different numbers in your PIN, for example).
What you should do:
- Never provide sensitive personal information over the phone, especially in response to a call you weren’t expecting.
- Hang up. A genuine caller will call back, or
- Ask for the name and the company name of the person you are talking to, then ring back via the number from the website (do not use a number they provide) and ask for that person.
- Call Action Fraud on 0300 123 2040 or use their online portal to report any concerns. https://www.actionfraud.police.uk/
Smishing (or SMS Phishing)
Example:
You are sent a text message with a link asking you to click a link or call a number. It is a trick to get you to provide your personal details or download malicious software to your mobile device via a text message.
What you should do:
- Never open a text message that you weren’t expecting.
- Never click on a link or call a number before verifying the sender.
- Delete the text message if you’re suspicious or confirm it is not from a valid sender.
- If you received the suspicious email on a work phone, inform your IT department straight away.
- If you received it on your personal phone, mark it as spam and/or call your provider.
- Call Action Fraud on 0300 123 2040 or use their online portal to report any concerns. https://www.actionfraud.police.uk/
Malware (or malicious software)
Example:
You clicked on a link in a spam email you received, and now pop-up screens you don’t recognise keep appearing, sometimes asking you to make payments. You may even find you are limited from accessing your system.
What you should do:
- Never click on links in spam email or on pop up screens and be careful when downloading free software.
- Ensure your security protection is up to date – prevention is always better than cure.
- If a work computer has been infected, inform your IT department straight away.
- If your personal laptop or device has been infected, there are free tools available to help you. Here are some free tools available as suggested by a reputable technology publication, although please note these are not specifically endorsed or recommended by Al Rayan Bank.
- Call Action Fraud on 0300 123 2040 or use their online portal to report any concerns. https://www.actionfraud.police.uk/
Online shopping scam
Typical example:
You are buying gifts from a retailer who sent you pictures and links to a website, which seemed genuine. However, now the seller wants you to send money directly to their bank account and not via a secure payment method, such as PayPal.
What you should do:
- Never follow a link in an unexpected email and always check the spellings in the URL.
- Always research an online seller and insist on a secure payment method – reputable sellers will want you to do this.
- If paying by card, look out for a small padlock symbol in the address bar (or elsewhere in your browser window) and a web address beginning with https://
- If you’re buying a high value item, such as a vehicle of piece of jewellery, insist on seeing the item in person – even if this means waiting until after the current restrictions are lifted.
- Call Action Fraud on 0300 123 2040 or use their online portal to report any concerns. https://www.actionfraud.police.uk/