This page covers details of scams and fraud. The vehicle of much of this crime is via email, so examples of SPAM and Phishing is also included.

Remember, this is NOT a definitive list of scams and fraud. This page only provides an example of what is going on.

Note : Some of the information provided is from ActionFraud Alerts, in the past they have been included on the NEWS pages. From September 2015 they will appear on this page.


(Microsoft, dated 29th November 2018 author Courtney Gregoire)

Full article [Option 1]:

On Nov. 27 and 28, over 100 local India law enforcement officials from Gurgaon and Noida raided 16 call center locations identified as engaged in tech support fraud by Microsoft, resulting in 39 arrests so far. These call center operations fraudulently represented themselves as affiliated with a number of respected companies including Microsoft, Apple, Google, Dell and HP. The New York Times reports that Senior Superintendent of Police Ajay Pal Sharma stated “the scammers had extracted money from thousands of victims, most of whom were American or Canadian.” Microsoft alone has received over 7,000 victim reports associated with these 16 locations from over 15 countries.

Anyone may receive an unwanted phone call or experience a pop-up window on your device with a “warning” that your computer has a problem requiring immediate tech support. These messages are often very convincing and use scare tactics to entice consumers into contacting a fraudulent “tech support” call center. Call center operators typically encourage the victim to provide remote access to their device for “further diagnosis” before charging the victim a fee – typically between $150 – $499 – for unnecessary tech support services. In addition to losing money, victims leave their computer vulnerable to other attacks, such as malware, during a remote access session.

Recent law enforcement successes in India build on a solid track record of global law enforcement taking action to combat the multiple layers of tech support fraud supported by referrals from Microsoft and other industry partners. For example, the U.S. Federal Trade Commission and multiple partners announced 16 separate civil and criminal enforcement actions against tech support fraudsters in May 2017 as part of “Operation Tech Trap.” And, in June 2017, the City of London Police announced the arrest of four individuals engaged in computer software services fraud.

In 2014, Microsoft launched an online “report a scam” portal to enable victims to share their tech support fraud experiences directly with our Digital Crimes Unit team. The reports have been a critical starting point for our international investigations and referrals. Our data analytics and innovation team has added additional tools to proactively hunt and pull data from approximately 150,000 suspicious pop-ups daily targeting millions of people and use machine learning to identify those related to tech support fraud.

People who have experienced tech support scams should know they aren’t alone, but there are steps you can take to identify and help defend yourself against criminals looking to impersonate legitimate companies. According to our recently released 2018 global survey, three out of five consumers have experienced a tech support scam in the previous 12 months.

The best thing you can do to help protect yourself from fraud is to educate yourself. If you receive a notification or call from someone claiming to be from a reputable software company, here are a few key tips to keep in mind:

- Be wary of any unsolicited phone call or pop-up message on your device.

- Microsoft will never proactively reach out to you to provide unsolicited PC or technical support.

- Any communication we have with you must be initiated by you.

- Do not call the phone number in a pop-up window on your device and be cautious about clicking on notifications asking you to scan your computer or download software. Many scammers try to fool you into thinking their notifications are legitimate.

- Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.

- If skeptical, take the person’s information down and immediately report it to your local authorities.

(1st December 2018)

(ZD Net, dated 28th November 2018 author Danny Palmer)

Full article [Option 1]:

Hackers are launching cyber attacks against companies in the pharmaceutical sector more than any other, and campaigns against firms who make drugs have more than doubled in the last year.

The figures come from researchers at security company Proofpoint who have analysed attacks against Fortune Global 500 companies and found that over the course of the last quarter, pharmaceuticals companies were the most targeted, with an average of 71 email fraud attacks per company.

It represents a 149 percent jump in the number of fraudulent business email compromise and phishing attacks against the sector in the same period last year.

Drug companies are a tempting target for cyber criminals because of the intellectual property they hold on new compounds and medicines. If an attacker can get their hands on information about promising research this could be very a very lucrative offering on the black market.

But organisations in all sectors are under attack from email fraudsters, with a large increase in attempted attacks detected across all sectors - up 80-percent compared with the same quarter in 2017 according to the security company.

In many cases attackers are attempting to trick selected employees into letting down their guard and allowing them into the network.

SEE: What is phishing? Everything you need to know to protect yourself from scam emails and more

It's also common for attackers to spoof the email addresses of contacts or high profile individuals in the company in an effort to trick users into giving up data - or transferring large amounts of money. It may sound like a simple form of attack, but the reason the numbers have risen by such a significant amount is because they're proving to be successful. Many of the most high profile and costly attacks in recent years have started with a humble phishing email.

Behind pharmaceuticals, construction firms were the second most attacked during the previous quarter, averaging 61 attacks each. Real estate came third, with those in the sector targeted by an average of 54 attacks during the quarter.

Over the course of the whole year, drug companies are the top target again, with companies in the sector reporting an average of 282 attacks. Real estate is just behind with 277 attacks per company.

Proofpoint suggest a number of ways that organisations can help to protect themselves from attacks, such as training users to spot and report malicious emails and having a back up plan in place in the event of a user falling victim to an attack.

(1st December 2018)

(Washington Examier, daed 28th November 2018 author Diana Stancy Correll)

Full article [Option 1]:

uaware Note : This is another example of how criminals are targeting different groups with the same ploy.

More than 400 U.S. military service members were tricked into believing they possessed child porn and surrendered more than $560,000 in order to avoid charges as part of a plot conducted by South Carolina inmates.

"With nothing more than smart phones and a few keystrokes, South Carolina inmates along with outside accomplices victimized hundreds of people," Daniel Andrews, director of the Computer Crime Investigative Unit of the U.S. Army Criminal Investigation Command, announced on Wednesday.

According to the Naval Criminal Investigative Service, South Carolina inmates established fabricated online female personas on social media forums and online dating website and then singled out 442 service members from the Navy, Army, Air Force, and Marine Corps to extort them for money.

The inmates then pretended to step in as either the father of the female or police officers and claim that the female was a minor after the service members responded to the photos and requested money for the family to prevent them from pressing charges for obtaining child pornography, NCIS said.

Arrest warrants had been executed and summonses served by agents from military criminal investigative organizations for money laundering, extortion, and wire fraud. U.S. District Attorney Sherri Lydon said 15 people were indicted. NCIS told the Washington Examiner five arrests were made and five people were served summonses on Wednesday. More than 250 additional individuals are being investigated and could be prosecuted.

The incident was investigated as part of an investigation called Operation Surprise Party, spearheaded by NCIS since January 2017. The Defense Criminal Investigative Service, Army Criminal Investigation Command, and Air Force Office of Special Investigations were also involved with the investigation, as were several outside civilian law enforcement partners.

"This enforcement operation sends a clear message about our unwavering commitment to protect our nation's service members so they can focus on their mission of winning wars and defending the American way of life. Working with our fellow federal agencies and state partners, we will continue efforts to stamp out sexual extortion impacting our communities," Andrews said.

(1st December 2018)

(Britol Post, dated 26th November 2018 author Hannah Baker)

Full article [Option 1]:

Small businesses in Bristol are being warned to stay on their guard against a scam after local companies were targeted by criminals.

Not-for-profit business support organisation Brave Enterprise says cold callers have contacted several Bristol businesses to sell advertising space in a bogus publication for what they claim is a good cause.

Callers give the impression that the publisher is working with local charities, emergency services, crime prevention or community health initiatives, according to the national cyber-crime reporting centre Action Fraud.

Sometimes the caller will say that a business has placed an order previously, or that someone else in the firm has agreed to take out advertising space.

The fraudsters may also send the business invoices, whether or not the victim has agreed to advertise.

Nathan Thomas, who recently set up a French polishing business in Staple Hill, was approached by the scammers.

He said: “I have been approached twice by a woman claiming to be calling from a crime prevention magazine. She claimed that I had agreed to put an advert in the publications a few months before and had agreed to pay for the ad, which is nonsense.

"She said she first phoned me in May but I hadn’t even set up my business then so wouldn’t have had anything to advertise.

“When I told her I hadn’t agreed to advertise I was threatened with court action and a visit by the bailiffs to recover the money.

"So I got in touch again with BRAVE and they confirmed that it was a scam and that quite a few people had been targeted.

“My concern is that some people may feel threatened by the prospect of court action and will pay money to these criminals so that they leave them alone.”

Liz Sands, director of BRAVE Enterprise, added: “A number of our small businesses clients have been targeted by this type of fraud and one nearly paid money to the scammers involved.

“We want to warn others that these fraudsters are targeting new start-ups in the Bristol area so beware of anyone claiming to represent charities or the emergency services, and certainly don’t send any money unless you’re absolutely sure the caller is genuine.”

To check whether a phone number has been reported as a scam, visit

To report a scam call or too get advice about cyber crime, call Action Fraud on 0300 123 2040 or visit

(1st December 2018)

(Which?, dated 23rd November 2018 author Hannah Walsh)

Full article [Option 1]:

uaware note : The actual article provides examples of scammers emails.

The UK’s national fraud and cyber reporting centre is warning the public of a surge in TV Licensing refund emails.

Action Fraud is reporting that it received hundreds of reports of scam TV Licensing refund or payment issue emails in just a matter of days, adding up to more than 2,500 complaints throughout September and October 2018.

The fake emails are being sent by scammers in a bid to steal bank account and personal details.

How does the TV Licensing refund email scam work?

The emails claim that TV Licensing have been trying to get hold of the victim regarding a refund for an over-payment or that a refund is owed, but due to invalid account details it hasn’t been paid.

The fraudsters include links to convincing-looking cloned TV Licensing websites designed to harvest bank account and credit card details.

We asked Action Fraud for examples of these scams. Look out for emails that don’t include your correct name or that contain spelling or grammatical errors.

How does the TV Licensing payment issue scam email work?

Other fraudulent TV licence emails doing the rounds, state that the receiver’s billing information records are out of date and need to be updated. As with the refund emails, these include a prominent link to a near-identical clone of the real TV Licensing website.

Victims who fall for these scams are asked for a lengthy list of personal and financial information:

- Full name
- Date of birth
- Address
- Phone number
- Email
- Mother’s maiden name
- Credit or bank card number and details
- TV licence account number.

Once the victim submits this information, it goes straight to the scammers.

How to spot a TV licence scam

TV Licensing has issued several tips for identifying a genuine email from them:

- Check that the email contains your name TV Licensing will always include your name in any emails they send you.

- Check the email subject line Anything along the lines of ‘Action required’, ‘Security alert’, ‘System upgrade’, ‘There is a secure message waiting for you’, and so on, should be treated as suspect.

- Check the email address Does the email address look like one that TV Licensing use? For example, Look closely, as often the address may be similar.

- Check for a change in style Often the scammers will take the real emails and amend them. Look out for changes in the wording used, especially if it seems too casual or familiar.

- Check for spelling and grammar Are there any spelling mistakes, missing full stops or other grammatical errors?

- Check the links go to the TV Licensing website Hover over the links in the email to see their destination and check the web address carefully. If you’re not sure, go directly to the TV Licensing website.

TV Licensing will never ask you to reply to an email to provide bank details or personal information, and you should be wary of any correspondence that does.

What to do if you’ve entered your personal details

If you’ve entered personal details, you need to be extra vigilant.

- If you receive any suspicious emails or odd postal messaging going forward, ignore them – they could be from a scammer hoping you’ll fall for their next scam.

- Keep an eye on your credit report and bank accounts – scammers can use personal information to steal your identity and open new accounts or take out credit.

- The scammer could also add your details to a ‘suckers lists’ of people who are liable to fall for a future scams, commonly sold on the dark web.

Whatever form a message comes in, make sure you don’t give away any bank details or passwords. Read our guide on how to spot an email scam for top tips about identifying email scams :

(1st December 2018)

(Coventry Telegraph, dated 23rd November 2018 author James Rodger)

Full article [Option 1]:

Scammers claiming to be from Tesco are running a fake competition in an attempt to steal people's bank details.

Fraudsters are targeting potential victims with an email asking them to fill in a survey to be in with a chance of winning prizes.

The link takes you to a form on an external website where it asks you to hand over your personal details.

'Winners' are then asked to choose one of three prizes and to pay £4.95 to cover the postage costs.

But instead of receiving your chosen prize, you gift the scammers your personal details instead.

One Tesco customer, who wishes to remain anonymous, contacted the Daily Mail to warn others not to fall for the scam.

They warned that the email was sent from a "very authentic Tesco site" and that they qualified to be entered into a prize draw if they filled out a customer satisfaction survey.

"I opted for the CBD oil. The winner was asked to only pay postage of £4.95. I clicked the link for the goods which did not lead to the product I had selected (CBD oil)," they told the Daily Mail.

"I became suspicious and called Tesco customer service department, which had no idea about the offer - it was a scam. I sent the real Tesco the email and pics of the scam Tesco site."

The supermarket confirmed that the email is a fake and has urged customers not to open it.

It added that it only ever ran competitions with accredited marketing agencies and would never ask for money in exchange for a reward.

Tesco also warns on its website that it doesn’t run any competitions via email or social media offering free vouchers or rewards for liking, sharing and commenting on posts.

The retailer also warns about fake ‘Tesco Offers’ pages that pop up on Facebook, saying: "We don’t have a separate 'offers' page.

"The fake voucher giveaway is just the bait used to trick people in engaging with the bogus page and there are no real prizes up for grabs."

Customers can report a scam to the Tesco customer service team on 0800 505555.

(1st December 2018)

(Metro, dated 23rd November 2018 author Martine Berg Olsen)

Full article [Option 1]:

A conman who claimed he was a dentist targeted pensioners and gave them fake dentures.

Charlie Von Klemperer, who took out an advert in a local newspaper advertising his dentistry service, was caught after a woman complained about her dentures following a sting operation at a care home, a court heard.

The 66-year-old, claimed the General Dental Council (GDC) was just being ‘difficult’ and argued that he was qualified.

The GDC launched an undercover investigation and exposed Von Klemperer after getting him to visit a care home to measure up a lady for her false teeth.

Von Klemperer had repeatedly attempted to register with GDC under different names, but was never accepted, Portsmouth Crown Court heard.

Prosecutor Christopher Prior said the fake dentist took out adverts offering his dentistry services knowing he was not authorised to do so.

Mr Prior told the court Von Klemperer was caught out when he took £225 from an old lady for fitting her dentures. She complained after having issues with them.

Mr Prior told the court: ‘An employee contacted the man purporting to be Mr Smith and arranged for him to attend a care home in Bexhill-on-Sea. ‘She gave the impression her mother required a new set of dentures.

‘The defendant attended purporting to be Mr Smith, confirmed that he was a dental professional, thus giving rise to the fraud.

‘He was arrested and gave his name as Von Klemperer. In searching his property a record book, a diary, was found – there were a great number of names.’

The court heard all the clients were contacted, with a further two victims of the denture fraud being found – one having lost £400, while the other was charged £399 but did not pay.

Von Klemperer, of Tunbridge Wells, Kent, admitted three charges of fraud between 2016 and 2017.

In mitigation, the court heard a number of his clients were contacted after he was arrested and only a small number complained.

Von Klemperer is trained in podiatry and is making £3,000 a month while also practising as a foot care specialist.

Judge Timothy Mousley QC sentenced Von Klemperer to 150 hours of unpaid work and ordered he complete days of rehabilitation and to repay his two victims who paid him for dentures.

The judge told him: ‘The letter you’ve written me shows remorse.

‘I have some hesitation accepting that as genuine as, of course, the letter is written by someone who is an accomplished fraudster and has been for most of his life.’

uaware - further information

General Dental Council :

Find a NHS dentist :

(1st December 2018)

(Chicago Sun Times, dated 23rd November 2018 author Alexandria Jacobson)

Full article [Option 1] :

uaware note : This is a USA article, but the scam is internationally transferable and similar to the HMRC / iTune scam

When Samantha Stahl, a Columbia College Chicago graduate student, was offered a $450-a-week nanny job, she didn’t hesitate to take it.

She often babysat for extra cash, finding work through, a website where families can post jobs and caregivers post their profiles and references.

That’s where she was hired last year by someone posting under the names “Brenda and Cody Davies” — supposedly a couple moving from Ontario to Chicago with their 2-year-old son.

“It really sounded all legit because of all the details she was giving me and the location of where they were moving,” says Stahl, 24, who was living in Wrigleyville and since has moved to New York. “It just sounded real.”

But it wasn’t. And this latest version of a fake-check scam that consumer experts call the nanny scam, usually targeting younger people looking to make a little money, ended up costing Stahl $1,500.

Contacted by text, Stahl says she was asked if she could help with a few errands to set up the house before the couple arrived from Canada. Stahl was sent a check for $2,000. “Brenda” told her to keep $450 for her first week’s pay and use the rest to buy Apple gift cards she said were for family members’ birthdays. Stahl deposited the check in her bank account and bought $1,550 in gift cards.

Then, Stahl’s new employer asked her to scratch off the gift card codes and text photos of the numbers, supposedly just so the family wouldn’t have to wait to receive their gifts.

That made Stahl suspicious. She put the woman off, saying she couldn’t do that right away because she was swamped with schoolwork.

The next day, her bank alerted her that the $2,000 check — a fake — had bounced.

Stahl tried to confront “Brenda” about the bad check, but the woman disappeared.

Stahl was glad she hadn’t divulged the codes, but she was still on the hook to her bank for the $1,550 for a lot of gift cards she didn’t need.

“It’s really crazy how people think they can prey on young adults,” she says. “But I can see how easy it is because we want the money.”

The nanny scam is one of a burgeoning series of cons that involve getting people to send money to scammers via gift cards or reloadable debit cards.

These things are big business. According to the Federal Trade Commission, reported losses from gift card and reloadable debit card scams have amounted to $53 million this year just by September. That’s up from $40 million in 2017 and $27 million in 2016.

Young people lose money to these scams at a much higher rate than older consumers do, according to the FTC. Of those who reported losing money to fake cheque scams, 36 percent were under 30.

Con artists like to use gift cards because, once they have the codes to them, they can grab the value in a transaction that’s fast, anonymous and irreversible.

In the nanny scam version of the scam, fraudsters look for victims on "Nanny" or childminding websites. They say they’re moving to the nanny’s area, need someone to care for a child, a parent or even a pet, and they give a story about why they need to send the nanny a cheque in advance.

Or, in another version of the ruse, the scammer “accidentally” sends a check for more than needed to buy supplies and asks the nanny to wire back the overpayment. The counterfeit check bounces, and the nanny is stuck.

“If someone sends you a check and asks you to deposit it and then to send money to some third party for whatever reason, that’s always going to be a scam. Every time,” says Todd Kossow, the FTC’s Midwest regional director.

“The fact that the money appears in your account does not mean the check is cleared. By law (US), the bank has to make the funds available. And it can take as much as a week or longer for the bank actually to determine that the check is phony.”

(1st December 2018)

(Irish Mirror, datd 22nd November 2018 author Aakanksha Surve)

Full article [Option 1]:

uaware note: This form of scam can easily be committed within the UK

Irish farmers have been warned to protect themselves against online scams.

Older farmers in particular have been warned to look out for one of the most common scams called “Goods Not Received”.

In this scam, farmers order and pay for products online but never receive the delivery.

A Limerick farmer was recently scammed out of a “considerable amount of money” when he tried to buy hay, the Irish Independent reports.

The farmer paid the money into the seller’s bank account but never received the bales of hay.

Denise Cusack, FarmIreland Ulster Bank’s Community Protection Advisor, warned farmers to do their research well regarding the website and sellers, and look for reviews if possible.

Ms Cusack said: “Remember seeing is believing, where possible view the item you are buying or look for relevant documentation before handing over any money.”

Another scam that farmers need to be aware of is “The Overpayment Scam” where legitimate sellers are targeted.

The scammer pays using a cheque or draft paying a higher price than what was agreed upon.

Ms Cusack said: “The seller then receives an email to inform them a mistake has been made and they have been overpaid in error.

“The fraudster asks the seller to return all or part of the money electronically, as quickly as possible.”

The original cheque and draft, which is forged or counterfeit, will be rejected so the seller loses money.

Other scams include fraudsters calling or texting pretending to be from their bank, gardai, or other companies to fish out personal information and scam them out of money.

“They often use sophisticated technology to make the number appear like it's a genuine number,” she said.

(1st December 2018)

(BBC News, dated 21st November 2018 author David Quinn)

Full article [Option 1]:

A Royal Bank of Scotland customer had more than £4,300 stolen from her account by a fraudulent caller who answered one of her security questions wrongly, BBC Watchdog Live has found.

For more than a year, the bank insisted Charlotte Higman had been aware of the transaction and refused to refund her.

The Financial Ombudsman Service (FOS) backed RBS after the initial complaint.

But earlier this month, RBS apologised and issued Charlotte a full refund, after Watchdog Live's investigation.

'I feel really angry'

Charlotte, from Totnes in Devon, believes that RBS repeatedly failed to pick up on evidence, including warnings raised in its own security processes.

In a recording of the fraudulent phone call obtained by Watchdog Live, a woman can be heard incorrectly answering a security question relating to Charlotte's occupation.

Despite this, a transaction of £4,318 is approved by the bank and it is only after the caller requests a second transaction, and is unable to answer additional security questions, that a warning is raised on Charlotte's account.

The bank's own records show that the phone call, in January 2017, was marked as a "potential account takeover" and the caller failed the bank's voice recognition checks. Despite this, the initial transaction was not reversed.

After reporting the call to the police, Charlotte discovered her phone line was diverted on the day of the call, explaining why the bank believed they were speaking to her at her home address.

"I just feel really angry that someone's been able to do it that easily," Charlotte told Watchdog.

"The bank said that the person was in the home, they did the transactions from the home and they passed all the security questions correctly - and that's why they believed that I'd done it."

Charlotte's case pre-dates a new voluntary code of conduct on such scams which most of the banks have signed up to.

In essence, the code says that if a customer - or the bank - has failed to heed warning signs, they will be liable for any subsequent loss.

Under the code, RBS would have been obliged to pay up.

The industry is still consulting on the issue, and the code is expected to be finalised next year.

Fraud lawyer Arun Chauhan told the programme: "I have a lot of sympathy for Charlotte,

"You can hear what [the caller has] tried to do is put together two transactions for the full balance of the account and the bank just don't pick it up as a warning sign.

"They know at the end this is fraud, but they've done nothing about the first transaction and that's why Charlotte should be so critical of the bank."

According to fraud prevention service Cifas, facility takeover fraud - when a fraudster abuses personal data to hijack someone's existing account or services - rose 7% last year to more than 24,000 reported cases.

Bank accounts remain the most targeted product for fraudsters, with more than 100,000 reported cases in the UK last year.

This is how the fraud on Charlotte was carried out:

- Bank records show the fraudster initially calls the bank, posing as Charlotte, and asks for her account to be reset for security reasons. Staff follow the bank's usual security protocol and call Charlotte's landline number, unaware the call has been diverted to a mobile phone

- The security reset is processed despite the caller answering a security question incorrectly. The caller then requests that more than £4,300 should be transferred to another account and the bank allows the transfer

- During the same 23-minute call, the caller requests a second transfer of a similar amount is made to a different account. This time security questions are flagged as being answered incorrectly and the transfer is denied, but the bank does not ask for the original transfer to be recalled

- The bank maintained that because it had called Charlotte's home phone number to verify her identity, it was clear she was aware of the transactions. Following an investigation by Devon and Cornwall Police, it was discovered that the fraudster had made a call to Charlotte's landline provider to fraudulently divert the number to a mobile phone number in a different part of the UK

The FOS warned banks earlier this year that customers should not automatically be blamed for money lost through scams.

It added that fraudsters' growing sophistication meant it was wrong to assume losses were because of customer carelessness.

The FOS aims to resolve issues for customers relating to financial services including bank accounts, insurance, loans, credit and debit cards and investments. Last year, it was contacted by more than two million people.

'Fair and reasonable'

A FOS spokesperson said: "We have made it clear to the banks that it's not fair to automatically blame a customer when they've lost money due to a scam, especially given the sophisticated way criminals exploit banks' security systems.

"When we look at complaints, we have to carefully weigh up the evidence provided by both parties to decide what we think is fair and reasonable in all the circumstances.

"We're pleased that Charlotte's complaint has now been resolved, and she's got her money back. If you've been the victim of a scam, and you feel your bank should have done more to help, please get in touch with us."

After being contacted by Watchdog Live, an RBS spokesperson said: "We would like to apologise to Mrs Higman that the service provided fell short of the high standards we expect.

"On review of Mrs Higman's case, and in light of new information provided to us, we have refunded Mrs Higman in full for her loss."

(1st December 2018)

(Gazette Live, dated 21st November 2018 author Naomi Corrigan)

Full article [Option 1]:

Internet porn viewers are being warned about a blackmail scam.

Cyber crime detectives are investigating several emails which threaten to expose people for viewing pornographic material online.

The criminal sends an email claiming to have installed spyware and filmed the recipient engaging in intimate acts via the webcam.

They threaten to send the footage to family and friends unless a fee is paid.

Cleveland Police said the email seems credible as it often contains a genuine password that the victim has used for one of their online accounts.

However the password has likely been stolen in a data breach.

he force has received eight reports from victims in the last year. Officers believe it may be more widespread with people too embarrassed to come forward.

Detective Constable Will Galloway said: “These emails make people really believe that they have been spied on, particularly if they have been indulging in what has been claimed.

“The messages are intimidating, threatening, and seek to cause fear and panic. Emails are sent out at random in the hope that an unsuspecting victim takes the bait and pays thousands.

“People can protect themselves by not clicking on any links in the email, not paying the demanded fee and not responding.

“I would encourage victims of this scam to contact action fraud, the national police team who are looking at these cyber scams.”

Action Fraud

Website :

Telephone : 0300 123 2040

(1st December 2018)

(Chronicle Live, dated 19th November 2018 author Ben O'Connell)

Full article [Option 1]:

Unwitting victims in the North East lost more than £8.7million to fraudsters in the last three years, figures have shown.

Freedom of Information (FOI) data from Northumbria Police shows there were 4,730 cases of fraud against individuals (excluding businesses) in the region over a three-year period.

The Northumbria figures - which reflect that of other police forces across the UK - shows that those most likely to be victims are those aged 22 to 37, despite the common view fraudsters usually target the old and vulnerable.

The data, compiled by online finance broker Solution Loans, shows 20 per cent of personal frauds committed in the last three years were done so at the expense of those in the 18-29 age bracket, compared to just nine per cent aged 60 to 69.

Collectively, those aged 18-39 were the victims in 35 per cent of fraud cases.

This is put down to younger people's wider use of the internet and social media; millennials spend more time online overall than their older peers and are much more likely to be on social media, which is increasingly where fraudsters operate.

Previous research from the Policy Network has shown that 80 per cent of 18 to 24-year-olds are willing to share their email address online and as many as 29 per cent were willing to divulge their mother's maiden name, a common security question.

In the Northumbria force area, the average lost to fraud was £1,389, however, 14 of the area's 4,730 fraud victims lost £100,000 or more. In total, £8,702,093 was lost to fraud in the three-year period covered by the data.

The force also reported 127 judicial outcomes to all fraud cases (against businesses and individuals) between October 2017 and March 2018.

Earlier this year, speaking to Northumberland County Council, Chief Constable Winton Keenan said: "The truth is, the world of policing is becoming more challenging. The public, those you represent, have really high expectations of what we can and should do for them.

"Unfortunately some of those expectations we have for all the right reasons are becoming ever more difficult to honour and that's going to increase because the complexity of crime, as you will all know, is changing massively (for example, cyber crime)."

(1st December 2018)

(Guardian, dated 19th November 2018 author Patrick Greenfield)

Full article [Option 1]:

The records of up to 3,000 doctors are being reviewed after it emerged that a woman worked as a NHS consultant psychiatrist for 22 years with fake qualifications before she was convicted of trying to defraud a patient.

Zholia Alemi, 56, was jailed for five years last month for faking an 87-year-old patient’s will as part of an attempt to inherit her £1.3m estate after they met at a dementia clinic in Workington, Cumbria in 2016.

Following the trial, an investigation by the Cumbrian newspaper News and Star revealed Alemi had been working in the UK for more than two decades with forged qualifications from the University of Auckland.

The convicted fraudster had failed the first year of medical school in New Zealand in 1992, but subsequently managed to register as a doctor with the General Medical Council (GMC) with a forged degree certificate, forged primary medical qualification and a fake letter of recommendation from her most recent job in Pakistan, under a visa scheme that has since been discontinued.

The investigation has prompted an urgent review of all doctors who registered with the GMC under the scheme, which allowed graduates of medical schools in some Commonwealth countries to work in the UK without having to pass an exam.

The GMC said it was incredibly rare case but started a review after the News and Star made them aware of the details of Alemi’s faked qualifications.

In October, a court heard how Alemi befriended Gillian Belham, then 84, who was struggling to deal with the recent death of her husband. Alemi redrafted the pensioner’s will and fraudulently applied for power of attorney over her estate. The consultant psychiatrist was found guilty of four fraud and theft charges at Carlisle Crown court and was jailed for five years.

In response to the cases, Charlie Massey, the chief executive of the GMC, said: “It is extremely concerning that a person used a fraudulent qualification to join the register and we are working to understand how this happened. We have brought this to the attention of police and other agencies, including NHS England, so that they may also take any necessary action to support patients and answer any questions they may have.

“Our processes are far stronger now, with rigorous testing in place to ensure those joining the register are fit to work in the UK. It is clear that in this case the steps taken in the 1990s were inadequate and we apologise for any risk arising to patients as a result. We are confident that, 23 years on, our systems are robust and would identify any fraudulent attempt to join the medical register.

“Patients deserve good care from appropriately qualified professionals and place a great deal of trust in doctors. To exploit that trust and the respected name of the profession is abhorrent.”

A Cumbria police spokesman told the News and Star: “Cumbria Constabulary is liaising with the General Medical Council and will be commencing further criminal investigations relating to allegations of fraud and any potential further offences. It would not be appropriate to comment further at this time.”

(1st December 2018)

(Independent, dated 16th November 2018 author Anthony Cuthbertson)

Full article [Option 1]:

Fake Black Friday and Cyber Monday apps have been spreading online, as cyber criminals seek to cash in on the annual shopping bonanza.

A report from cyber security firm RiskIQ found that Black Friday is a "feast for threat actors," with brand names of the five leading retailers used in malicious and fraudulent mobile apps.

These apps seek to fool people into sharing their login credentials or credit card details in the hope of finding the best Black Friday deals.

"For shoppers, what starts as an attempt to fulfil their holiday shopping checklist for pennies on the dollar can turn into a financial nightmare," the report states.

"With more people than ever poised to partake in this year’s November shopping frenzy, attackers will capitalize by using the brand names of leading e-tailers to exploit users looking for Black Friday deals and coupons by creating fake mobile apps and landing pages to fool consumers into downloading malware."

The potential financial rewards for cyber criminals is enormous, with figures from Adobe Digital Index revealing online shoppers spent $19.6 billion in 2017.

This year, hackers pose an especially significant risk given the rise of Magecart, a collection of credit card-skimming groups that have already targeted sites like British Airways and Ticketmaster.

"Magecart attacks are surging – RiskIQ’s automatic detections of instances of Magecart breaches pings us almost hourly," RiskIQ researcher Yonathan Klijnsma wrote in a September report on Magecart.

"Meanwhile, we’re seeing attackers evolve and improve over time, setting their sights on breaches of large brands."

RiskIQ detected an average of 89,837 monthly instances of Magecart between August and October 2018. Of Black Friday-specific apps, more than 5 per cent of the 4,331 apps analysed were found to be malicious.

The names of the retailers used in the names of the scam apps were not listed in the report, though it is likely they sought to capitalise on the popularity of firms like Amazon and eBay.

"The top-10 most trafficked brands averaged over 17 blacklisted apps containing both its branded terms and 'Black Friday,' in the title or description, showing clear intent by threat actors to leverage the shopping holiday," the report states.

"For brands, what begins as an event that significantly boosts sales can turn into a security fiasco that erodes the trust of customers and prospects."

Shoppers are advised to only download apps from official app stores like Google Play and Apple's App Store, while remaining wary of any Black Friday-related links spreading on social media sites like Facebook, Instagram and Twitter.

Luis Corrons, a cyber expert from the security firm Avast, warned that even some apps listed on official stores could pose a risk to people.

"In the past, Avast has found fake apps on the Google Play Store that use logos and developer names closely resembling or identical to popular apps, in order to trick people into downloading them," he said in an email to The Independent.

Mr Corrons also warned that fake apps would be just one way criminals are likely to target consumers on Black Friday.

"Finding a discount is always exciting, but shoppers should be cautious of offers that are far below the market price, as this can indicate an untrustworthy deal," he said.

"Whether it be on social media or an online ad, shoppers should be careful when it comes to unknown shops, especially if they are promoting sales at ridiculously low prices."

(1st December 2018)

(This is Money, dated 9th November 2018 author Angelique Ruzicka)

Full article [Option 1]:

Fraudsters are cloning Her Majesty's Revenue and Customs contact numbers to help pass scam attempts off as 'legitimate' it has warned.

The aim is to then steal thousands of pounds from unsuspecting victims who go on to believe the ruse - and This is Money has received examples of this happening.

Criminals call potential victims using Voice over Internet Protocol technologies to copy the taxman number (usually 0300 200 3300) and cruelly pass themselves off as HMRC employees that are conducting audits and catching out tax evaders.

They tell their target they haven't paid their taxes in previous years and they need to make an immediate transfer of the 'outstanding' monies, or risk legal action and prison.

Some smartphones even display that the number comes from the HMRC making the scam more believable to people who then transfer money to criminals out of fear.

If the victim isn't home or doesn't answer the phone, the scammers aren't put off.

They often leave voice messages or send emails purporting to be from the HMRC and demanding immediate call backs.

An HMRC spokesperson told This is Money: 'We are well aware that fraudsters are trying to spoof our real numbers in order to legitimatise their crimes. We encourage people, as with any scam, to be vigilant.

'We will never call you out of the blue asking for money. If you're in doubt, you can put the phone down and call us back.

'You can report this scam to or Action Fraud at 0300 123 2040. All our phone numbers are listed on if people want to call us.'

Reports of a surge in taxman number cloning comes after our report last week in which a mum of two lost £2,900 from her HSBC savings,

It came after a scammer persuaded her that he was calling from the HMRC and threatened her with legal action and arrest.

Another reader from Surrey wrote in soon after our report conveying a similar story of how his wife was targeted by 'HMRC' fraudsters and lost more than £2,400.

She also banks with HSBC.

He said: 'My wife has just last week been involved in the exact same scam, and some of the similarities are really terrifying.

'I finished early last week and got home to find my wife and daughter both crying.

He added: 'My wife was on the phone and refused to tell me what was happening other than she was being investigated for tax evasion by HMRC, and that she was being monitored and wasn't allowed to speak to anyone else about the case as it would break the terms of their agreement.

'I eventually managed to convince her that this could not be genuine, but by that point the damage had already been done.

'They had been keeping her on the phone to make sure the payment she had made (£2,486) earlier on had gone through.'

A HSBC UK spokesperson said: 'Scammers are expert manipulators and use a range of techniques to find and use public and private information about their victims, both before and during contact with them, without them realising.

'They then use this information within different scenarios to convince people that a bank transfer is necessary and make it appear plausible and legitimate.

'In this case, there's nothing to suggest the scammer already had access to specific financial information about the customer.

'After being notified of the scam we acted quickly to contact the receiving bank, making it aware of the transaction in question and the suspected fraudulent activity.

'It is then up to the receiving bank to investigate and return funds to the customer.'

Number spoofing is a fairly simple technique for fraudsters. They clone the telephone number of an organisation they wish to impersonate and make it appear on the caller ID display seen by their intended victim.

Websites that offer this type of service are easy to find.

The scammer gains trust by drawing attention to the number on the display and uses this as proof of identity in order to disguise the fraud.

Many may not realise how easy it is for a fraudster to make a telephone number appear it is coming from a bank or a government organisation.

HMRC tips on how to identify a scam

- Recognise the signs - genuine organisations like banks and HMRC will never contact you out of the blue to ask for your PIN, password or bank details.

- Stay safe - don't give out private information, reply to text messages, download attachments or click on links in emails you weren't expecting.

- Take action - forward suspicious emails claiming to be from HMRC to and texts to 60599, or contact Action Fraud on 0300 123 2040 to report any suspicious calls or use their online fraud reporting tool.

- HMRC debt management teams do contact members of the public by phone about paying outstanding debts.

- If a customer isn't confident that the call is from HMRC, it will ask them to call back. Depending on the circumstances and to give the customer confidence it is actually HMRC calling, information may be disclosed to the caller which only HMRC is party to.

- Calls from the majority of HMRC offices will leave caller identification data, i.e. the number the caller has used to contact you from.

- For up to date advice on scam HMRC phone calls, visit GOV.UK.

- HMRC will call people about outstanding tax bills, and sometimes use automated messages, however this would include your taxpayer reference number. If you are uncertain of the caller hang up and call HMRC directly to check – you can confirm our call centre numbers on GOV.UK if you are unsure. For tax credits it does not include your details in any voicemail messages.

Beat the Scammers

In 2016, This is Money launched its Beat the Scammers section, in a bid to help readers stay one step ahead of the latest fraud trends.

This HMRC prison scam is yet another example of how criminals adapt and attempt to play on fear in order to deceive people out of their hard-earned cash.

(1st December 2018)

(The Register, dated 8th November 2018 author Andrew Orlowski)

Full article [Option 1]:

While fraudsters traditionally prey on the gullible and feeble-minded, their wicked ways have ensnared British Labour MP Diane Abbott.

The UK Shadow Home Secretary admitted to handing over control of her computer to a stranger after a random caller asked her to install Remote PC. It's a common scam. Once the miscreant has control of the PC, they often attempt to steal sensitive information like passwords and bank details.

As Home Secretary – note that Ladbrokes offers 4-1 on Labour being the next government – Ms Abbott would be responsible for cybersecurity, as well as crime and policing. She would also have to decide whether Britain implements an identity card system, an idea currently being revived in the context of "digital government".

Yes. Sadly I was initially taken in
— Diane Abbott (@HackneyAbbott) November 6, 2018


We asked her office if Ms Abbott would consider helping to publicise the menace of PC Support fraud. Perhaps as its public face?

(1st December 2018)

(Guardian, dated 7th November 2018 author Anna Tims)

Full article [Option 1]:


An unauthorised transaction was made on my PayPal account and £220 was used to buy a Flightgiftcard. The fraudster then closed my account. PayPal opened an appeal and stated that the money should be put back into my account within 48 hours. I was then sent an email explaining that my appeal had been denied as I am no longer a PayPal customer. This is because the fraudster had closed my account. After three weeks of chasing, PayPal advised me to ask my bank to raise a dispute since I’m no longer a PayPal customer.

The bank told me that it couldn’t help as the fraud occurred on my PayPal account, not on my debit card.

IB, Cardiff


This is a disgraceful case. For nearly a month PayPal washed its hands of you, declaring that it had closed your complaint because your account had been terminated.

It then erroneously claimed its hands were tied because your bank had issued a chargeback request (it hadn’t) and, finally, that your bank had refused your chargeback request and returned the funds to the merchant (it hadn’t).

Only when the Observer intervened did it discover that it had messed up. “Due to human error, the unauthorised payment on the customer’s PayPal account was not appropriately dealt with,” says a spokesperson. “We have apologised and issued a goodwill credit to her account for the inconvenience caused.” The stolen money has now been refunded.

(1st December 2018)

(Mirror, dated 5th November 2018 author Dean Durham)

Full article [Option 1]:

Scams always increase this time of year in the run up to Christmas and consumers need to be more vigilant.

Richard, a reader from North Wales recently started to receive debt collection letters from two different companies, both claiming that he had arrears on two credit cards.

One letter referred to a card from three years ago and the second from five years ago.

Neither letter actually stated details of the card so Richard could not make further enquiries or ascertain if the information was correct.

In both cases the letters started to get, in Richards words ‘heavy’ and he was concerned.

Also, in both cases every time he tried to call the debt collection company he couldn’t get through.

Richard then received a call on 3rd October from a man who announced himself as Stephen Gage from Consumer Debt Assistance.

He told Richard that his organisation helps consumers who are pursued for debts through the courts and that they had received notification that legal proceedings had been issued against him in the Caernaerfon County Court.

Richard knew nothing about this as he had not received any notification.

Mr Gage then explained that this was not unusual as the courts often took a long time to send out paperwork.

Mr Gage then threw on his cape and explained how he could wade in, like a superhero, and solve all of Richards problems.

He asked if he was being chased for any other debts. In response, Richard told him that he was being chased by two debt collection companies, who between them were claiming £13,750.

Gage explained that the court proceedings was in relation to one of these debts and that it was highly likely that the other would also go to the courts soon.

He then explained what he could do to help, which in short was to negotiate on his behalf to reduce the two debts.

Naturally Richard didn’t want to pay anything as he wasn’t sure they were genuine debts.

Gage explained that the best thing to do would be to agree a deal to get them off his back and then to prove the debts were not Richards and claim the money back. Richard agreed.

Two days later Gage gave him the ‘good news’ that he had negotiated with both companies and all Richard had to do was transfer £5,000 to him and both matters were solved.

Richard made the transfer and the rest is obvious – he found out it was all a scam. A neighbour put a note through everyone’s door warning that someone had tried to scam them and it was the same person, same story.

(1st December 2018)

(Observer, dated 4th November 2018 author Sarah Butler)

Full article [Option 1]:

The government is launching an inquiry into the use of personal data to set individual prices for holidays, cars and household goods, amid rising fears of a consumer rip-off.

The research, supported by the competition watchdog, will explore the prevalence of “dynamic pricing” based on information gathered about an individual, such as location, marital status, birthday or travel history. With about 17% of retail sales now made online, according to the Office for National Statistics, there is rising concern about the use of technology, including artificial intelligence and bots, to “personalise” prices, to the disadvantage of some shoppers.

It has become common for online prices to fluctuate depending on time of day or availability – whether for gig tickets or Uber taxis. Now digital labels have begun to appear in shops, offering the potential to bring “surge pricing” into analogue sales.

Andrea Coscelli, chief executive of the Competition and Markets Authority (CMA), said: “With more of us shopping online, it’s important we understand how advances in technology impact consumers … so we can understand how best to protect people from unfair practices where they exist. We will also use the results in our ongoing efforts to help vulnerable consumers.”

The issue was raised at a meeting last week of the new Consumer Forum, which brought together watchdogs, including the CMA, Ofcom, Ofgem and the Civil Aviation Authority, with consumer minister Kelly Tolhurst. The chancellor, Philip Hammond, has asked a panel of experts led by Jason Furman, a former adviser to Barack Obama, to examine competition in the digital economy, including how machine learning and algorithms are used to set prices and whether firms could gang up to disadvantage consumers. The group’s call for evidence also says it wants to learn more about how consumers pay for “free” services by handing over their data.

Business secretary Greg Clark said: “UK businesses are leading the way in harnessing new technologies … But companies should not abuse this technology and data to treat consumers, particularly vulnerable ones, unfairly.”

(1st December 2018)

(Telegraph, dated 3rd November 2018 author Jessica Gorst-Williams

Full article [Option 1]:

On returning home today, I found a message on my answering machine claiming to be from HMRC.

The message stated that an arrest warrant had been issued under my name and I should press “one” to speak to my case officer.

I took no action as I considered this to be yet another scam.

However, I feel this should be highlighted as some people could be very frightened to receive such a call.

RM, Midlothian

Authors Response

I understand HMRC has heard from many other members of the public who have had similar calls.

HMRC says: “Phone scams are widely reported, and generally attempt to target elderly and vulnerable people. We are a well-known brand, which criminals abuse to add credibility to their scams.

“If someone calls you claiming to be from HMRC saying that you will be arrested, that we are filing a lawsuit against you, or even that you are owed a tax refund, and asks for information such as your name, credit card or bank details, then it’s a scam.”

However, HMRC adds that its debt management teams do contact members of the public by phone about paying outstanding debts.

Such communications, though, would not come out of the blue as the person being called would already know about the issue.

Also HMRC itself will call people about outstanding tax bills, and does sometimes use automated messages, but these automated calls would include the taxpayer reference number.

If there is any uncertainty, call HMRC on one of the call centre numbers listed at

(1st December 2018)

(U3A / Third Age Matters, dated Winter 2018)

An 89 year old friend, a U3A member, recently answered a phone call saying that her provider (not BT) had gone down and to press 1 to get advice.

This she did. In the ensuing silence, she began to be suspicious. When she checked her account, she found that the call had cost her £100.

Her son phoned the provider and argued successfully that this fraud had taken place in their name and they had some responsibility. The charge was removed from her account.

A few days later I received a recorded message that my BT service was "compromised". For advice I had to press 1, and to get another supplier press 2. I put the phone down and immediately dialed 1572, BT's free Call Protect service, to get the number of the last caller into the "junk" box.

Scam callers are becoming more sophisticated and numerous. They know their target, where they live and whether they live alone. Most scam calls occur around lunchtime and in the afternoon - when the people at home to receive them are mostly within the U3A age range.

BT stresses the importance of informing the provider after receiving a scam call. BT now has a special investigation department dedicated to eliminating scam calls and callers.

Submitted by : K Kinder, North Yorkshire

Call Blocker

For £50 you can buy a phone that blocks all nuisance calls, including those from con merchants. I have one and it works.

Submitted by : M Hathaway, Northumberland

Scam call

What a timely article on phone scams. The day after I received my copy of the U3A magazine arrived, I received a phone call purporting to be from Microsoft regarding my computer, which I was then able to report to the Action Fraud organisation.

Submitted by : D Balchin, Surrey

(1st December 2018)



(Business Insider, dated 19th October 2018 author Antonio Villas-Boas)

Full article [Option 1]:

A new scam is targeting people by disguising itself as a Spotify email asking you to verify your subscription information after being charged for a year's subscription of Spotify's Premium streaming service.

Potential victims aren't charged for Spotify's Premium service, but may click the link in the email because they're surprised to receive the email.

The link leads you to a fake Apple ID login site that expects you to use your Apple ID credentials.

Once you try to log in, your Apple ID credentials are likely sent to the scammers.

A new phishing scam is targeting people by using a fake Spotify email in order to get you to hand over your Apple ID.

The email contains the fake confirmation of a year's subscription to Spotify's Premium streaming service - it's likely intended to prey on your surprise that you may have been erroneously charged. The email prompts victims to click a link to cancel or "review your subscription."

(Dated 19th October 2018)

East Sussex Trading Standards are warning residents to be vigilant about companies who are cold calling and claiming to offer a home insulation scheme which is supported by East Sussex County Council. However, it is possible that similar improper approaches may be made anywhere across the county.

It is not in the remit for East Sussex County Council to support schemes that involve cold calling, and companies claiming that they do are misleading residents and may be breaking the law.

(ITProportal, dated 21st September 2018 author Sead Fadilpasic)

Full article [Option 1]:

There has been a significant rise in stolen corporate email accounts that are being used in phishing attempts. This is according to a new report by security experts Barracuda.

The security firm is claiming email accounts from employees all over the UK are being stolen. Hackers would then log into these accounts remotely and, posing as the email's legitimate owner, try to 'phish' out any valuable information.

Besides phishing for valuable information, the attackers can also use their disguise to try and get the victim to click on a malicious link, which would end up downloading a piece of malware onto the machine.

(Dated September 2018)

Phishing emails have been sent to the Virgin Media clients asking them to update their billing details. The company have said they had not sent them and asked the people not to respond to them.

(Market Watch, dated 4th September 2018 author Kari Paul)

Full article [Option 1]:

If an airline ticket deal you've seen recently seems too good to be true, it probably is.
Fake websites that appear to offer free tickets for Delta Airlines, easyJet and Ryanair are actually part of a phishing scam designed to glean people's sensitive details, according to a report released Aug. 13 by cyber data solution company Farsight Security.

Farsight researchers said that after Delta was informed of the scam, the website disappeared, leading the researchers to believe Delta told the web host disable it. Delta did not immediately respond to a request for comment. The fake sites advertising free tickets for Ryanair and easyJet remain online. Ryanair did not respond to a request for comment.

(Dated August 2018)

A man who operated websites which conned consumers out of £1.6m has been handed a one year suspended prison sentence and ordered to pay £200,000 within 28 days at Leeds Crown Court. The sentence comes after he pleaded guilty to breaches of the Consumer Protection from Unfair Trading Regulations 2008 following a National Trading Standards investigation.

The defendant was known by the name Richard Howard (aged 32 of Colliers Wood, Wimbledon) when operating his websites which misled consumers, however after National Trading Standards opened their investigation he changed his name to George Orwell. His one year prison sentence is suspended for two years and he must pay £200,000 within 28 days or face prison. The investigating officers are based with City of York Council and are supported by digital forensics specialists based with North Yorkshire County Council, and City of York Council brought the prosecution.

(Dated August 2018)

Local Banks, Police and Trading Standards have been working together to spot victims when they visit their local branch.

Branch staff, call handlers, police and trading standards officers have all been trained to identify victims.

Since it was introduced by Thames Valley Police in February 2018, a total of 73 emergency calls have now been placed and responded to through the scheme.

Banking Protocol enables bank branch staff to contact police if they suspect a customer is in the process of being scammed, with an immediate priority response to the branch.

Across the country the Banking Protocol has now led to a total of 197 arrests and prevented almost £25 million in fraud, while 3,682 emergency calls have now been placed and responded to through the scheme.

As well as stopping fraud taking place, the scheme ensures a consistent response to potential victims and gives them extra support to prevent them becoming a victim in the future.

UK Finance has led the development and implementation of the Banking Protocol, with support from the National Trading Standards Scam team and the Joint Fraud Taskforce.

Dated August 2018)

The MOD has been made aware of a possible phishing fraud. Targets of the fraud have received emails purporting to originate within the MOD attempting to make contact or seeking money.

Anyone who receives suspicious emails that might match this profile should take the following action:

- Not to respond to the suspicious communication, or cease all further correspondence if they have already responded

- Report it to Action Fraud, the UK's national fraud and cybercrime reporting centre which can be contacted at or on 0300 123 2040.

(1st November 2018)

(BBC News, dated 31st October 2018)

Full article [Option 1]:

Staff in mobile phone shops have become key to the execution of "Sim swap" scams, Watchdog Live has discovered.

Undercover filming revealed that O2 and Vodafone employees are bypassing basic ID checks and handing over replacement Sim cards to potential criminals.

Once fraudsters gain control of a mobile number, they can intercept SMS text messages from banks containing security codes.

Scammers have drained thousands of pounds from victims' bank accounts .

O2 told the BBC it currently only asks for photo ID when replacing Sims on a monthly contract, and that customers on Pay As You Go contracts would always receive an authorisation code alerting them that someone is trying to access their number.

However, that did not happen with any of the numbers being used by the Watchdog Live team, who were able to walk out with a replacement Sim in almost every case.

O2 says it did send out authorisation codes, but they were not received by the victims' smartphones.

Vodafone said that it takes Sim swap fraud "extremely seriously" and that it is disappointed that two of its employees did not follow established security check procedures, despite being given mandatory training, reinforced by regular reminders to the contrary.

'A state of shock'

Previously, in some countries, Sim swap scams were used by scammers to ring and text premium numbers to run up large mobile phone bills .

But now that more online services use two-factor authentication, which requires text messages to be sent to mobile phones, there is more at risk.

Olga from Buckinghamshire had £2,000 taken from her bank account, after a fraudster managed to successfully request a replacement Sim for her mobile number without her knowing anything about it.

"It was like a state of shock and my first thought was that there must be some sort of error," Olga told Watchdog. "I was just sobbing down the phone saying all my money's been stolen."

Initially, Olga's bank refused to refund her the money, blaming her for not keeping her details safe.

But it eventually became clear that the fraudster had found a way in to her account after being given a replacement Sim card by EE.

Watchdog's undercover visits found that staff in EE and Three stores always stuck to their security policies by demanding photo ID.

How the scam works

Sim swap scams occur when a criminal is able to convince a mobile operator to issue them with a replacement Sim card, by claiming a false identity and pretending that their mobile phone has been either lost or stolen.

Criminals are able to do this using people's personal details that have been stolen using malware or cyber-attacks. Many of these details are then sold on the dark web .

The victim's Sim card stops working and the criminal can then access any online service that requires security codes to be sent to a user's mobile phone.

Security researchers have long believed that UK crime gangs are behind these scams, as the fraudsters manage to trick banks by logging onto mobile banking systems from locations close to the victim's home address .

In the past, this scam has been perpetrated by fraudsters calling the customer service call centres of mobile operators, as well as by hackers using fake mobile base station equipment bought from the black market .

While the scam has been in existence for at least three years - BBC Radio 4's You and Yours programme demonstrated that they could attack bank accounts in 2016 - the number of cases of Sim swap fraud have rocketed by 60% since 2016.

(1st November 2018)

(Mirror, dated 31st October 2018 author Vicky Shaw)

Full article [Option 1]:

People could be more at risk of falling for an email scam than a more "traditional" con where a rogue trader turns up on their doorstep, research suggests.

More than a quarter (28%) of people would go ahead with a request for payment received by email without calling the supplier directly to check the details, a survey from Nationwide Building Society found.

This was a much bigger percentage than the 5% of people who said they would take the advice of, and pay, someone claiming to be a builder who knocked on their door and advised them that work urgently needed to be carried out.

With this type of con, criminals knock on someone's door unexpectedly offering their services.

Fraudsters convince homeowners to pay for work that is overpriced, poor quality, not necessary or not carried out.

The dangerous email con

Nationwide said it also wants to raise awareness around invoice scams that can be the result of emails being hacked - where criminals intercept personal emails, change the account details on an invoice to their own and resend.

The survey found that while 22% of those aged 55 and over would not check an email invoice via a phone call to the supplier - potentially putting themselves at risk of fraud - this increased to 37% of 25 to 34-year-olds who would not check.

In general, people who transfer money from their bank account directly to a fraudster run the risk of never seeing their money again - as they have authorised the payment.

Stuart Skinner, Nationwide's director of fraud, said: "Criminals are not complacent, which is why people need to learn about new ways in which scammers are trying to get their hands on their hard-earned money.

"Scams constantly evolve and people need to understand how they could be targeted. Just because an email looks genuine, it doesn't mean it is and just because someone isn't physically at your doorstep, it doesn't make the threat any less real."

Pauline Smith, director of Action Fraud, said: "Fraudsters will often pose as well-known companies or people you know to trick you into parting with information and money.

"To prevent this from happening, always check the source of emails that request payment for goods before passing on any personal information. If something feels wrong, it's usually right to question it."

More than 2,000 people were surveyed.

Here are Nationwide Building Society's tips for avoiding scams:

1. Do not rush to get work done by someone knocking on your door - take your time to do your research and look out for neighbours who may be more likely to feel pressurised.

2. Fake invoices received by email can be very convincing - check personally using separate contact details before parting with your money.

3. Report suspect activity to Action Fraud. Nationwide also has fraud awareness events in branches.

(1st November 2018)

(Wales Online, dated 30th October 2018 author Jason Evans)

Full article [Option 1]:

A man used other people's personal details to try to open more than 60 bank accounts, a court has heard.

Carl Winston Jones began making dozens of applications to banks just two days after getting out of prison following his release from a sentence for doing exactly the same thing.

Swansea Crown Court heard Jones' plan was to use the overdraft facilities on each account, transferring cash up to the limit on each one to other accounts, and then withdrawing it.

Tom Scapens, prosecuting, said that between July 10 and September 4 this year Jones made online applications to open 43 accounts with Lloyds Group banks, and another 19 with HSBC, under various names.

On August 31 he managed to successfully transfer £1,000 from one of the new accounts to a different account using the name Mr Worswick, and then withdraw the cash.

Two days later, the 32-year-old tried another transfer from a different account but the transaction was picked-up by the bank, and the alarm raised.

Mr Scapens said that had Jones been successful in getting all the accounts set up and their overdraft facilities used to the full, the scam could have been worth £92,500.

The court heard police went to Jones' house on September 26, and during a search of the property found a list of people's personal details that Jones had been using in the applications.

The officers also found a quantity of amphetamine on his bed.

During his subsequent police interview he answered all questions "no comment".

Jones, who also goes by the name Carl Daniels, of March Hywel, Cilfrew, Neath, had previously pleaded guilty to fraud by false representation, converting criminal property, and possession of amphetamine when he appeared by videolink from Swansea prison for sentencing.

The court heard that in May this year Jones was jailed for the same offences - fraud by false representation and converting criminal property - which had involved opening multiple accounts with HSBC. On that occasion he had got away with £13,650.

He had been released from that sentence two days before his latest offending began.

Jones also had a previous conviction for supplying the drug ecstasy in 2009, for which he had received a suspended sentence.

No mention was made in court of where or how Jones obtained the personal details he used in the frauds.

Lee Davies, for Jones, said a friend of the defendant's had shown the Swansea-born dad-of-three how to apply for multiple accounts using people's information.

But he said banks were good at spotting such fraudulent applications, and "very few" of his client's attempts had been successful.

Judge Paul Thomas told Jones his actions had been "brazen", starting as they did so soon after his release from prison for the same offence.

Giving the defendant credit for his guilty pleas the judge sentenced Jones to 28 months in prison for the fraud and to 28 months for converting criminal property - the sentences will run concurrently, making a total of 28 months.

Jones will serve half that time in custody before being released on licence.

The judge ordered the forfeiture and destruction of the lists of personal details, and of the amphetamine.

Speaking after the sentencing detective constable Ben O'Shea, who investigated the case for the dedicated card and payment crime unit (DCPCU), a specialist police unit sponsored by the banking industry, said the case should send out a clear message to others tempted to engage in such activity.

He said: "This convicted fraudster began offending again as soon as he was released from prison.

"Now thanks to the work of the DCPCU he was been swiftly brought to justice.

"This sends a clear message to any would-be fraudsters that you will be caught and punished."

uaware comment

Many reading this article would be lead to believe that this was victimless crime. I mean, banks will just claim off their insurance won't they ! Well, if this miscruant was using actual peoples details, they are the victims. Effectively the crook was stealing peoples identities. If he took further action, such as going overdrawn on the bank accounts or forfeiting after taking out a loan; that would affect the credit rating of the individuals (victims) his forged.

So, in the future the victims will not be able to take out a loan, hire a mobile phone, get a mortgage, set up a gas electricity or water account. That is just the tangible things, what about the victims health ?

28 months sentence, out in 14 !

(1st November 2018)

(Mail on Sunday, dated 29th October 2018 author Toby Walne)

Full article [Option 1]:

Victims of vile 'ransomware' computer attacks are being urged to ignore the sick demands - or face yet more blackmail threats.

Hundreds of readers have contacted The Mail on Sunday in the past few days to share their horror at receiving a twisted demand for money to avoid embarrassing details of their private life being exposed to everyone - even though they have done nothing wrong.

The vast majority of those targeted have ignored the unpleasant messages - as they should - but not everyone.

The new web crime, revealed in The Mail on Sunday last week, involves emails from criminals claiming the recipient has been caught watching an adult website and that this act has been captured on their computer camera.

To make it appear credible the blackmail threat also includes personal information about the target, such as online passwords and phone numbers. There is then a financial ransom demand - £250 or more - that must be paid in Bitcoins to stop private details and images being shared with family, friends and work colleagues.

Stuart Peck is cyber security strategist at computer consultancy ZeroDayLab. He says 'If an attacker had really managed to compromise your computer they would not want you to know about it. These emails rely on panic and intimidation that threaten to destroy your life. If you pay up the attacker will know you have something to hide.'

Once on the criminal's radar, you can then be put on a 'sucker list' where further demands for money will be made - and your details sold to other criminals who know you are susceptible to online and phone fraud attacks. For those concerned about being a target of a 'ransomware' attack, Peck has some basic, but effective, advice.

He says: 'You can always find a small piece of paper to stick over the camera of your laptop, tablet or possibly even smartphone. This way you can be certain no one is watching you with a view to subjecting you to a ransomware attack.'

A key reason why many 'ransomware' targets are stressed by the experience is a nagging fear criminals have indeed hacked into their computer - confirmed by their knowledge of passwords and phone numbers. Peck adds: 'Unfortunately such private information can come from public breaches and be picked up for free by criminals. If you have been compromised in the past change passwords immediately.'

To find if you have been hacked from such a breach, Peck suggests that you visit - a website set up by Australian security researcher and blogger Troy Hunt who wants to stamp out the crime. Tap in your personal email address and the website will indicate whether any personal information may have been leaked.

The most recent high-profile data breach was at British Airways. Last week, the airline confirmed a cyber attack earlier this year had been more extensive than initially indicated, potentially affecting 565,000 passengers rather than the 380,000 it had first suggested. Hackers could have stolen personal and financial details provided by passengers when booking flights.

In another major data loss, 50 million Facebook accounts were compromised, giving hackers potential access to user names and passwords. Although it is impossible to protect yourself from a data breach you can be vigilant about any of your personal details landing in the lap of hackers.

Hackers try to steal personal details by 'phishing' - tricking you into parting with information such as passwords and bank account details. They might pretend to be an organisation such as your bank, favourite internet shopping website, an online payment system such as PayPal or even the taxman.

Typically, they state there has been a security breach and that you must not share your private information with anyone but them. They then use the details to empty your bank account.

You should also be wary of clicking on an 'unsubscribe' link. Before proceeding, check the email has been sent from the company it claims to be. Click on the 'address' the email was sent from - usually a fake sender will have a different name from the company it reports to be, with a foreign suffix rather than more common '' or 'com' endings.

Clicking on pop-ups claiming to offer you extra security - such as anti-virus software - should also be avoided. They could be crooks.

Much of the headache of fending off cyber criminals can be avoided by installing security software. But never download software offered in a pop-up window as it may be 'malware'. This is the term for malicious software used by criminals looking to plant viruses on someone's computer, enabling them to steal key personal data.

Anti-virus software can be downloaded for free from providers such as Avira and Sophos to stop such unwanted pop-ups. Packages from security software firms such as McAfee, Intego, Norton and Bitdefender cost around £30 a year. These should stop viruses getting into your computer - though they will not necessarily prevent 'ransomware' threats.

(1st November 2018)

(Mirror, dated 21st October 2018 author Dean Durham)

Full article [Option 1]:

Reader George from Sheffield received a shock this week when he received court papers served on him by an unscrupulous trader.

On 27th June George received an unexpected parcel containing an electric blanket and an invoice for £259.99 payable in 14 days.

George called the number but there was no answer.

For the next three weeks he continued to try the number, and, on each occasion, no-one answered.

He then received a debt collection letter stating that he had 7 days to pay in full, failing which court proceedings would follow.

Again, George tried to call the number without success. All then went very quiet.

There was no return address with the packaging/invoice but there was a phone number displayed.

Then on 11 th October George received a further letter this time containing court papers claiming payment of the £259.99 plus £125 solicitor costs and £25 court fee.

George contacted me for help.

I've immediately told George that this is a scam, but rather than taking his money he's in the unique situation where the fraudster is the one that's lost out this time.

Here's why: George did not order the electric blanket, so this is classed as 'unsolicited goods'.

The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 state that where a consumer receives unsolicited goods they are treated as an unconditional gift - meaning that you do not have to pay for them or return them.

These court proceedings are therefore doomed to failure. Its also worth mentioning that George has now seen the same electric blanket for sale in Argos for £109.99.

In contrast to George's story, Helen from Leeds was sent two pairs of trainers by Sports Direct 'by mistake'.

She asked me if she was entitled to keep them and I advised that she wasn't, as they had been sent to her in error and Sports Direct were therefore entitled to get them back or receive payment.

However, in these circumstances Helen did not have to pay the cost of sending the trainers back.

(1st November 2018)

(Daily Mail, dated 20th October 2018 author Victoria Bischoff)

Full article [Option 1]:

Scammers are using cheap and widely available technology to make calls and send texts which appear to come from your bank.

The deception, known as spoofing, lets the caller choose what phone number is displayed on the recipient's phone when they call up.

It means a fraudster could find out the number of the victim's bank and make it flash up on the recipient's phone when they call - even though they are in fact calling from an entirely different number.

Text messages can also be 'spoofed' to make it look as if your bank is messaging when it is actually coming from a scammer's phone.

A Daily Mail investigation has discovered that with a simple Google search anyone can access a host of online services which allow people to make spoof calls and text messages.

Experts warn that while these websites and mobile apps advertise themselves as a harmless way to 'prank your friends', they can just as easily be used by people for more sinister purposes.

Money Mail has heard from scores of bank transfer victims who said fraudsters had managed to convince them they were really calling from their bank. They told them to check the number they were calling from against the one on the back of their debit or credit card or on the firm's official website.

When it matched, the victim was reassured the call was genuine and followed the caller's instructions to transfer vast sums of money out of their account.

One provider of the spoofing service - CrazyCall - allows people to change their caller ID and alter the sound of their voice to make it higher or lower pitch.

On its website it says: 'CrazyCall is the ultimate tool for making prank calls and fooling your friends. You can change your caller ID, so when you call someone he sees on his caller ID display the number you selected.'

It sounds like harmless fun but for just 75p per minute (plus an access charge) Money Mail was successfully able to use the site to call a landline from a mobile phone and make it look as though the call was coming from Lloyds' customer service number.

So if someone picked up the phone they would think the call was coming from their bank. Some services block official numbers such as those belonging to certain banks and the taxman. But even then not all numbers are barred.

For example, British website prevented users from posing as most major UK banks.

But it was possible to make it look as though the HMRC income tax office was calling. And using the US version of that site - - Money Mail was still able to call a UK landline from a UK mobile phone and make the HSBC customer service number flash up on the caller ID.

Separately, experts said fraudsters can use other legitimate services - that allow people to make calls and send messages over the internet - to send texts which appear in the same chain as previous genuine messages from their bank.

It means it is often impossible for customers to tell if a text message is really from their bank.

As part of the Mail's Stop The Bank Scammers campaign, we called on telecom providers to do more to identify and stop scam text messages getting through.

Just last month Money Mail revealed how even a top fraud chief at Britain's biggest bank can sometimes not tell the difference between a fake and genuine text message.

Regarding the fake texts which appear in the same chain as past real messages from your bank, Scott McGready, from the National Cyber Security Tactical Advice team which aids law enforcement, said: 'A fraudster only has to learn a few lines of basic code - rules that instruct a computer to do something - and they can use these systems to make it look as though a text message has been sent by a legitimate company such as a bank.

'The infrastructure behind the whole mobile system needs overhauling. If Royal Mail can stop suspicious letters being posted through people's letterboxes, why can't mobile phone companies do the same thing? We need a spam folder for text messages like people have for their emails so people know to be cautious.'

Gareth Shaw, from consumer group Which?, said: 'People lose life-changing sums of money after falling victim to this type of scam, which is becoming increasingly difficult to spot.' and CrazyCall did not respond to requests for comment.

The City of London police said number spoofing apps and websites are legal. However, it is illegal to use them to commit a crime.

(1st November 2018)

(Heart FM, dated 20th October 2018)

Full article [Option 1]:

There's a warning to elderly residents in Kent to be on the look out for rogue traders.

It's after a man demanded £3000 to clear a pensioners drains.

He called at her door in an area close to Robin Hood Lane- claiming that a neighbour had already agreed to have their drains cleaned and had gone to the bank to get money.

But when pressed to provide details the fraudster refused citing data protection laws.
Lukcily the woman refused to hand over any money and called police.

Sergeant Andy Gallon said:

'This man appears to be targeting elderly people by cold calling and demanding cash up front. Often in these circumstances any work that is subsequently carried out is either completely unnecessary or substandard. Our advice remains the same for anyone dealing with cold callers. Do not deal with people who knock on your door offering work on your home or garden and if you have any concerns about their behaviour call the police.'

Kent Police is reminding residents of further steps to take to deter rogue traders, who may also offer services such as cleaning driveways or roof and guttering repairs:

- Genuine companies will not expect cash in advance or tell you to go to the bank to withdraw money.

- Use reputable traders who are members of the KCC Trading Standards approved trader scheme, run in partnership with Checkatrade.

- Ask for quotes in writing and check that the tradesperson is from the company they say they are from.

- Ring at least three traders to get a feel for an average price for the job.

- Call 101 to report any problems involving suspected rogue traders or call the Citizens Advice Consumer Services Consumer Direct on 03454 040506.

uaware comment

These rogue traders may be operating in Kent this week, but they may be knocking on your door tomorrow !

(1st November 2018)

(Daily Mail, dated 18th October 2018 author Angelique Ruzicka)

Full article [Option 1]:

A long-awaited name check safeguard will be launched next year to help fight fraud and alert bank customers to suspicious transactions if the name of someone they are paying does not match the account details they're filling in online.

It is hoped the new 'confirmation of payee' service will help tackle authorised push payment fraud - which happens when people are tricked into making a bank transfer directly to a criminal.

Paul Horlock, chief executive of new payment body Pay.UK, said: 'Confirmation of payee will let you check you have the correct name for the person or business you're paying, giving better protection against certain types of fraud, and helping to stop accidental mistakes too.'

'When someone is setting up a new payment, if the name matches, there will be confirmation of this - which could be a green tick, for example.'

Gareth Shaw, Which? money expert, welcomed the move but added: 'Customers will wonder why banks have dragged their heels and not implemented this system years ago, as it could have prevented a significant amount of fraud.

'With losses to bank transfer fraud increasing drastically it's clear this measure can't come in soon enough.'

Figures from trade association UK Finance show that in the first half of 2018 consumers lost £92.9million because of APP fraud.

Currently, the account name is not checked when sending an electronic payment - but under the new service banks will check the name on the account when someone is setting up a new payment or amending an existing one.

Consumers will be warned if the details do not match up - which should help prevent payments being made to fraudsters or even prevent mistakes.

Banks, building societies, and other payment providers will be able to roll out confirmation of payee during 2019 as a way for their customers to check who they are paying.

Pay.UK said the move will reduce the risk of errors and certain types of fraud, such as malicious redirection invoice scams where, by posing as a legitimate business known to customer, people are convinced to redirect a payment to an account controlled by a fraudster.

Victims end up losing huge amounts of money because their bank made the transfer on their instructions - unlike in cases when payments are fraudulently made without customers' authorisation and banks are generally obliged to give a refund.

Horlock said: 'Sending a payment with an incorrect sort code or account number is like addressing a letter with the wrong post code.

'Even if you have used the correct name it won't reach the intended destination - and fraudsters have become increasingly sophisticated in using this to trick people into sending money to the wrong account.

'If the name does not match, it is then up to the sender to decide whether or not to proceed with the payment - but the risks will have been made clear to them beforehand.'

Account providers have previously been criticised for not doing more to shoulder the burden when victims lose money as scams become increasingly sophisticated.

A new industry code is also being developed which could help victims of APP fraud get their money back when they have shown a requisite level of care.

However, someone who makes a payment despite being told the name does not match may risk being judged not to have taken due care - ruling out any form of compensation.

The confirmation of payee won't be the solution to all types of crime. It doesn't, for example, tackle scams where people are tricked into paying up-front for goods which never arrive.

Shaw added: 'While we await its introduction, it's crucial that an agreement is reached on the funding mechanism to reimburse all victims of bank transfer fraud who have been left out of pocket through no fault of their own.'

A spokesman for trade association UK Finance said: 'Pay.UK's announcement provides some useful clarity on the development of confirmation of payee, which will play an important role in preventing fraudsters from tricking victims into sending money to the wrong account.'

He said the industry will continue working with other bodies to ensure the plans can be put into place.

He added: 'At the same time, the industry will continue fighting fraud on every front, investing millions in advanced security systems to protect customers and supporting law enforcement in combating the organised criminal groups responsible for fraud.'

Six ways to outfox the cyber--criminals (Compiled by Laura Shannon)

- ASSUME any caller claiming to be your bank or utility provider could be a fraudster. It might sound unfair and the call may be genuine - but being sceptical from the start could help protect you.

- CALL your bank back on a different phone line if you are not sure a call is authentic. Use the phone number on the back of your credit or debit card. If calling from the same phone wait at least five minutes for the current call to be disconnected. Otherwise a fraudster could simply stay on the line while you dial.

- KNOW the hallmarks of fraud. There will be convincing lies throughout a scam and the perpetrators will sound intelligent and authoritative. But typical requests include being asked to: provide a code, a PIN, move money to a different account, repay a sum accidentally put in to your account, reveal passwords or allow remote access to your computer. Do not comply.

- BE careful about what links you click on emails, or what attachments you open. Scammers know how to imitate your friends or big brands in messages. These links could contain viruses that, once on your computer, allow fraudsters to spy on you when you enter log-in details for online banking. Or they will pose as big brands and demand personal information that you should not surrender.

- UPDATE anti-virus software on your computer and regularly change passwords on online accounts.

- LEARN more ways to protect yourself with help from websites such as and

(Yorkshire Evening Post, dated 18th October 2018 author Andrew Hutchinson)

Full article [Option 1]:

Bank customers will be warned if the name of someone they are trying to pay does not match the account details - in the latest step to combat scams where people are tricked into transferring money to a fraudster.

Payments body Pay.UK has unveiled details of how the new "confirmation of payee" service will work.
Currently, the account name is not checked when sending an electronic payment - but under the new service banks will check the name on the account when someone is setting up a new payment or amending an existing one.

Consumers will be warned if the details do not match up - which should help prevent payments being made to fraudsters or simply when a mistake has been made.

Banks, building societies, and other payment providers will be able to roll out confirmation of payee during 2019 as a way for their customers to check who they are paying.

Consumer group Which? welcomed the move - but said customers will wonder why banks have "dragged their heels" and not put it in place before.

Pay.UK said the move will reduce the risk of errors and certain types of fraud, such as malicious redirection invoice scams where, by posing as a legitimate business known to customer, people are convinced to redirect a payment to an account controlled by a fraudster.

It is part of wider efforts to combat authorised push payment (APP) fraud - which happens when people are tricked into making a bank transfer directly to a criminal.

Victims can end up losing huge amounts of money because their bank made the transfer on their instructions - unlike in cases when when payments are fraudulently made without customers' authorisation and banks are generally obliged to give a refund.

Paul Horlock, chief executive of Pay.UK, said: "Sending a payment with an incorrect sort code or account number is like addressing a letter with the wrong post code.

"Even if you have used the correct name it won't reach the intended destination - and fraudsters have become increasingly sophisticated in using this to trick people into sending money to the wrong account.

"Confirmation of payee will let you check you have the correct name for the person or business you're paying, giving better protection against certain types of fraud, and helping to stop accidental mistakes too."

When someone is setting up a new payment, if the name matches, there will be confirmation of this - which could be a green tick, for example

If the name does not match, it is then up to the sender to decide whether or not to proceed with the payment - but the risks will have been made clear to them beforehand.

Alongside these changes, a new industry code is being developed which could help victims of APP fraud get their money back when they have shown a requisite level of care.

Someone who makes a payment despite being told the name does not match may risk not being judged not to have taken due care - potentially making it more likely they will never see their money again.

There will be some scams which confirmation of payee cannot address - such as when people are tricked into paying up-front for goods which never arrive.

Figures from trade association UK Finance show that in the first half of 2018 consumers lost £92.9 million because of APP fraud.

Account providers have previously been criticised for not doing more to shoulder the burden when victims lose money as scams become increasingly sophisticated.Pay.UK was previously known as the New Payment System Operator.

Gareth Shaw, Which? money expert, said: "It's right that banks and building societies have finally been forced to introduce this much-needed check at the point of transfer. However, customers will wonder why banks have dragged their heels and not implemented this system years ago, as it could have prevented a significant amount of fraud.

"With losses to bank transfer fraud increasing drastically it's clear this measure can't come in soon enough.

"While we await its introduction, it's crucial that an agreement is reached on the funding mechanism to reimburse all victims of bank transfer fraud who have been left out of pocket through no fault of their own."


(1st November 2018)

(Guardian, dated 18th October 2018 author Rupert Jones)

Full article [Option 1]:

Name checks will be carried out when UK bank customers send money to other people from next year in a bid to halt a rising tide of bank transfer fraud.

At the moment, anyone wanting to transfer money is asked for the recipient's account name, account number and sort code. However, the bank does not currently check if the account name is correct.

In recent years, fraudsters "have become increasingly sophisticated in using this to trick people into sending money to the wrong account," said the UK's payments operator, Pay.UK.

It added that the new measures should help prevent many fraudulent payments from being made by "introducing another hurdle" for criminals and issuing effective warnings about the risks of sending money to an account where the name does not match.

From next year, the so-called "confirmation of payee" system will mean customers can check they are paying the right person.

When a customer sets up a new payment or amends an existing one, there will be three possible outcomes. If they used the correct account name, they will receive confirmation that the details match, and can proceed with the payment.

If they used a similar name to the account holder, they will be provided with the actual name to check. They can then update the details and try again, or contact the intended recipient to check the details. But if the customer enters the wrong name for the account holder, they will be told the details do not match and advised to contact the person or organisation they are trying to pay.

In the past few years, fraud in the UK payments industry has soared as criminals develop increasingly sophisticated tactics to steal cash. Criminals have been hacking into the email accounts of builders, solicitors or other tradespeople that the consumer has legitimately employed, then getting them to send large amounts of money to criminal accounts.

The Guardian has featured a number of these cases, which are also known as "authorised push payment" scams or email intercept fraud. In October 2017 it emerged that an Essex couple lost £120,000 after sending money to what they thought was their solicitor's bank account.

It is understood the new regime is expected to be in place for many, but not all, banks by the middle of 2019.

Gareth Shaw from the consumer group Which? said: "It's right that banks and building societies have finally been forced to introduce this much-needed check at the point of transfer.

"However, customers will wonder why banks have dragged their heels and not implemented this system years ago."

(1st November 2018)

(Mirror, dated 17th October 2018 author Tricia Phillips)

Full article [Option 1]:

No one is safe from financial crooks but the under 21s are fast becoming the key target for fraudsters.

There has been a 24% increase in the cases of younger people falling victim to identity fraud over the past year, new research reveals.

And a worrying 26% rise in the numbers of under 21s being persuaded, or duped, into acting as money mules for rogues.

The latest figures from Cifas, the UK's leading fraud prevention service, also show that more than a third of victims of plastic payment card fraud on debit, credit or store cards were younger people.

Chief Executive Officer of Cifas, Mike Haley, said: "Our new figures are alarming to say the least. Young people are increasingly at risk of becoming victims of identity fraud, with little idea of how to protect themselves.

"We're calling on bank in particular to ensure that they are providing young people with the necessary knowledge to prevent them falling victim to fraud - or becoming fraud perpetrators."

Some £236million was lost to scams in 2017 and financial firms such as Lloyds Banking Group have 24/7 fraud teams dedicated to trying to protect customers from the every-increasing risk from financial fraud.

Their mule hunting team has frozen more than £1million from crooks trying to trick people into receiving and transferring cash.

Paul Davis, Retail Fraud Director, Lloyds Banking Group, said: ""We have sophisticated, multi-layered defences in place to help protect our customers from scammers.

"Fighting financial fraud is a concerted effort between the banks, the police and all of us - the more we all know about how to spot it, the safer we will all be."

We all need to be on our guard to try and keep ourselves safe from clever crooks who keep coming up with sophisticated scams that even the experts sometimes find hard to spot.

What is identity theft?

Crooks gather personal information about a person such as name, address, date of birth - often information they can gain very easily via social media sites - so they can impersonate someone to get access to their financial accounts or to take out credit in a victim's name.

They will use every trick in the book to try and get people to give them personal and financial information and to gain access to someone's computer and financial accounts.

Becoming a victim of ID theft causes havoc to peoples' lives and can take months, sometimes years to get finances back on track. It can lead to people being unable to access any credit or to end up being hit with extortionate rates of interest on the products they do get offered.

5 ways to stay safe

1. Keep a regular eye on your credit report. You can then spot if anyone else is trying to access credit in your name and shut it down immediately.

2. Make sure anti-virus software is kept updated on all of your devices.

3. Use different passwords for each account - and choose them carefully, mixing upper and lower case letters, numbers and symbols.

4. Check your bank statement regularly for signs of fraudulent activity.

5. Only carry out financial transactions or access financial accounts over a secure internet connection - never on free WiFi in cafes, on trains or other public places.

What is a money mule

This is where an individual allows their bank account to be used to facilitate the movement of criminal funds, a form of money laundering which carries a maximum prison sentence of up to 14 years.

Social media is a key place for criminals to recruit money mules with offers of quick and easy way to make some cash.

The consequences of getting caught moving fraudulent funds are serious. Mules will be left with no bank account, a damaged credit score and that will mean they won't be able to apply for a mortgage, loan or even a mobile phone contract in the future.

There is also the risk of up to 14 years in prison.

Don't Be Fooled is a partnership between Financial Fraud Action Uk and Cifas to inform students and young people about the risks of giving out their bank details to try and help deter them from becoming money mules.

How to keep yourself safe

- No legitimate company will ever ask yo to use your own bank account to transfer their money.

- Be especially wary of these types of offers from people or companies overseas - this will make it harder for your to find out if they are legitimate.

(1st November 2018)

(Guardian, dated 17th October 2018 author Anna Tims)

Full article [Option 1]:

Both of these letters are depressingly similar and should be a warning to everyone who banks online.

I transferred £20,000 into our pension plan, but the money never arrived. I had asked my financial adviser at Brewin Dolphin for the relevant bank details and he sent them by email. It seems it was intercepted and the bank details changed so the transfer went into someone else's account.
Brewin Dolphin says its email system has not been corrupted. My provider says my email address has not been compromised in the last six months. My bank has tried to recover the money but says it has vanished.

CC, Fort William, Highland


I had some building work on my flat. The builder emailed me his bank details, but, before I'd paid, he emailed again to ask if part of the amount could be paid into a different (Lloyds Bank) account. I duly transferred £6,300. However, the request was fraudulent.

The builder's PC had been hacked, and he noticed I had replied to an email that had not been sent by him. It was then too late to stop the payment, but I immediately alerted my bank (HSBC) and also reported it online to Action Fraud.

The fraudster continued to email me, asking if I was going to make another payment, and this, too, I reported. However, I now seem to have reached a dead end.

Action Fraud says it cannot provide updates within three months of a complaint. Lloyds Bank says it cannot deal direct with me, and HSBC has passed me to its "fraud complex complaints team" (which doesn't appear to have a phone number or email address and won't give me a contact name). This tells me that Lloyds won't provide details of the beneficiary account due to data protection, but that some of my money is still there. To recoup it, it says, is a civil matter I'd have to pursue in the courts.

I cannot understand why HSBC will not act on my behalf, at least to ascertain how much is remaining in the account.

JV, Exeter

Both of you are victims of an increasingly prevalent scam whereby criminals hack into personal or business email accounts, intercept any messages concerning pending payments and send an email from the hacked account changing the details in their favour.

The scam cost consumers £145.4m in the first half of this year, according to UK Finance. It's known as "push-payment fraud" and, unlike credit card or direct debit payments, there is no protection for customers who lose out.

This could change. A code proposed by the Payment Systems Regulator last month might require banks to reimburse victims - provided they were not negligent when making the payment - although the code would be voluntary and it's not clear who will fund the compensation.

In the meantime, you have both been left in legal and regulatory limbo. In CC's case, Brewin Dolphin maintains its system was not compromised and therefore the hacker must have targeted your account.

It points out that the Have I Been Pwned website, which checks whether emails have been affected by data breaches, shows your email has been compromised five times.

Moreover, the scam email you received contained a different domain name to Brewin Dolphin's. Ordinarily, the Financial Ombudsman Service can investigate whether a company has dealt reasonably with such a complaint, but not in your case because email hacking isn't a regulated activity.

Unless you can stomach the prospect of challenging Brewin Dolphin's system security through legal action there is, excruciatingly, nothing more you can do.

The problem for JV was that the fraud only came to light four days after the payment.

HSBC says it contacted Lloyds immediately and Lloyds says it froze the beneficiary account, but, by then, contrary to what you were told, the money had apparently vanished.

Depressingly, the authorities have been of no help. Action Fraud eventually told you that, due to overload, it would not be investigating and referred you to the police.

The police replied that they, too, could not do anything "because of the high level of fraud reporting and limited police resources to investigate economic crime".

HSBC referred you to the Ombudsman but the response was the same, and it is yet to investigate.

Precaution, therefore, is the only protection. If details are sent by email, and particularly if they suddenly change, ring the person or company to check they are bona fide. When possible, pay by credit card - or even by cheque, which can, at least, be stopped.

(1st November 2018)

(BBC News, dated 17th October 2018 author Kevin Peachey)

Full article [Option 1]:

The majority of those tricked in "rom-cons" after meeting people on dating sites lost more than £2,000, research by Barclays suggests.
Fraud experts have said that thousands of people have lost millions of pounds in online dating scams.

Barclays found those aged 45 to 64 were most likely to be victims, according to reports it has received from people tricked into making payments.

Dating site users are being urged not to take everything at face value.

The bank suggested that many people were judging those they met online based on their social media profile, their job, or simply trusting them too soon.

"While millions of us take to dating websites and apps to find true love, criminals are getting ready to pounce on anyone who lets their guard down," said Jodie Gilbert, head of digital safety at Barclays.

"We must all remain aware whilst looking for the warning signs, such as someone asking you to help them out of an 'unfortunate situation' by sending money."

The bank said its figures showed that 37% of those who had lost money had paid more than £5,000 to a fraudster.

The BBC has highlighted a number of cases in recent years including one woman who lost more than £300,000 and said she felt emotionally "brutalised". She thought she was paying money to her new love interest for food, rent and medical bills.

In another case, a lonely 86-year-old man said he was left suicidal after a woman he messaged through online dating, but had never met, conned him out of £6,000.

Online safety advice (Source: Action Fraud)

- Criminals who commit romance fraud trawl through profiles and piece together information such as wealth and lifestyle, in order to manipulate their victims

- Police can investigate and help to provide support, but often cannot get the money back

- It is very simple for fraudsters to cover their tracks by masking IP addresses and using unregistered phone numbers

- Never send money to someone online you have never met

- Think twice about posting personal information which could be used to manipulate or bribe you,

Action Fraud :

(1st November 2018)

(Derby Telegraph, dated 16th October 2018 author Martin Naylor)

Full article [Option 1]:

A "Svengali-like" fraudster from Derby who fleeced more than £32,000 from elderly and vulnerable pensioners has been described by a judge as "deceitful and dishonest beyond measure".

Conman Shaun Rafferty span lie after lie to his main victim, an 88-year-old city man, telling him his own son had been involved in a suicide attempt, his sister had died and his daughter had been seriously injured in a road accident.

When the police first became involved, the 47-year-old, of Mayvale Grove, told the man he would tell the police how the pensioner had sexually assaulted him.

Then, while under investigation for stealing more than £30,000 from that victim, he targeted female pensioners, one of whom suffered with dementia.

He took that woman, who was aged 78, to her bank in St Peters Street, telling staff there he was her grandson and asking for them to provide him with a debit card so he could access her account.

'You fleeced them mercilessly'

Jailing him for 40 months, Judge Shaun Smith QC said: "You are a user and manipulator who is deceitful and dishonest beyond measure.

"You quite deliberately targeted elderly and vulnerable people, one of who had dementia.

"The victims were aged between 78 and 88 and you fleeced them mercilessly.

"In terms of the male victim, he is a good Christian man who felt good about giving you money because he thought he was helping you.

"One of the many sad things about the case is that he genuinely wanted to help you, and he thought he was, and you fleeced him.

'How low can a human being go?'

"You span stories about family members who had died, been raped and suffered serious injuries.

"And one time you tried to scare him by saying you would go to the police to say he had sexually assaulted you.

"How low and despicable can a human being go than to do that to an 88-year-old man who, at that stage, had given you something in the region of £20,000?"

Rafferty's 'despicable' crimes

Sarah Allen, prosecuting, said the main offence against the 88-year-old man spanned from December 2016 to September 2017.

She said they started speaking to each other through a chance meeting in the street, but within days Rafferty had gained the man's trust enough to start asking him for money.

Miss Allen spent more than 30 minutes outlining a number of occasions when Rafferty told lies to the man, a committed Christian, who was later to tell police he saw him as "a Svengali-like" figure.

She said: "He told him his sister had died in Ireland and that he needed money to fly him and his family to the funeral.

"He told him his son had died and he needed £100 for a new suit.

"On another occasion he said he needed money to take his daughter to Skegness on holiday, but the following day he came back for more money saying she had been involved in a road accident on the way to Skegness that saw her cousin killed."

###Withdrew money without receipts

Miss Allen said for the first few months Rafferty would accompany the victim to the cash point machine and told him not to order receipts for the withdrawals.

She said the bank became suspicious when the victim began internet banking and frequent transfers were made into Rafferty's two bank accounts.

Miss Allen said the other five victims had smaller amounts of money taken from them by Rafferty when they paid him upfront for jobs he never carried out.

He pleaded guilty to six counts of fraud.

Victim personal statements were read out for some of the pensioners.

'I wanted to help him'

The man said: "He told me a number of stories and I believed them.

"I am a Christian man, I wanted to help him, I didn't believe that anyone would lie about the death of a family member."

The son of the dementia-suffering victim, in his statement, said: "How can someone do this to a 78-year-old woman in her condition?

"I feel deep anger that someone can behave in such a callous manner."

Simon Molyneux, for Rafferty, said his client has a 13-year-old daughter and a wife who had written a letter to then judge on his behalf.

In this, she said she had been "destroyed by his drug addiction".

Mr Molyneux said: "He knows he going to serve a considerable prison sentence that he richly deserves."

(1st November 2018)

(Daily Mail, dated 15th October 2018 author Press Association)

Full article [Option 1]:

A fraudster has been jailed after he took a £1 million loan meant for humanitarian work and spent it on motorbikes and a Jaguar car.

Keith Morgan, 61, convinced a New York City-based investment manager the money would be spent to set up a mobile field hospital for refugees.

He told would-be investors he was a successful investment specialist who had dealt with billion-pound transactions and owned prime real estate in Hollywood where he planned to build and sell homes worth 50 million dollars (£38 million).

One investor in the US was taken in by Morgan's lies, and handed over £998,900 thinking it would be used to help set up the mobile hospital.

Cardiff Crown Court heard Morgan immediately laundered the money and made a number of extravagant purchases, including a £68,000 Jaguar and two motorbikes costing a total of £17,000.

South Wales Police began investigating Morgan when his bank alerted them about the large sum of money deposited in his account.

He was arrested and on Monday was found guilty of fraud and two counts of money laundering.

Morgan, from Church Village, Rhondda Cynon Taff, was jailed for eight years and eight months.

Approximately £750,000 from his fraud has been recovered.

After the sentencing Detective Constable Neil Richards said: "This was a long and complex case but which had at its core a relatively simple concept - a persuasive conman who managed to obtain, fraudulently, a huge sum of money which he then attempted to spend.

"We are pleased that the majority of the money has been recovered, although work will continue to attempt to get the remainder back as well.

"I want to pay tribute to colleagues in South Wales Police as well as the banks involved, and partners across the world, who have helped us pursue this investigation."

uaware comment

Sometimes an act of goodwill is not what it seems. Check with the Charity Commission before donating to a charity you have never heard of.

(1st November 2018)


(Cheshire Live, dated 15th October 2018 author Andrew Cain)

Full article [Option 1]:

Cheshire police have announced that this week they are carrying out a week of action against rogue traders, fraudsters and scammers , who employ cunning tricks to try and con people, often the vulnerable or elderly, out of their hard-earned money and savings.

There has been a number of scams in the news recently, many of which we report on here at Cheshire Live , and always these reports tell people of the warning signs you need to watch out for so you know when you're being conned.

But the tricks used by fraudsters are getting more and more sophisticated, and in some cases scammers are adapting their tricks to keep up with the modern world.

With that in mind, here are eight scams which have been in the news recently, some which have been around for years and some which are brand new.

They have been featured on this website and some of our sister titles, along with advice on what to watch out for to make sure you don't fall victim to the con artists.

iTune scams

Cheshire police are warning that fraudsters can call vulnerable people on the phone, claiming that the victim has an outstanding debt or balance to be paid, and saying that they will be arrested if they do not pay. The victim is then told to go out and buy iTunes vouchers from a high street store, and call the fraudster back to give them the voucher codes to 'settle their debt'.

Between April 1, 2015 and March 31, 2018, 11,329 incidents involving iTunes vouchers have been reported nationally, resulting in £6,561,380 being lost to fraudsters. But Detective Chief Inspector Karen Jaundrill said: "As part of our ongoing work to prevent this type of fraud we're working closely with supermarkets and convenience stores to prevent vulnerable residents from purchasing large quantities of vouchers.

"I'd also urge residents to talk to any vulnerable friends or family about the scam to help ensure that nobody else falls victim.

"The message is clear - no reputable company, nor any government organisations, would ever call you and ask you to settle a balance over the phone using vouchers, nor would they threaten to arrest you."

2. Police officer impersonation scam

A Macclesfield business was called last week (Monday, October 8) by someone claiming to be called 'Mark Shepherd', who said he was a police officer calling from Cheshire Constabulary. The caller asked the person who answered to sponsor a company named Prevent by buying advertising space, saying Prevent go into schools to provide online safety lessons for children.

But police warned that even if the company is genuine, they do not work with them, with PC Bryan Dutton saying: "We do not work with this company and aren't aware of them working with schools in Cheshire. We also do not support or affiliate ourselves to any companies which cold call businesses or members of the public.

"If you receive a call requesting money and you cannot verify who they are then we would advise you don't give out any bank details, funds or personal details."

While fraudsters may not always pose as police officers they may still create a fictitious identity, so the message of verifying that people are who they say they are is still a valid one.

3. Bogus builders

Bogus workmen are some of the most common fraudsters you will hear about. They often target vulnerable members of the community and offer to do work on their properties which doesn't actually need doing - often at an extortionate price.

One recent case saw an elderly Winsford man in his 90s conned out of £200 by bogus builders, who called at his home and quoted him £4,000 for a roof repair.

Once again, police issued a number of pieces of advice on how to stay safe from this type of fraud, including never letting strangers into your house, asking cold callers for identification to prove where they say they are from, and checking they are genuine by calling the company they claim to be from.

4. PayPal Facebook scam

According to our sister site Somerset Live , scammers have reportedly been targeting potential victims through Facebook messenger, posing as the victims' friends by hacking their Facebook account and asking for the details of the victims' PayPal account.

The hacking of a friend's account has the potential to fool Facebook users who don't notice a difference in the language their friend uses, but if you are approached by a friend's account asking for any personal details, let the friend know in person that their account may have been hacked, and do not part with any money.

5. Fortnite Vbucks scam

Fraudsters have been targeting children who play the massively popular online video game Fortnite, with Cheshire police backing a recent warning aimed at parents of young gamers.

Scammers have been offering the lure of free Vbucks - the virtual currency used to pay for add-ons within the game - as a way of accessing people's accounts, and similarly to the aforementioned iTunes scam they are asked to purchase Steam Cards in order to pay for the processing of tax refunds or rebates, PPI refunds, administrative costs for processing loans and for providing anti-virus software.

Director of Action Fraud Pauline Smith said: "It is vital that both parents and those playing games online are able to spot the signs of fraud, as fraudsters will go to great lengths to try to steal your money. If you are downloading or purchasing game add-ons, make sure you use the official website. You should never reveal your password or banking details to someone you don't know, or be tempted to click on unknown links."

6. Rogue traders

Like bogus workmen, rogue traders are a common type of fraudster, with con artists selling goods that seem too good to be true, or often suspiciously cheap. Our sister website the Manchester Evening News recently highlighted a case where a man was conned out of thousands of pounds by rogue traders who sold him two TVs out the back of a van on a retail park in Trafford, before following him home and demanding the TVs back, but not returning his money. They said they would deliver two more TV sets the next day to replace them but they never returned, and the victim was instead bombarded with phone calls, saying he owed the company £4,000 to 'release the TVs from a container in Holyhead'.

GMP Altrincham said following this case: "Trading Standards advice is NEVER to do business in this way and only ever to use reputable traders."

7. Computer pop-up scams

Fraudsters have been conning people out of millions of pounds using computer pop-ups, by getting people to click on links to 'fix' the problem, before stealing their bank details.

The Manchester Evening News reported recently that Action Fraud said 22,000 victims have fallen for to the computer software service scam in the last year, with fraudsters netting a total of £21m. Action Fraud have now launched a joint campaign alongside the City of London Police to advise people on how to protect themselves from scams like this.

City of London Police temporary Det Chief Insp, Lara Xenoudakis said: "These fraudsters prey on vulnerable victims, doing everything they can to convince them there is something wrong with their computer. They use this as a way to gain immediate and in some cases multiple payments from the victim."

8. 'Ghost broking' car insurance scam

Drivers have been targeted by con artists in a scam centred around offers of dodgy car insurance.

According to the Liverpool Echo , these 'ghost brokers' have been known to approach victims through social media claiming they can negotiate better prices for car insurance, only for them to find out after an accident that their cover is actually illegitimate and therefore useless.

The fraudsters will often target young drivers and students, who are known to have higher insurance premiums on their cars, and a national awareness campaign has been launched to raise awareness of this type of fraud, led by the City of London Police and supported by Merseyside Police.

(Mirror, dated 12th October 2018 author Vicky Shaw)

Full article [Option 1]:

Anyone can fall prey to a fraudster - so learning more about the tricks scammers use is a key line of defence, writes Vicky Shaw

Could you spot the tricks scammers use? It may be harder than you think, as frauds become increasingly sophisticated.

Consumers lost £92.9 million to scams - where they were tricked into transferring money directly to a fraudster - in the first half of 2018 alone.

And adding insult to injury, people who have been tricked in this way may sadly never see their money again.

A voluntary code for banks to follow has just been proposed, which could give people more help in getting their money back.

However, victims may still find themselves out of pocket - so it's always best, if at all possible, to avoid falling for a fraud in the first place.

Nationwide Building Society recently found that three in 10 (30%) people would be willing to transfer their own money into another account 'to keep it safe' if asked by someone they thought was from the police - even though the police or a bank would never ask anyone to do this.

Stuart Skinner, director of fraud at Nationwide, whose branches are running fraud awareness events, says: "The key to thwarting the scam artists and fraudsters is education. We'd urge people to learn as much as they can about the tricks that scammers use."

Here are some of the warning signs to spot, highlighted by trade association UK Finance...

1. Purchase scam

The victim pays up-front for goods or services that are never received. These scams often happen online, such as when someone uses an auction website or social media.

A warning sign could be if you spot something of high value, such as a car, phone or computer, advertised at a low price. Fake holiday rentals and concert tickets may also be advertised online.

Victims may be persuaded by the fraudster to pay for the goods via direct bank transfer, instead of using websites' secure payment options.

2. Advance fee scam

With this scam, victims may be tricked into parting with their money as a 'fee' after being promised a larger reward.

Criminals may claim they have won an overseas lottery, or that gold or jewellery is being held at customs - and a fee must be paid to release money or goods which don't really exist.

3. Investment scam

People are persuaded to move their money into a fictitious fund, or to pay for a fake investment. The criminal usually offers high returns to entice them. These scams include investment in items such as gold, property, carbon credits, land banks and wine.

4. Romance scam

The victim is convinced to make a payment to a person they have met, often online through social media or dating websites, and with whom they believe they are in a relationship.

The 'relationship' is often developed over a long period and the person is convinced to make multiple, generally smaller, payments to the criminal.

5. Invoice and mandate scam

Scammers step into the middle of people's legitimate transactions to swipe money that was intended for someone else.

Someone could be paying a solicitor or a builder, for example, but the criminal intervenes and convinces the victim to redirect the payment into their account instead.

The criminal may persuade their victim that the bank details of the person they intended to pay have changed. Businesses can also be tricked by this scam, when trying to pay a supplier.

6. Impersonation scam

Someone pretends to be from the police or the victim's bank, to convince them to make a payment.

Often, they will claim there has been a fraud on the victim's account and they need to transfer the money to a 'safe account' to protect their funds.

However, the criminal actually controls the recipient account.

Criminals may pose as the police and ask the individual to take part in an undercover operation to investigate 'fraudulent' activity.

7. Pretending to be from a legitimate company

Fraudsters pose as organisations such as utility companies, communications service providers or government departments, and claim that the victim must to settle a fictitious fine or to return an erroneous refund.

The scams can often involve the criminal requesting remote access to the victim's computer.

8. CEO fraud

This mostly affects businesses. Criminals may access a company's email system or use spoofing software to email a member of the finance team, with what appears to be a legitimate email from the chief executive with a request to change payment details or make an urgent payment to a new account.

(1st November 2018)

(Teeside Live, dated 13th October 2018 author Gareth Lightfoot)

Full article [Option 1]:

A fraudster who swindled or stole from women with serious health conditions has started a long prison sentence.

Douglas Gribbin, 42, subjected a 68-year-old widow with a serious illness to an "elaborate deception" as he stole her jewellery and bank card.

He took her and her late husband's wedding rings and pawned them in December last year, having befriended her and become a "permanent fixture in her life".

The swindler first approached her pointing out a problem with the drive of her Middlesbrough home, said prosecutor Victoria Lamballe.

He later dug up her driveway and replaced pipes for £1,300 and the woman, who had breathing difficulties and could not walk any distance, was pleased with the work.

Gribben started visiting her almost daily and she came to regard him as a friend, Teesside Crown Court heard.

'She had not eaten for five days'

She paid him hundreds of pounds to pave her drive, fix a handrail and produce a portfolio of photos. At one point he drove her to a bank to withdraw £800 for him.

Gribben continually promised the work but it was never done.

He stole her bank card and withdrew more than £2,000 from her account in November and December, at one point intercepting her mail carrying a new PIN.

He pretended to deal with the bank on her behalf as she struggled financially without access to the account, once telling him she had not eaten for five days.

'At the end of her tether'

The deceit dawned on the woman when she contacted her bank to find she was £9 overdrawn when she should have had thousands of pounds.

She discovered jewellery of sentimental value were missing.

Gribbin also knocked on the door of a couple in their 60s in Hartlepool as a salesman, saying their driveway needed renovation.

He was paid £11,450 for legitimate work on the driveway and back garden in November 2016, and the couple were happy with it.

But when they noticed weeds growing through their driveway, which Gribbin had promised would not happen, he offered to carry out more work on the house for £7,000.

Diagnosed with motor neurone disease

The 65-year-old woman who lived there handed over thousands of pounds, including £5,400 in January and February 2017.

When she asked for some money back, he made a partial repayment and claimed he was at risk of bankruptcy.

Shortly after she was diagnosed with motor neurone disease, Gribbin texted her while she was on holiday saying weather had stopped some of the work.

Her health worsened to the extent that she would not walk or speak and could communicate only by typing through a tablet.

She texted him arranging work dates, only for him not to turn up.

Spent the money on other things

Despite being told the extent of her condition, Gribbin did not complete the work and confessed he had spent the money on other things.

He claimed he would repay it and lied to the couple repeatedly about why he had not turned up.

He claimed it was a legitimate business deal gone wrong, not a fraud, and said he always intended to pay the money back.

Finally he cold-called a 75-year-old Stockton woman and said he would carry out work for £1,075, which he did not do, and got her to sign contracts which breached consumer protection regulations.

###Previously left pensioner with just 7p

Gribbin, of Moorcock Close, Bankfields, Middlesbrough, admitted two charges of fraud, one of theft, two of possessing criminal property and three of unfair trading.

He was jailed for 20 months for theft after he helped himself to £3,000 from a 73-year-old woman's bank account to feed a cocaine habit.

She had given him her card and PIN to do shopping, but she found she had just 7p in her account when she wanted to treat her grandson.

The vulnerable pensioner, who had suffered a stroke and needed care, was hospitalised four weeks after the theft came to light.

In 2016, a judge told him: "It would be an outrage if you walked out of this court."

This time Judge Simon Bourne-Arton QC, the Recorder of Middlesbrough, jailed Gribbin for five-and-a-half years.

Gribbin was given a 10-year restraining order banning him from contacting victims or going to their homes.

(1st November 2018)


uaware comment

So instead of looking at the faults and fixing them the Government is going to rely on the open market to come up with a reliable and safe password verification system. Who is going to host that system ? Commercial organisations work to a price and that price could be poor system security. Month after month there are articles describing how this bank, airline or NHS has had customers / patients accounts hacked. No one seems to have asked if there is any commonality in these failures.

Now we are going to "rely" on commercial organisations to provide security for the UK's benefits system verification. Who pays up when benefits go fruadulently astray and claimants go without for months ?


(The Register, dated 10th October 2018 author Andrew Orlowski)

Full article [Option 1]:

It's official: the UK state's expensive-but-comatose digital identity system Verify has been taken off life support.

The minister responsible confirmed to Parliament yesterday that it will halt funding for the project after cash has been exhausted - and it's up to the private sector to decide whether to keep the vegetable alive.

But it's an unenviable option. The government can no longer guarantee that Verify will be an exclusive or even preferred ID system for public services.

"The Government expects that commercial organisations will create and reuse digital identities, and accelerate the creation of an interoperable digital identity market," said Oliver Dowden, Minister for the Implementation [sic] at the Cabinet Office. "This is therefore the last investment that the Government will provide to directly support the GOV.UK Verify programme. It will be the responsibility of the private sector to invest to ensure the delivery of this product beyond the [stated] period."

It's no surprise - Verify lost the confidence of Whitehall years ago. The project was launched in 2011 (as "Identity Assurance") with the goal of providing a single sign-on ID for public services ranging from tax collection to benefits. The goal was to have 20 million users by 2020. Consultants and the Cabinet Office's Nudge Unit dreamed (PDF) of it playing a role for consumers, too.

"The days of creating different user names and passwords for every new website are numbered, thank goodness," promised GDS Maximum Leader Mike Bracken* in November 2011.

A successful identity framework would mean departments didn't have to roll their own. But that's exactly what happened. HMRC was obliged to extend the ageing Government Gateway itself, and the Department for Work and Pensions (DWP) decided Verify couldn't cut the mustard for the Universal Credits system, as we exclusively revealed here. DWP also had to develop its own identity system. The other big service, the NHS, never took Identity Assurance/Verify serious in the first place.

People had problems too, as the BBC's Rory Cellan-Jones found in 2014. Two years later, the success rate for creating new identity accounts was just 72 per cent.

How it all went wrong

The Cabinet Office and GDS were putting a brave face on it right to the end - while attempting to conceal the cost of the failure.

In July, public administration watchdog the Infrastructure and Projects Authority downgraded its likelihood of success.

Unlike most of the other major projects for which data is provided, the government did not list the budget for the year or the whole life cost of Verify, instead stating: "Exempt under Section 43 of the Freedom of Information Act 2000 (Commercial Interests)."

Over seven years, no one outside The Reg gave the failure as much scrutiny as blogger David Moss. Last year he noted that GDS - originally intended to end the consultancy racket - was providing lots of work for outside consultants. If the government was slow to cotton on to the flop, that's because the Cabinet Office kept its lack of progress hidden as best it could.

Asked to list the main reasons Verify failed, Moss included lack of technical knowledge ("GDS dressing up in Google's clothes doesn't make them Google"), lack of experience, and poor social and interpersonal skills that alienated Whitehall clients.

"We may all hate office politics but you better be good at it if you want to get anywhere," said Moss.

Some of the blame-shifting that characterised Bracken's GDS is evidenced in a Cabinet Office statement. "User volumes have been lower than forecast due to slower than anticipated digital transformation across government," the department said. "Work is underway to develop cross-government agreement on the approach to digital identity in the intermediate term."

(1st November 2018)

(Mirror, dated 9th October 2018 author Emma Munbodh)

Full article [Option 1]:

"Good morning, this is a call from Microsoft Tech Support to fix your computer, have you got a moment?"

Millions of people experience issues with temperamental phones, routers and laptops every single day - from slow downloads to computer viruses - it's incredibly common.

That's why receiving a seemingly helpful a call from a Microsoft expert trying to fix it can make perfect sense.

Until you realise it's not them.

In a new warning, the UK's anti-fraud agency has issued an alert to consumers over the 'computer software' scams that are conning people out of money - and their data - every single day.

This type of fraud can start with either a phone call, an email or a pop-up message appearing on your computer, stating there is something wrong with your device or internet connection that needs to be addressed.

They may pose as a reputable company, such as Microsoft, Google or Samsung, or may even call under the guise of a well known broadband supplier.

In some cases you might be told you have won the 'Microsoft Lottery' or that you need to supply credit card information to 'validate your copy of Windows'. There have also been instances where fraudsters have used this method to watch the user type in passwords for services such as online banking.

However, somewhere along the call, there will either be a demand for a payment to fix the problem, or a request for access to install harmful software onto your computer.

Over the past 12 months, Action Fraud has received 22,609 reports of this type of scam with a total of £21,365,360 being lost to fraudsters. That's almost £1,000 each.

It said figures by the City of London Police's National Fraud Intelligence Bureau found men and women are equally susceptible - but the average victim is 63 and living in either London or Bristol.

"These fraudsters prey on vulnerable victims, doing everything they can to convince them there is something wrong with their computer," explained City of London Police's detective chief inspector, Lara Xenoudakis.

"They use this as a way to gain immediate and in some cases multiple payments from the victim.

"We are asking people to do everything they can to protect themselves from this type of fraud and stop fraudsters from thinking that this is an easy way to make money from unsuspecting victims."

How to protect yourself from Computer Software Service fraud

- Computer firms do not make unsolicited phone calls to help you fix your computer.
Fraudsters make these phone calls to try to steal from you and damage your computer with malware. Treat all unsolicited phone calls with scepticism and don't give out any personal information.

- Computer firms tend not to send out unsolicited communication about security updates, although they do send security software updates. If in doubt, don't open the email.

- Computer firms do not request credit card information to validate copies of software. Nor do they ask for any personally identifying information, including credit card details.

- More specifically, Microsoft does not request credit card information to validate copies of Windows nor will it ever ask for any personally identifying information, including personal banking details to verify a download or transaction.

- The 'Microsoft Lottery' does not exist -so it's not true if you're told you've won.

(1st November 2018)

(Daily Mail, dated 9th October 2018 author Sebastian Murphy-Bates)

Full article [Option 1]:

Two men behind a cash-for-crash scam that may have topped £8million and involved 250 collisions were today slammed by a judge who said all insurance customers will pay for the fraud through higher premiums.

Boota Ram masterminded the sophisticated, large-scale fraud by orchestrating crashes with innocent drivers, mainly on mini-roundabouts.

The 38-year-old from Slough used false driving licences and fake documents to make claims against dozens of insurance companies for fabricated injuries or vehicle damage.

Police found the baker's car boot crammed with items necessary to make claims including dozens of fake IDs and insurance documents, with a judge branding the vehicle a 'mobile fraudster's office'.

Ram's laptop contained an immaculate spreadsheet with information for more than 500 claims, some so old the insurance firms had no details on whether they had paid out, prosecutor Michael Rogues told Reading Crown Court.

An estimate based on the spreadsheet puts the potential extent of the frauds at more than £8million. But the proven profit of the fraud based on corroborating documents from insurance companies was £4million.

Ram was handed a nine-year prison sentence after a jury convicted him of conspiracy to commit fraud over a three-year period. He was jailed in his absence after absconding part way through the trial.

His nephew, Gagandeep Gagandeep, was jailed for three years for his part in the conspiracy.

The 30-year-old deposited and withdrew claims money through his accounts, applying for insurance on cars he bought for the scam. He also took damaged cars to scrap yards.

Judge Paul Dugdale said every person in the UK would feel the impact of this significant fraud through increased insurance premiums.

'This involved a fraud which lasted three years and it involved the two defendants and a number of others carrying out induced accidents, manufactured accidents, where the fraudster's car was deliberately driven into cars driven by innocent parties who were not involved in the fraud in any way,' he said.

'This was so the fraudsters could fake insurance claims for personal injury which were dishonest.

'When Ram was arrested the contents of a car parked on his driveway can be described as a mobile fraudsters office.

'Not only was there a cost to the individuals involved in the incidents, the loss because of this kind of fraud affects almost every person in this country who drives a car.

'Insurance companies do not absorb this kind of loss. They find it forms part of their profit and loss operations and when costs increase they just pass it on to their customers who pay the higher premiums.

'Nobody should think that a conspiracy like this affects insurance companies alone. Ordinary people pay insurance premiums and they themselves become victims of this sort of conspiracy.

'It is no surprise that ordinary people who pay insurance premiums get very angry and its quite understandable in this situation. People go to work every day, perhaps each year they have to work out carefully each month how much they can afford.

'It will have a particular affect on the people of the Slough area where postcodes are taken into consideration will also be directly affected by having to pay higher premiums.

'The most aggravating factor is that for each claim it involved at first a deliberate crash where the car deliberately hit another car driven by somebody who was completely innocent.

'The collisions were not at speed and mainly on mini roundabouts. But each time a fraudster caused a collision they would not have known who was in the car, whether they be a robust driver, a vulnerable driver, a young driver or a driver with children in the car. Indeed on one occasion there were two young children in the car.'

Judge Dugdale said he had to pass sentence on Ram despite the fact he vanished from the courtroom and was suspected of being in London, because he did not think he would be picked up by police for up to 15 years due to high number of false drivers licences and false documentation he had.

'Ram gave evidence and said he was innocent and he was guilty of stupidity, laying the blame on a man called Daljit Singh. I believe Boota Ram and Daljit Singh were one and the same person.'

Ram, of Slough, Berkshire, was convicted by a unanimous jury of one count of conspiracy to defraud and two counts of possession of articles for use in fraud.

Gagandeep, of Slough, Berkshire, was convicted by unanimous jury of one count of conspiracy to defraud.

Mohammed Popat, 56, of Slough, Berkshire, was cleared of one count of conspiracy to commit fraud and one count of conspiracy to drive dangerously.

See also

(In Your Area, dated 11th October 2018)

Full article [Option 1]:

(1st November 2018)

(Stoke Sentinel, dated 8th October 2018 author Jonathan Bamber)

Full article [Option 1]:

Staffordshire Police are warning parents to be on their guard as a growing number of children playing the popular online Fortnite game have been targeted by fraudsters.

Fortnite gamers are drawn in to the scam by an advert on a social media channel which claims that by following a web link and entering some information they will receive free Vbucks - the in-game currency.

The fraudsters ask the victims for information about their account which allows them to log in and create fraudulent charges.

They also ask for the gamers' phone numbers in return for Vbucks and then sign the victim up to a premium rate subscription service, selling access to other people's Fortnite accounts, and offering Vbucks for free and then charging for it.

Action Fraud, the national fraud and cyber crime reporting centre, received 35 reports of Fortnite-related fraud between April 1, 2017 and March 31 this year, with a total loss of £5,119, an average of £146 per person.

In the same period it received 37 reports of fraud involving Steam Cards - giftcards used on the digital game distrubution platform Steam - with a total loss of £44,455.98, an average of £123.88 per victim.

That scam involves fraudsters calling victims and claiming to be from well-known organisations. The victims are told to buy Steam Cards in order to pay for the processing of tax fund rebates, PPI refunds, administrative costs for processing loans and providing anti-virus software. The victim is asked to read out the serial code on the back of the card over the phone.

Action Fraud director Pauline Smith said: "It is vital that both parents and those playing games online are able to spot the signs of fraud, as fraudsters will go to great lengths to try to steal your money. It is also important that parents make their children aware of the threat of fraud online.

"If you are downloading or purchasing game add-ons, make sure you use the official website. You should never reveal your password or banking details to someone you don't know, or be tempted to click on links to unknown. If you think you have been a victim of fraud, contact Action Fraud."

A spokesman for Staffordshire Police said: "We are supporting Action Fraud by warning parents and online gamers of the risk of fraud involving Steam Cards and Fortnite.

"Please do not provide personal details under the premise of free Vbucks, and if you are downloading or purchasing game add-ons make sure that you use the official website."

Many members of the public believe it is easy for young gamers to become victims of fraud.

Dad Mark Turner, aged 60, of Blythe Bridge, said: "Adults get scammed so what chance have teenagers got. I do not understand how there is not the technology to take these fraudulent links down straight away."

Paul Mountford, aged 47, of Hanley, said: "It is so easy for teenagers to be scammed and be talked into using their parent's credit card."

His son, James Mountford, aged 14, added: "I have played Fortnite and it is easy to be the victim of fraud."

Mum Emma Johnson, aged 36, of Blurton, said: "If parents have not got passwords they are asking for it. On our X-Box, as soon as they go on something it has a password.

(1st November 2018)

(Mail on Sunday, dated 6th October 2018 author Sally Hamilton)

Full article [Option 1]:

Holiday rentals giant Airbnb is stepping up security measures to help end the scourge of fraudsters using its website to dupe holidaymakers into sending cash to scam accounts.

The menace of fake Airbnb bookings was exposed last year by The Mail on Sunday after numerous families were tricked into transferring payments for seemingly genuine properties to conmen disguising themselves online as the real property owners.

Now, as the US-based company reports that booking numbers are exploding - ten million British holidaymakers alone arranged accommodation via its online service in 2017 - it has pledged to stamp out the practice.

As well as reinforcement measures such as ID checks and checking names against regulatory, terrorist and sanctions watchlists, the company has introduced stricter authentication requirements when customers log in from an unrecognised device.

It has also developed new guides to help guests and hosts protect themselves, compiled with the help of internet safety group Get Safe Online.

Nick Shapiro, global head of trust and risk management at Airbnb is former deputy chief of staff at the CIA.

He says: 'While we already take steps to help keep bad actors off our platform we think these guides will further protect customers.'

The growing band of booking websites rely on trust between owners and bookers. But some users have paid thousands of pounds for properties that turned out to be sham listings.

Among them were the Gilmour family from South London who handed over more than £5,000 to a fraudster posing as the real host of a luxury property on the Balearic island of Majorca.

Other victims are also hoodwinked by websites set up by fraudsters using photos and details lifted from genuine web pages.

In all cases the holidaymakers are tricked by convincing patter to send cash quickly by bank transfer to secure a booking.

Figures from Action Fraud reveal crooks stole £6.7 million from holidaymakers last year - but it is the tip of the iceberg as embarrassment means many frauds go unreported.

Airbnb checks the ID of members but this does not stop fraudsters from hijacking real profiles.

Customers using online marketplaces such as Airbnb can protect themselves by only communicating with owners through the booking website's private messaging system - and paying via the firm's own secure payment set-up.

But not all online marketplaces do ID checks or provide secure booking.

One way to be safe is to pay by credit card. Your bank may provide a refund if the booking proves fake.

If a bank transfer is the only option then do extra homework. Use Google maps to track down properties and search engines to verify an owner's details.

Report any holiday fraud to Action Fraud online or by calling 0300 123 2040.

(1st November 2018)

(Daily Mail, dated 5th October 2018 author Stephen Wright)

Full article [Option 1]:

A rogue airport parking firm run by a convicted conman is leaving holidaymakers' cars unattended on free public roads rather than in secure compounds.

Legacy Parking, which charges around £60 a week, says on its website that customers' vehicles are kept in a 'fenced and secured parking facility'.

But a six-month investigation into the company - where cars were monitored with tracking devices - revealed they are left unprotected on streets near Gatwick Airport in Sussex.

It is claimed the firm parks around 200 cars a week and is on course to make more than £200,000 profit in its first year of trading.

According to a dossier seen by the Daily Mail, the vehicles are kept on an industrial estate where car drivers park for free.

This week, the Mail saw dozens of cars there covered in dust, suggesting they had been parked for a long time while their owners were away on holiday. Pictures and tracking device data from the undercover investigation involving test deliveries of cars established that Legacy Parking leaves customers' vehicles there.

The company also uses two secure car parks which it does not have legitimate access to, according to sources. Its 'meet and greet' drivers are believed to use pin codes to gain unauthorised access.

Legacy Parking is owned and run by disgraced accountant ??????, who defrauded a former employer out of £155,000 to feed a gambling addiction and narrowly escaped a prison sentence five years ago.

Undercover footage shows ????? collecting a customer's vehicle from a car park at Gatwick in March. Evidence shows the car was later parked on a public street, not a safe compound.

Last night a furious customer called on trading standards officials to close down Patel's firm. Recruitment director Alex Ross-Scott, 31, who found out that his Audi A3 convertible had been parked on a public street, demanded tighter regulation of 'meet and greet' firms at Gatwick.

He was stunned when an investigator contacted him to say it had been kept on a street while he and his fiancée were on holiday in Portugal last month. Pictures show it was left on Whittle Way at the Manor Royal industrial estate near Gatwick.

Mr Ross-Scott, who lives in Sussex, said: 'We thought getting a meet and greet service meant the car would be parked in a 24-hour gated area. If anything had happened to my car, the insurer would not have covered it.

'The company should be closed down. It is misrepresentation of sale.' Last night Legacy failed to respond when asked to comment and ????? was said to be not at his home in Crawley.

Gatwick Airport said: 'Gatwick has never had a relationship with the company.' It recommended passengers use officially-approved car parks.

uaware comment

Official airport car park prices can be reasonable if you book online and are normally kept secure.

Also remember, if you use a bogus parking company your insurance will probably be invalid if any damage is caused.

You may also be liable if the bogus company driver commits an offence driving your car.

(1st November 2018)

(Reuters, dated 2nd October 2018)

Full article [Option 1]:

Six fraudsters were jailed in Britain on Tuesday for orchestrating a 17 million pound ($22 million) scam to sell and install solar energy panels, often targeting vulnerable people.

The Serious Fraud Office (SFO) said it had brought the men to trial after the ringleaders - two brothers and former directors of Solar Energy Savings Limited - were caught during a routine police traffic stop after seven months on the run.

The men manipulated their victims with deceitful sales techniques, lies and false guarantees of reimbursement to misrepresent their deals and maximize sales. Around 1,500 victims lost up to 20,000 pounds each, the SFO said.

The men paid themselves almost two million pounds and drove Lamborghini and Porsche sports cars, had cosmetic surgery and took private flights to Switzerland and Italy.

They offered their victims a cashback scheme that falsely guaranteed that their costs would be invested and returned in a number of years. But in reality, the cash was transferred between a string of businesses in a scam so crude that investigators said the names of companies had been manually crossed out on certificates.

Ludovic Black, David Diaz, Steve Wilson, Robert Ross, Niall Hastie and Kenneth Reid received sentences of between three-and-a-half and seven-and-a-half years each.

"These men built predatory schemes to steal thousands from the hard-earned savings of vulnerable people while pretending to offer them a chance to improve their own financial security," said SFO director Lisa Osofsky.

(1st November 2018)



About 18 months ago I attended a course run by Trading Standards on Scams.

I was told that one of the tracts of a scammer / fraudster was their ability to gain the trust of the individual being scammed. On the basis of that trust the fraudster is then able to take advantage and illegally make a financial gain.

Trust and loyalty are on the "same side of the coin" literally. So are insurance companies scammers or are they just using a marketing ploy to increase their customer base ?

(The Sunday Times, 29th September 2018 author Andrew Ellson)

Full article [Option 1]:

The City watchdog will investigate home and car insurers in response to concerns that loyal customers are being exploited by huge increases in premiums every year.

The Financial Conduct Authority (FCA) said that it had been concerned for some time about longstanding customers being charged more for some financial products than those that had just joined.

The watchdog has powers to change how markets operate to increase competition and ensure that customers are treated fairly. Previous market studies have led to enforcement action.

Citizens Advice recently lodged a "super-complaint" with the Competition and Markets Authority (CMA), finding that households pay almost £900 a year too much for staying loyal to mobile phone, broadband, insurance, savings and mortgage providers.

The authority must publicly respond to the the complaint within 90 days. The CMA said that it would work with the relevant regulators in each area.

Andrew Bailey, chief executive of the FCA, said: "Citizens Advice has raised a number of important issues and we will work closely with the Competition and Markets Authority as it investigates this super-complaint.

"We expect firms to look after the interests of all customers and treat them fairly, whether they are new or longstanding. It is important to get balance right so that existing customers do not miss out on the benefits of competition and innovation, including when they purchase or renew their general insurance products.

"The study was have announced today will help us examine the issues we have already identified in the markets in more detail."

The average cost of hom insurance incrased by almost 8 per cent- triple the rate of inflation - in the year to April, according to the consumer group Which ? It did not differentiate between new and existing customers but the average increase for those who did not shop around is likely to have been significantly higher.

The super-complaint raised concerns about competition in the mortgage and savings markets but the FCA said that it had already undertaken work in these areas. It did not indicate whether it intended to complete further investigations into these markets.

The Association of British Insurers says that it had already taken voluntary action to ensure that longstanding customers did not lose out. Huw Evans, its director general, said: " This includes commitments from firms to review premiums charged to customers who have been with them for five years and the industry publishing a report on progress within two years."

This year the FCA said that it was taking action against insurers who failed to show the insurance premium that customers had paid the previous year.

In April the watchdog said that it had found that some companies, including the RAC, were still failing to implement the rules. The RAC agreed to contact affected customers.

Further reading (uaware additions)

(The Sunday Times, dated 29th September 2018 author Mark Atherton)

Full article [Option 1]:

Home Insurance

The Golden rule is never to automatically accept your renewal quote. Insurers will typically bump up your renewal premium and hope that you dont notice. Go on to price comparison sites and find out whats on offer. Ideally you should use several sites, because each might have a slightly different approach. Its also important to check out those insurers, such as Direct Line and Aviva, that can offer competitive rates, but don't appear comparison sites.

Money Saving Expert, a price comparison site, looked at the best time to buy home insurance and found you could get the cheapest price about three weeks before the renewal. The average annual premium for a combined buildings and contents policy was £148 if you bought 21 days before renewal, but £180 if you left it until the day itself.

Gary Cafell, th money editor at Money Saving Expert, says: "knowing when to pounce is a game-changer".

Car insurance

Again, never accept a standard renewal quote from your insurer. By searching price comparison sites you will almost certainly be able to get a better deal. Ifyou are midway through your policy you might be able to make money by switching., if you can cancel your existing policy for a modest fee and get the rest of the years premiums refunded.

The time when you are likely to be quoted the cheapest premium is 21 days before your renewal date.

(5th October 2018)

(BBC News, dated 28th September 2018)

Full article [Option 1]:

More consumers who fall victim to "push" payment scams may be reimbursed by their bank under proposed new rules.

A draft voluntary code for banks aims to prevent "Authorised Push Payment" (APP) scams.

Such scams trick account holders into authorising a payment to another account - usually a fraudster.

At the moment banks typically refund only about a fifth of the money that goes missing, leaving some thousands of pounds out of pocket.

The new code establishes the principle that if customers take "the requisite level of care", they should be reimbursed by their bank.

But consumers will still have to prove that they took "reasonable steps" to make sure that the person they paid was who they thought they were.

At the same time the payments regulator has announced that a new tool to counter such fraud, known as "confirmation of payee" should be in place by July next year.

'Significant win'

Consumer rights group Which? initiated a super-complaint about APP scams two years ago.

Jenni Allen, managing director of Which? Money, said the call to reimburse innocent victims of such scams was a "significant win" for consumers.

But she warned the new code would only be judged a success if banks protected more customers from scams and "swiftly" reimbursed those targeted by criminals.

"It's simply unacceptable that in cases where banks claim they could not have done anything more, it will still be the victim who is left to bear the cost - often with devastating consequences."

One APP victim was Angelene Bungay of Shrewsbury, who was duped into paying £13,000 to someone posing as the builder carrying out her loft conversion.

Her bank said that despite Mrs Bungay being one of a growing number of APP victims, she would not be refunded.


The code aims to make it harder for criminals to commit push payment fraud, and sets out how consumers can get better protection and support from their banks.

But it lists eight ways that banks can justifiably refuse to reimburse customers who have been defrauded.

These include cases where customers:

- refuse to heed warnings from their bank
- "recklessly share" their security credentials
- fail to take steps to make sure they person they paid was who they thought they were
- fail to be honest with their bank
- are "grossly negligent"
- fail to heed a confirmation of payee result (see below)

Questions also remain about who is liable when both the bank and the customer appear to have taken all the necessary steps to prevent fraud.

What is confirmation of payee?

Under the current system, anyone making an online payment to another person has to enter their name, their sort code and their account number.

But as long as the sort code and the account number match up, the payment will go through. In other words the name on the account is not checked by the bank.

Under the confirmation of payee system, a message will bounce back to customers, saying " Did you mean to pay Joe Bloggs?" - giving the actual name of the account-holder.

This should stop fraudsters posing under false names. This system is now due to come in by July 2019.


A draft is open for consultation until 15 November and the final version is intended to be agreed by early next year. In the meantime five banks have said they will start to implement the draft code.

Stephen Jones, chief executive of UK Finance, which represents banks, said the industry would work with partners to identify a sustainable way to reimburse consumers.

"It is vital that we get the right outcome for customers... while ensuring innocent victims and customers are not penalised for the criminal actions of others," he said.

Financial services firms "have now got a clear sighting shot as to the overall direction of travel" in terms of reimbursement for fraud, he said, while consumers should have greater consistency in being able to get money back.

Some of the issues must be resolved by new regulation, rather than a voluntary code alone, UK Finance added.

(London Evening Standard, dated 25th September 2018 author Sophie Williams)

Full article [Option 1]:

Fraudsters have stolen more than £500 million from British bank customers during the first half of 2018.

According to trade body UK Finance, £145 million of that was lost through unauthorised push payment (APP) scams. These scams involve people being tricked into authorising a payment to another bank account.

The remaining £358 million was stolen using unauthorised transactions carried out by a third party and not the account holder.

Most victims of unauthorised fraud receive a full refund however there is no legal protection for those duped by APP scams.

UK Finance said that £30.9 million of the £145 million lost through APP scams this year had been returned to customers.

Almost two thirds of reported APP scams in the first six months of the year were purchase scams. This is where victims pay in advance for a product or service such as a car or holiday rental which is not received or does not exist.

This type of fraud often takes place online, through auction websites or social media.

There were also 3,866 reported cases of impersonation scams, where the criminal claims to be from the police, bank or another organisation in order to trick the victim into transferring money.

The nature of these scams means victims are often persuaded to transfer significant sums of money, with the average loss in police and bank impersonation fraud amounting to £11,402.

Katy Worobec, managing director of economic crime at UK Finance, said the figures showed scams posed a "major threat" to the UK.

"The criminals behind it target their victims indiscriminately and the proceeds go on to fund terrorism, people smuggling and drug trafficking, whether or not the individual is refunded," she said.

She added that the industry was taking action to tackle the problem, by investing in security systems and cyber defences, as well as bringing in new standards to ensure victims get support from their payment providers.

The organisation said financial institutions had prevented two-thirds of unauthorised fraud in the first half of 2018.

But Gareth Shaw, money expert at consumer group Which?, said banks' efforts had been "woefully insufficient".

"It's now two years since our super-complaint highlighted the lack of protection for victims of bank transfer scams, but these shocking figures show just how widespread the problem still is," he said.

"Banks... have not done enough to protect their customers, who continue to lose life-changing sums of money to ever-more sophisticated crooks.

"The Payment Systems Regulator has rightly committed to introducing a reimbursement scheme for victims. It's about time that banks step up and properly compensate customers who have lost money through no fault of their own."

(5th October 2018)

(Mirror, dated 26th September 2018 author James Andrews)

Full article [Option 1]:

No one likes paying tax, so the news you are due an unexpected rebate of hundreds of pounds is something that will see hearts leap across the land.

Except it's fake - and rather than getting a nice little windfall, you'll be handing your details straight to scammers.

"We identified an error in the calculation of your tax from the last payment," one example of the email pretending to be from HMRC reads. It adds that £675.95 has already been sent back.

Then comes the hook.

"In order for us to return the excess payment, we need to confirm a few extra details."

To get the money you need to click on the link, then put in your details on the scammer's site - and as soon as they have that information they will either use it to steal cash from you, or sell the details to someone else who will.

Sadly, the example of the scam sent to one of Mirror Online's team is far from the only one.

"We had a 200% increase on searches based on the previous week," consumer complaints site Resolver told Mirror Money.

Do not trust it

Complaints site Resolver points out vigilant consumers can beat this sort of scam if they know what to look out for.

"HMRC never contact customers who are due a tax refund by email. They always send letters via post," Resolver founder James Walker explained.

"HMRC do sometimes contact you by text, but they'll never ask for any personal details or financial information. Beware of texts directing you to follow a link.

"If you've received an email or text claiming to be from HMRC, you should send it to and then delete it straight away.

"You should never open any attachments or links in one of these emails."

When HMRC will contact you about a tax refunds

HM Revenue and Customs will never use texts or emails to:

- Tell you about a tax rebate or penalty

- Ask for personal or payment information

The tax body also said it would never put a figure on the alleged non-payment in the message itself.

If it does get in touch via phone, email or text, it will ask the customer to log into their account.

If HMRC needs to contact you about anything confidential they'll write to you instead.

I've replied to an email: What should I do?

Contact the HMRC security team if you think you've given any personal information away in reply to a suspicious email or text.

Include brief details of what you disclosed (for example name, address, HMRC User ID, password) but don't give your personal details in the email.

To contact HMRC's security team, email , or report any phishing activity to .

HMRC tax contact numbers

You can call 0300 200 3600 anytime Monday to Friday between 8am and 8pm, 8am to 4pm on Saturdays and 9am to 5pm on Sundays.

Report a fraudulent HMRC email or text message

- You can forward any suspicious emails to HMRC's phishing team: .

- If you receive a text, forward it on to 60599. Text messages will be charged at your network rate

What to do if you think you've been scammed

If you receive an email, call or correspondence that seems suspicious, or if you see any unusual information on your account, do not ignore it.

Change your passwords and report your concerns to Action Fraud - they'll be able to look into the case for you :

Where you believe your bank details may have been compromised, notify your bank as soon as possible.

You can also request a copy of your credit report - this will list your entire six year financial history - including any misuse of your personal information, such as an unidentified loan application.

Review every entry on your credit report and if you see an account or even a credit search from a company that you do not recognise, notify the credit reference agency. They all offer a free service to victims of fraud.

(5th October 2018)

(This is Money, dated 26th September 2018 authors Victoria Bischoff and Amelia Murray)

Full article [Option 1]:

Their plan to dodge refunds for scams costing families £1million a day are EXPOSED in leaked letter

- Letter was sent by Stephen Jones, chief executive of trade body UK Finance
- Claimed it wasn't right that banks should be 'financially responsible' for scams
- Spokesmen for UK Finance and Payment Systems Regulator refused to comment

Shameless banks have mounted a secret lobbying campaign to avoid having to refund victims of fraud.

Watchdogs will spell out tomorrow the steps banks must take to tackle scams costing families £1million a day.

It was hoped the measures would include a proper compensation fund.

However a letter leaked to MoneyMail reveals that banks have told regulators and government officials they should not be made responsible. Figures published yesterday show that around £145million was lost to 'authorised push payment' fraud in the first six months of the year. Only £31million was refunded.

Many of the victims were persuaded by fraudsters to transfer cash to another account for safety - only to see it vanish.

'The banks are shameless,' said Suzanne Raftery, a former Scotland Yard detective and fraud expert at Requite Solutions. 'They often don't care about the devastation these scams cause for people. They care about money.'

Gareth Shaw, of Which? Money, said: 'It's two years since we highlighted a real lack of protection for people targeted through no fault of their own - but people are still losing life-changing sums of money every day and action from the banks has been woefully insufficient.

'The finance industry and regulator must quickly introduce measures to stop these scams from happening in the first place and commit to reimbursing all victims who are not at fault - otherwise they risk further eroding trust in the banking system.'

f fraud continued at the current rate, banks would be on the hook for an extra £200million of losses this year.

The biggest five, Lloyds, RBS, Barclays, HSBC and Standard Chartered, made profits of £9.3billion between them in the second quarter of the year.

The Mail is campaigning for clearer rules to protect victims, help them to trace their stolen money as well as get access to compensation.

The leaked letter was sent last month by Stephen Jones, chief executive of trade body UK Finance, to a number of officials including Andrew Bailey, who heads the Financial Conduct Authority.

Mr Jones said: 'I speak for all payment service providers (banks) involved to date when I state that they do not believe they should be required to compensate a consumer for the (presently) unquantifiable 'residual risk' to which your letter refers.

'This is not because they do not wish a consumer who has acted reasonably to be reimbursed in such circumstances.

'They do. It is because PSPs do not accept they should or could be automatically liable for this risk.'

He claimed it was not right that banks should be 'financially responsible' for scams that start with data breaches in other sectors such as telecoms and retail.

He warned that a code of conduct that did not put more onus on the customer might lead to more fraud. It is not known whether the rules will demand better compensation for victims.

The code is the result of eight months of work by banks, charities and consumer rights organisations, which were part of a steering group appointed by the Payment Systems Regulator.

The rules are likely to include giving customers timely warnings if they notice suspicious activity on their account and taking measures to prevent criminals opening accounts in the first place.

The idea is that if banks then fail to meet these minimum standards of care they must refund victims.

The proposed code, which should come into force at the start of next year, will be voluntary but it is expected that most major banks will sign up. It will also include a requirement for customers to take reasonable steps to protect themselves against fraudsters.

If they behave recklessly or negligently banks would not be expected to refund them.

However, experts say that most scams these days are so sophisticated that even the smartest of people are at risk of being conned.

But while banks admit that it is right that these victims should be refunded, they refuse to accept this is their responsibility.

Nicky Morgan, the Tory chairman of the Commons Treasury committee, said: 'As online banking and payments become more prevalent, millions of customers are exposed to the risk of economic crime. As part of the Treasury committee's inquiry into economic crime, we'll look at how consumers are affected, and the response of the regulators and financial institutions, including banks.

'Whilst we all have a responsibility to protect ourselves against fraud, financial institutions also have a role to play in stamping out such criminal behaviour.'

John Mann, Labour MP for Bassetlaw, said: 'For too long banks have been able to place the blame on intelligent and careful individuals when they are conned by sophisticated fraudsters manipulating the banks' processes.

'It is high time the financial services industry faced up to the fact that these people are not wilfully making payments - they are being tricked and the results are devastating.

'Banks need to face up to the problem and reimburse their customers when they fall victim to scams instead of washing their hands of them. I am in full support of the Daily Mail's campaign.'

When the code is published the steering group is expected to continue to work together over the next couple of months in a bid to find a solution for a compensation scheme for 'authorised fraud' victims.

Spokesmen for UK Finance and the Payment Systems Regulator refused to comment.


1. Follow the stolen money

Criminals bounce stolen money from account to account - often within the same bank - so it becomes 'lost'.

At present, once money leaves someone's account it is typically gone for good.

Banks must set up an industry-wide system that enables them to trace where that stolen money goes - to give them a chance of clawing it back.

2. Make banks accountable

If they have not done enough to stop fraudsters opening accounts they use to store stolen funds - for example if scammers have used fake ID - the banks must be responsible for the losses and refund the missing money.

3. Set up fraud hotlines

All banks must have a dedicated fraud hotline that victims can call 24 hours a day / seven days a week.

Currently delays reduce the already small chances of banks being able to claw bank their money.

4. Phone firms must help

Telecom providers should identify and stop scam text messages and calls getting through.

Untold numbers of victims are caught out because the scam message appears within a sting of genuine communications from their bank.

5. Watchdogs with teeth

The Payment Systems Regulator should draw up clear rules on exactly when banks should refund fraud victims - and police these rules strictly.

The Financial Ombudsman should be given more power to investigate fraud regardless of who the customer banks with.

6. Compensate victims

A total of £130million is sitting in frozen bank accounts once used by criminals. With a simple change in the law it could be used to compensate victims.


- Hang up on ALL cold callers.

- If you are worried that your bank really might need to talk to you, put down the phone and call it using the number on the back of your bank card or on its website.

- Use a different telephone from the one the call came in on - fraudsters often remain on the line after people hang up. If you have to use the same phone, wait at least 30 minutes before calling back.

- Remember banks will NEVER ask customers to move money to another account to keep it safe from fraudsters.

- Be suspicious if the caller seems to be in a rush and eager for the transaction to go through quickly.

- Never disclose personal information even if the caller sounds convincing and appears to know personal details.

- Never respond directly to unsolicited emails or texts.


- Call your bank straight away but only on a number taken from your bank card or its website.

- Tell the call handler that you think you have been scammed and ask for the money to be recalled straight away.

- Do not ask for the fraud team as there may be a queue - the crime can always be investigated later.

- If the money has already gone out of your account, tell the call handler to contact the receiving bank and freeze the money so it cannot be cleared from the account.

- Note the time of the call and any time spent waiting in telephone queues. If there are delays this could be used to support a complaint later.

- Write down everything about the fraud. Ask the bank to explain what happened to the money when it left the account.

(5th October 2018)

(Daily Record, dated 25th September 2018 author Vicky Shaw)

Full article [Option 1]:

A cold-calling fraudster can sound very convincing, but there may be some warning signs that could help you spot that someone is about to attempt to steal your cash.

To avoid falling victim to a scam, people are being urged to follow the advice of the Take Five to Stop Fraud campaign - which is backed by major banks and financial services providers.

To help you out even further, we've gathered together a handy list of their advice - detailing out the things to look out for to avoid getting scammed:

The 'nice guy' routine:

Previous research by Take Five delved into the techniques financial fraudsters commonly use to trick people into handing over financial or personal information over the phone, often when they are posing as someone in authority such as a fraud detection manager or a police officer .

It found that while many people are more likely to trust a stranger over the phone if they sound like a "nice person", in fact a caller acknowledging someone's concerns and sounding apologetic can be the hallmark of a scam.

Using your information against you:

Looking at evidence from real-life scam phone calls, it found fraudsters will use snippets of information about their targets, gathered together from different sources, to sound like they know what they are talking about.

Creating a sense of urgency:

Alarm bells should also start ringing if the caller suddenly switches tempo and starts piling on the pressure - perhaps by creating a false sense of urgency and making their victim think they need to act quickly so they have no time to think it through.

If you start to have doubts or something does not feel right, put the phone down.

There are also some common types of scam to watch out for.

These include purchase scams, when victims pay up-front for goods, often after seeing them on auction websites or social media that are never received.

Criminals also advertise fake holidays and concert tickets.

A warning sign could be if you are asked to pay by directly bank transfer instead of a website's secure payment options.

People may also be persuaded to part with their cash after being convinced this will result in the release of a much larger payment back to them, for example after being tricked into believing they have won an overseas lottery or that valuables are waiting for them at customs and a fee must be paid to release the goods.

General advice:

- A genuine bank or organisation will never contact you out of the blue to ask for your Pin, full password or to move money to another account.

- Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.

- Never automatically click on a link in an unexpected email or text.

- Always question uninvited approaches in case it is a scam. Instead, contact the company directly using a known email or phone number.

(5th October 2018)

(The Telegraph, dated 25th September 2018 author Sam Meadows)

Full article [Option 1]:

Scammers stole £800,000 every day in the first six months of this year, according to new figures released by the banking trade body.

UK Finance, which tracks bank data on bank transfer fraud, last night announced that £145.4m was lost to so-called "authorised push payment" fraud between January and June.

This type of crime is Britain's fastest growing and the announcement suggests that 2018 will see a sharp increase in the amount stolen from 2017, when victims lost £236m over the whole year. Telegraph Money has been campaigning for banks to do more to help victims of bank transfer fraud.

By far the most common fraud of this type is purchase fraud, whereby a victim believes they are paying for a legitimate service or item, with £19.4m lost in 21,483 cases. There were also around 4,000 cases of impersonation, in which a criminal will pose as a trusted third party to redirect a payment, for example a solicitor or bank.

Investment fraud resulted in £20.9m of losses while 571 victims were tricked by romance scams for an average loss of £9,282.

Katy Worobec, managing director of economic crime at UK Finance said data breaches are increasingly fuelling fraud.

"Fraud and scams pose a major threat to our country," she added. "The criminals behind it target their victims indiscriminately and the proceeds go on to fund terrorism, people smuggling and drug trafficking, whether or not the individual is refunded. Every part of society must help to stamp out this menace."

Tony Blake, head of fraud prevention at the Dedicated Card and Payment Crime Unit, a specialist police squad, said: "Criminals are after your money and they are clever at getting it, impersonating people and organisations to groom even the savviest into acting.

"If you get a call, text, email or social media message asking for your personal or financial details or to transfer money, it could be a scam so stop, think and 'take five'.

"Check every request is genuine by doing some research and contact the organisation using the details from their official website, a latest bill or statement."

A further £358m was lost to "unauthorised" fraud, which relates to transactions made without the victims' knowledge.

Victims are usually refunded by banks in these circumstances, but transfers due to authorised push payment scams are made willingly, and so banks are often reluctant to reimburse victims.

A forthcoming reimbursement code is set to force banks to take more responsibility in these cases.

The UK Finance figures also reveal that the finance industry prevented £705.7m of unauthorised fraud in this time period, a total of £2 in every £3 attempted by fraudsters.

(London Evening Standard, dated 26th September 2018 author Justin Davenport)

Full article [Option 1]:

Londoners were tricked out of more than £860,000 last year by conmen claiming to be offering help to fix computer problems, new figures show.

A total of 1,073 people in the capital fell victim to crooks pretending to be from "tech support" attached to big firms such as Microsoft or Apple . The problem is so serious that Microsoft has seconded an employee to work with City of London police's fraud intelligence unit to help combat the scammers.

The victims, mostly elderly, are targeted with either a phone call, an email or a pop-up message on their computer stating something is wrong with the machine or the internet connection. The message will claim to be from a group such as "'Microsoft Tech Support", or will ask for credit card information to "validate your copy of Windows".

A demand for payment to fix the issue follows, or criminals install software to access personal and financial details.

Another scam tells people they have won the "Microsoft Lottery". Action Fraud, the reporting centre for cyber crime, has launched a campaign to help people avoid becoming a victim. Londoners lost a total of £862,585 in the financial year 2017/18. City police's fraud intelligence bureau said the average age of victims was 63. There were 22,609 reports of such frauds across Britain, with losses of £21.3 million, but officials believe the figures are far greater as many people do not report cases.

Lara Xenoudakis, temporary detective chief inspector at City of London police, said: "These fraudsters prey on vulnerable victims, doing everything they can to convince them there is something wrong with their computer as a way to gain immediate and in some cases multiple payments from the victim."

Police urged computer users to treat all phones calls and messages with suspicion as firms never make unsolicited calls to help fix a problem, never request credit card details to validate software, and never ask for personally identifying information, including card details.

(5th October 2018)

(iNews, dated 25th September 2018 author Andy Jones)

Full article [Option 1]:

Fewer than one in 20 reported fraud crimes are being solved in the UK according to research by consumer watchdog Which.

Figures obtained from UK police forces through FOI requests also reveal most regional forces have seen a substantial drop in their fraud investigation success rates - with some solving almost 40 per cent fewer cases during 2016 than they did in 2014.

In the first six months of 2018, Brits were defrauded by £145m - losing a total of almost £1m a day. The figure was 50 per cent greater in the same period of 2017, according to trade body UK Finance.

Banks logged almost 35,000 cases of push payment fraud in the year to July - a rate of almost 200 a day - with just £31m of the stolen £145m returned to customers.

Gareth Shaw, an expert at Which? Money, says banks need to do more to protect vulnerable customers, many of whom have no access to branches or one-to-one advice. "Consumers continue to lose life-changing sums of money with few protections as more and more of us are encouraged to do our banking online.

"The regulator and industry must now seize the opportunity to introduce a reimbursement scheme that delivers for victims of push-payment scams who have lost money through no fault of their own. But ultimately, banks should be doing much more to protect their customers against scams in the first place."

Man waits to find if he will get any of £15,000 stolen cash returned

As i reported this month, Jack Armstrong, 25, from Altrincham, Greater Manchester was conned out of £15,000 by an elaborate fraud which conned him using a fake Amazon Prime email and a phone call claiming to be from his bank. Mr Armstrong even checked the number online and it matched the anti-fraud number commonly used by his bank, Natwest. The caller convinced him his Natwest accounts were at risk after £400 had been fraudulently spent at Argos online.

The thieves had already "phished" part of his details by sending him a fake request from Amazon Prime that asked for his bank sort code, account number, mother's maiden name and mobile number two weeks before. The final call, pretending to be from Natwest, then got other security questions including his date of birth.

The following day, Mr Armstrong's bank card was declined when he tried to buy something, and he discovered all his money had been swiped and moved to another bank. He has been left with no money to pay his bills and mortgage, and has been forced to borrow from family.

He told i: "I became suspicious when a man who said his name was Andrew from the Natwest Fraud Team rang me. So I Googled the number he'd called me from, but what confused me is that it was the same as the official fraud team's number. "I had never heard of this type of fraud and wasn't aware they could do that, so I'd like to warn other people about it."

He is yet to discover if he will receive any of the £15,000 back. Many banks refuse to pay cash lost to fraudsters if victims have willingly given away their bank details or transferred cash on demand, even if the victim has been 'told' to do so because they believed their account was at risk.

For advice on how to protect your personal details as well as your bank account speak to your bank or visit Get Safe Online :

(5th October 2018)

(Which?, dated 24th September 2018 author Josh Robbins)

Full article [Option 1]:

More than 96% of cases reported to the UK's national fraud reporting centre Action Fraud go unsolved, exclusive Which? Money analysis can reveal.

Less than one in 20 crimes handled by Action Fraud result in a suspect being charged, cautioned or dealt with some other way by the justice system, according to official statistics.

Our Which? investigation reveals the low-rate of success for solving fraud cases and explains how Action Fraud works, and what to do if you're targeted.

Police losing the battle against fraud

Exclusive Which? research found that less than 4% of crimes reported to Action Fraud are solved, and probably much less.

Our estimate is based on two statistics.

The first is the proportion of crimes reported to the Action Fraud, which are then forwarded to local police for investigation. This can be worked out by comparing the number of Action Fraud crime reports against the number of forwarded cases in each year, which are published annually.

Around 25% of cases have been forwarded in the last four years. That means 75% of Action Fraud crime reports are closed unsolved without ever being sent to a local force for investigation - typically because there is no viable line of enquiry.

The second - and crucial - figure relates to how many fraud investigations local police are solving. This cannot be found in routine publications, making it unique among crime groups. Furthermore, we don't feel this lack of transparency has been explained adequately.

But we unearthed some data tucked away in the appendix of a written submission to the Home Affairs Select Committee by the City of London Police. It showed that in 2016-17, local police solved 3.1% of fraud cases, while 85% were unsolved, and in 12.1% of cases were ongoing.

Combining these secondary figures with the 25% dissemination rate, we concluded that 0.8% of Action Fraud cases are solved, 96.3% are unsolved unsolved and 3% of cases are ongoing.

----Original article has a graphic that describes figures--------------

Fraud solved less often than other crimes

Comparing our research with other crime statistics shows that police solve significantly less fraud cases than any other crime group.

Alarmingly this comes as fraud offences continue to rise. UK residents are now more likely to be victims of fraud and cyber crime than any type of offence, according to the ONS.

Fraud and cyber crime offences are now ten times more common than burglary.

Fraud policing vs other crime groups 2016/17 (Interpretation of graph figures)

Drug offences : 80%
Possession of weapons offences : 59%
Misc. crimes against society : 29&
Sexual offences : 9%
Public order offences : 21%
Violence against the person : 20%
Robbery : 13%
Theft offences : 12%
Criminal damage and arson :11%
Action Fraud : 3.1%

What is Action Fraud?

A scam carried out online or over the phone can snare victims right across the country.

For this reason, a centralised fraud-policing system was established in 2009. Action Fraud, and its sibling agency, the National Fraud Intelligence Bureau (NFIB), are at the heart of this process.

Both are branches of the City of London Police, which has expertise in battling economic crime.

Most victims of fraud in the UK should report an incident directly to Action Fraud. Individual reports are then passed on to the NFIB, where connected crimes are pooled into a single investigation package.

The NFIB doesn't go after offenders. Instead, it assesses whether there is a viable line of enquiry and, if so, forwards the investigation to another agency. In most cases, this is a local police force, typically the one where the suspect resides.

How are local police tackling fraud?

Which? Money sent Freedom of Information requests to local police forces, asking them about the outcomes of fraud investigations conducted in the last four years. We received responses from 30 of them.

The data was messy and inconsistent in some cases, so it would be unfair and inaccurate to compare local forces based on what they sent back.

However, the responses we received show a general decline in police performance against fraud at almost every force. Nearly all of them saw their solved rate fall by more than 20% between 2014 and 2016, while 10 of them saw performance fall by more than 40%.

Local police proportion of fraud cases solved in 2017 (Original article shows figures for 4 years)

Avon and Somerset * : 33%
Cambridgeshire : 14%
Cleveland : 36%
Cumbria : 27%
Derbyshire * : 48%
Devon and Cornwall : 22%
Durham * : 38%
Dyfed Powys : 21%
Essex : NA (2016 - 19%)
Gloucestershire : 16%
Greater Manchester : 5%
Herts * : 53%
Leicestershire : 11%

Note : We don't believe this data justifies comparing individual forces. Forces marked with an asterix [*] disclosed a very low number of crimes and should be treated with extra caution. Significant differences between forces are likely to be due to the complicated fraud reporting model: we believe some forces have only included frauds directly recorded, and not those passed on by Action Fraud/ NFIB, while some included both, and others only included NFIB crimes. Ongoing investigations and those forwarded to other agencies aren't included. a Many 2017 investigations are still ongoing, meaning these numbers are likely to change. Source: FOIs to 43 local forces (30 responses).

The local police force figures look much healthier than our "less than 4% solved" discovery because they do not include the 75% of cases that the NFIB never forwards on.

In addition, these figures may include frauds directly acted on by local police without being forwarded on by Action Fraud, further explaining inconsistencies with our main analysis.

Why are so few fraud cases being solved?

To start with, fraud is difficult to investigate because offenders are often 'invisible'. More and more of our financial transactions take place on the internet, so criminals have set up camp online. The Office for National Statistics (ONS) estimates that around 55% of frauds have a digital element.

Although investigators may have cutting-edge technologies to track down online or telephone fraudsters, it's an uphill struggle. The offender might not be based in the UK, and there may only be a social media account or web address to look into.

In contrast, a detective working on a robbery investigation will have a head start if there are eye witness reports and CCTV evidence - or if an offender is caught red-handed, as they typically are in weapons and drugs cases.

These difficulties are compounded by the reality that police forces must prioritise. Fraud can be a devastating, life-changing event for victims. But this has to be weighed against the threat, risk and harm of other offences, including violent crime.

To make matters worse, police budgets and officer numbers have been significantly cut in recent years, and officers say this has had an effect on their ability to deliver justice.

Det Supt Alex Rothwell from City of London Police told us: 'Whereas perhaps the traditional view of policing is detecting crime, the police now spend a significant proportion of their time dealing with social issues, mental health and so on. Balancing all of that against the need to investigate fraud is a challenge.'

But the City of London Police emphasises much of its work goes beyond catching criminals. It also disrupts websites, telephone numbers and bank accounts linked to fraud.

Detectives interviewed by Which? were also keen to stress the increasing role local police play in victim care. The ONS estimates that 15% of bank and credit card fraud victims have been successfully targeted before. Providing appropriate care and advice to a victim in the aftermath of a fraud is therefore crucial to preventing further crimes.

The NFIB provides all local forces with profiles of specific groups deemed vulnerable to fraud within their jurisdiction - these can be used to safeguard at-risk groups.

How to report a fraud

If you're the victim of fraud, it's important that you inform law enforcement. This is vital to helping investigators to build as complete a picture as possible of the UK fraud threat.

In most cases, you should go directly to Action Fraud - you can report online, or by calling 0300 123 2040. You should also do this if you have information that could help local police identify a fraudster.

(5th October 2018)

(Sky News, dated 24th September 2018)

Full article [Option 1]:

More than £21m has been stolen from over 22,000 people in the UK by fraudsters offering fake help with computer issues, according to new figures.

Action Fraud, the specialist nationwide reporting point for cyber crime run by City of London police, has launched a campaign to educate people about Computer Software Service fraud.

It can start with either a phone call, an email or a pop-up message appearing on your computer, telling you there's something wrong with it or with your internet connection, and claiming that it needs to be fixed.

The scammers will then demand payment to fix the issue, or they will trick victims into installing software on their computer which could allow the criminals to access personal and financial details.

Action Fraud stated it received 22,609 reports of Computer Software Service fraud with a total of £21,365,360 being lost over the last financial year.

According to the National Fraud Intelligence Bureau, men and women are equally susceptible to being targeted by the fraudsters, and victims are on average 63 years old.

The bureau's figures show that people living in London and Bristol are most likely to fall victim too.

Fraud became the most common type of crime in England and Wales in 2016 because of the increasing profits to be made through cyber fraud and computer misuse.

Protection advice from Action Fraud and City of London Police will be issued on their social media channels to help people learn how to protect themselves.

The forces are also encouraging businesses to warn customers that they will never be contacted in that way if any issues are detected.

City of London Police's Lara Xenoudakis said: "These fraudsters prey on vulnerable victims, doing everything they can to convince them there is something wrong with their computer.

"They use this as a way to gain immediate and in some cases multiple payments from the victim.

"During this campaign week, we are asking people to do everything they can to protect themselves from this type of fraud and stop fraudsters from thinking that this is an easy way to make money from unsuspecting victims."

Warning advice

- Computer firms do not make unsolicited phone calls to help you fix your computer. Fraudsters make these phone calls to try to steal from you and damage your computer with malware. Treat all unsolicited phone calls with scepticism and don't give out any personal information.

- Computer firms tend not to send out unsolicited communication about security updates, although they do send security software updates. If in doubt, don't open the email, click the link or download any attachments.

- Computer firms do not request credit card information to validate copies of software. Nor do they ask for any personally identifying information, including credit card details.

(5th October 2018)

(Daily Mail, dated 24th September 2018 author Ruth Sunderland)

Full article [Option 1]:

The nightmare begins with a seemingly innocuous call or email, purporting to be from your bank, a solicitor, an online retailer or even from the police.

You are drawn into an entirely credible conversation and in good faith disclose security information - passwords, PINs, account details - before making a transfer of funds. And then the contents of your account disappear into the ether.

Banks describe it as 'authorised push-payment fraud' - financial jargon that does no justice to the cruelty of the scam, or the misery it inflicts. It is a huge criminal enterprise that infects the whole high street banking system.

As the Mail reveals today, Britons will have been fleeced of at least £300million this year alone if current rates are maintained, with thousands of victims.

Unlike with debit or credit card fraud - in which there is a limit on liability once you have informed the card issuer - banks will often refuse to refund a single penny.

Your losses are likely to be deemed to be entirely your own fault - hence the term 'authorised'.

It is grotesquely disproportionate that banks making billions of pounds in profit between them can abandon loyal customers in this way.

A central compensation fund would go some way to addressing the injustice - not least because it's the banks that are making their customers vulnerable to fraudsters through relentless pressure to shift accounts online.

For them it's far cheaper than maintaining a branch network. Branches are closing at the rate of 60 a month, and even ATM machines are being mothballed due to cost-cutting, despite vociferous protests from communities that are being turned into banking deserts.

Many victims are elderly and vulnerable, but by no means all. We are all finding our way with new and constantly evolving technology, and even the most astute customers can be ensnared in the web of deceit. Those taken in have even included finance professionals.

I shudder at the memory of how I almost gave away security information at the prompting of an authentic-looking email, supposedly from Amazon. It said there was a problem with an order and asked me to submit my payment details again.

At the last minute I checked the order number on the email against my Amazon account and realised it was bogus. I also refuse to bank online - despite constant blandishments to do so - until I am persuaded that fraud safety nets are vastly improved.

The banks expect us to exist in a permanent state of hypervigilance and instead of doing their utmost to protect our accounts and help defrauded customers they eschew responsibility. Victims are blamed even though they did not recklessly divulge information, but were inveigled into doing so by sophisticated and practised criminals.

All they are guilty of is an unguarded moment - hardly a crime that deserves to be punished with the loss of thousands of pounds of savings. Technically, the banks may be within their rights, but their stance is unsympathetic, unethical - and yes, immoral.

They boast of state-of-the-art detection systems that are supposed to identify and block unusual transactions. So when these fail to prevent push-payment fraud, they must share in the responsibility.

And how is it that legitimate savers are put through the third degree when trying to open a new account, but fraudsters somehow find it easy to operate accounts to receive their illicit transfers? Why are the banks that receive the cash extracted by deception able to hide behind data protection rules and refuse to co-operate in efforts to retrieve and return it?

The truth is that while the banks aren't footing the bill for these scams, there is little incentive to stop them, or bring the guilty to book.

New technology can give real benefits to customers in terms of convenience, lower costs and help with money management. But it will come to naught if we cannot be confident in the security of the technology - and if we are abandoned by our banks the moment fraudsters pounce.


(Independent, dated 25th September 2018 author James Moore)

Full article [Option 1]:

"There's one born every minute, and stupidity has always been a capital crime. Can we really expect the banks to make good losses people incur through their own foolishness?"

Some £145m went up in smoke due to unauthorised push payment scams, in which people were conned into transferring money to other accounts in the first half of 2018.

You will usually be refunded in the event of your falling victim to people using your bank details to make transactions without your knowledge - all too common in an era of identity and data theft (£358m was lost this way).

However, if you consciously click on the "pay" button, and your money vanishes, it's a different story.

Many would argue that's the way it should be. If people are daft enough to send £10,000 to deposed Prince Whathisname, after receiving an email promising 10 times that if he can just recover the funds that have been locked up in various banks as a result of his country's internal strife, then more fool them.

If we ask banks to refund people suckered like that, if we order them to indulge in hand holding, we'll all pay more. They will pass on the costs they incur. Their services will become harder and less convenient to use as they seek to protect their bottom lines.

That misses the point. Scams like the aforementioned still net the occasional victim. There are billions of people on the planet. Send enough emails out and you'll eventually hook someone. It's why they are so popular and enduring.

But there are plenty of more sophisticated fraudsters capable of drawing in even those people who might otherwise seem quite savvy. Find out that someone's moving house? Why not target their deposit. Given how stressful the process is, you stand a good chance of catching them unawares if you contact them at the right time, and then it's cha-ching!

People's personal finances are the repositories of their hopes and dreams. They can be quite vulnerable when it looks like those hopes and dreams are about to be realised, through the purchase of a dream home, a car or a holiday cottage.

Most of us want to believe that people are basically decent, despite all evidence to the contrary. We can thus very easily become prey to clever crooks brokering such purchases who then vanish - pop - after our savings have been transferred.

The internet is manna from heaven for this type of vermin. It loads the dice in the huckster's favour to an alarming degree.

Companies' addiction to collecting our data, and their carelessness with it, helps them find out about us. There are "suckers" lists traded around the dark web to help them zero in on the vulnerable; past victims and the like.

But even the savvy can get caught. Want to check out a web address or a person or a bank account you're paying into? Banks and other organisations aren't always helpful.

I found that out when I was caught up in the Ticketmaster data theft. As a result, I was told I could have my details monitored by Experian. To do this I had to click on a link. I was wary about. It looked suspect. So I contacted Ticketmaster to check it out. The calls centre was hopeless and it was only after kicking up a fuss that I established it as legitimate.

I've since been told by Experian that my data's being passed around. Would I like to sign up for something called Cifas? Well yes, yes I would. Could you send me details please, Experian?

Computer says no (at least so far). The data monitoring specialist ain't so hot at responding to requests for information about, you know, data monitoring.

You see where I'm going with this? No? Then let me explain.

Stuff like this happens all the time. If it has put at risk a hard bitten, cynical, cautious, financially sophisticated journalist like me, if even I'm struggling to protect myself, how on earth is nice Mrs Nelmes at the bottom of the road going to manage in this dangerous new world?

The answer is that she's not, especially not if her name's on the mug's list and some arsehole who looks legit tricks her into paying them for a holiday she was hoping to treat Mr Nelmes with on their anniversary.

Reforms are coming. One, called "confirmation of payee", is designed to prevent people from being tricked into paying the wrong person. A "request to pay" asking consumers to approve regulator payments is also due. But not until 2020. And neither is a cure.

Banks need to do more, and perhaps a lot more, even if the net result is costlier and more fiddly banking, because the simple fact is we're all at risk and until they act we will remain so, even if we're careful.

(5th October 2018)

(NZ Herald, dated 23rd September 2018)

Full article [Option 1]:

An Italian court sentenced a prolific TripAdvisor fake reviewer to prison for nine months in what the company called one of the first cases of review fraud leading to a criminal conviction.

TripAdvisor detected and blocked more than 1000 attempts to submit fraudulent reviews by PromoSalento, an online marketing site targeting hospitality businesses, the company said in a pair of statements Tuesday. Some reviews were posted and later deleted for hundreds of properties.

The scheme by the man, who was not named, was to write and sell the reviews to companies to boost their prominence.

Sites such as TripAdvisor and Yelp, and commerce giants like Amazon, have gone on the offensive against fraudulent paid online reviews, saying they mislead consumers and undermine buyer confidence in retailers.

The ruling in Italy is a signal that both companies and courts may be getting more serious about the elaborate and lucrative operation of fake review sales, said Tommy Noonan, founder of ReviewMeta, a website that helps consumers spot suspicious Amazon reviews.

TripAdvisor hosts more than 661 million reviews of travel destinations around the globe, according to the company.

The Criminal Court of Lecce decided that using a false identity to write fraudulent reviews violated Italian law, the company said. The man was also ordered to pay about US$9300 in costs and damages. The company submitted extensive evidence of the man's activity after an investigation.

"We see this as a landmark ruling for the Internet. Writing fake reviews has always been fraud, but this is the first time we've seen someone sent to jail as a result," said Brad Young, an attorney for TripAdvisor.

The company said the man was alone in his scheme. TripAdvisor said it penalised customers of the scheme by lowering their popularity ranking or flagging their profile to consumers with a red badge on their page.

Online consumer reviews have become the lifeblood for retailers and businesses looking to draw shoppers. About half of adult consumers in the United States routinely read reviews before buying something for the first time, Pew Research Center found in 2015.

(5th October 2018)

(Action Fraud, dated 21st September 2018)

Watch out for these fake TV Licensing emails.

We've seen a sharp increase in reports about fake TV Licensing emails claiming to offer refunds. The emails state that the refund cannot be processed due to "invalid account details". The links provided in the emails lead to phishing websites designed to steal personal and financial details.

Always question unsolicited requests for your personal or financial information in case it's a scam. Never automatically click on a link in an unexpected email or text.


Bogus example :

TV License - still pending

After the last annual calculation we have determined that you are eligible to receive a tv license refund. Due to invalid account records, we were unable to credit your account.

Please submit the tv license request and allow us 2-4 weeks for the amount to be credit to your account.

Click "refund me now" and follow the steps in order to have us process your request.


Best regards

TV License

(5th October 2018)

(iNEWS, dated 17th September 2018 author Claudia Tanner)

Full article [Option 1]:

A man has lost all his savings after falling victim to a sophisticated scam combining email phishing and 'number spoofing'.

Jack Armstrong has had more than £15,000 wiped from his current and business accounts after giving personal information to a fraudster appearing to call from a legitimate number belonging to his bank, Natwest.

The caller convinced him his accounts were at risk after £400 had been fraudulently spent at Argos online. Two days before, Mr Armstrong had entered his bank account details online after he was sent an email that looked to be from Amazon Prime.

The 25-year-old - who lost money he'd made through a side-line glamping business - has been left with no money to pay his bills and mortgage, and has been forced to borrow from family.

He is speaking out to urge others not to fall for the trick.

He told i: "I became suspicious when a man who said his name was Andrew from the Natwest Fraud Team rang me. So I Googled the number he'd called me from, but what confused me is that it was the same as the official fraud team's number.

"I had never heard of this type of fraud and wasn't aware they could do that, so I'd like to warn other people about it."

Phishing scam

Action Fraud says that 'phishing, vishing and smishing' is: "Any website, online service, phone call or text message that poses as a company or brand you recognise."

These scams are designed to convince you to hand over valuable personal details or your money, or download something that infects your computer.

The three terms are all plays on the word 'fishing' - the fraudsters fish for potential victims by sending emails, social media messages or text messages or making phone calls with urgent messages in the hope of persuading someone to visit the bogus website.

Mr Armstrong, from Altrincham, Greater Manchester, said he didn't realise until it was too late that he'd entered his bank sort code, account number, mother's maiden name and mobile number into a fake Amazon Prime site two weeks ago.

Then two days later, the sales worker got the call purporting to be from Natwest that asked further security questions including his date of birth.

It was the following day after Mr Armstrong's bank card was declined when he tried to buy something that he discovered all his money had been swiped and moved to another bank.

Mr Armstrong has been told by his bank that it is now investigating his case which could take up to 45 working days.

A spokesperson for Natwest said: "We sympathise with Mr Armstrong and appreciate that this has been an extremely distressing experience for him. In response to Mr Armstrong informing us of the scam, we took prompt action in an attempt to recover funds on a best endeavours basis, unfortunately no funds remained at the beneficiary bank."

She reminded customers to never make a payment or divulge full security credentials at the request of someone over the phone purporting to be from the bank and said Natwest will never ask a customer to move money to another account to keep it safe from fraud.

It is possible for malicious callers to make an incoming call look like it is coming from a legitimate source, such as the recognised bank number, she added, and recommended customers call back from a device different to which they received the call on.

How to tell if an email is a phishing scam (Source : Action Fraud)

A favourite phishing tactic among cybercriminals is to spoof the display name of an email. To check the sender's real email address you'll need to open the email. Next to the display email name you should find a link entitled 'details' or 'view detail' which will show you the real email address of the sender.

Other warning signs:

- The email does not use your proper name, but uses a non-specific greeting like "dear customer".

- A sense of urgency; for example the threat that unless you act immediately your account may be closed.

- A prominent website link. These can be forged or seem very similar to the proper address, but even a single character's difference means a different website.

- A request for personal information such as user name, password or bank details.

- The email contains spelling and grammatical errors.

- You weren't expecting to get an email from the company that appears to have sent it.

- The entire text of the email is contained within an image rather than the usual text format.

- The image contains an embedded hyperlink to a bogus site.

The grounds a bank can refuse to refund a fraudulent transaction

The Financial Conduct Authority (FCA), the UK's finance watchdog, states that banks can generally only refuse a refund for an unauthorised payment if:

- It can prove you authorised the transaction - though your bank cannot simply say that use of your password, card or PIN conclusively proves you authorised a payment.

- It can prove you are at fault because you acted fraudulently or because you deliberately, or with 'gross negligence', failed to protect the details of your card, PIN or password in a way that allowed the transaction.

- You told your bank about an unauthorised payment 13 months or more after the date it left your account, so make sure you contact the bank as soon as possible.

- If the payment was from an overdrawn current account or a credit card payment, your bank can only refuse a refund for an unauthorised payment if:

- It can prove the debtor (the customer), or someone acting on their behalf, authorised the transaction though a firm cannot simply say that use of a password, card and PIN conclusively proves a customer authorised a payment.

- The loss was due to the use of a credit token by a person who acquired it with the debtor's consent.

(5th October 2018)

(ZDNET, dated 17th September 2018 author Danny Palmer)

Full article [Option 1]:

A new phishing campaign is using an old trick in an effort to steal login credentials, payment details and other sensitive information from victims by claiming to offer them a tax refund which can only be claimed online.

The message claims to be the UK government's tax office, HMRC, and tells potential victims that they're due a tax refund of £542.94 "directly" onto their credit card.

In an attempt to pressure targets into falling for the scheme, they're told that the link to the "customer" portal" expires on the day the message is received -- the hope is that this will panic victims into thinking they'll miss out on a sizeable cash payment. The phishing scam was uncovered by Malwarebytes

The isn't exactly sophisticated -- not only is the subject line extremely poorly formatted and sent from an email address which has nothing to do with government, the attackers have put little effort into the fake HMRC website used to scoop up credentials.

Before reaching this site, those who click through to the 'portal' are first faced with a fake Outlook login page which asks victims for their username and password in what's purely an attempt to steal credentials.

After victims hand over their email and password, they're taken to a fake 'refund' website which only contains boxes for entering information. Victims are asked to enter their full name, address, phone number, date of birth, mother's maiden name and full credit card details -- including the security code.

Essentially, the attackers are harvesting all the data required for not just stealing bank details, but login credentials which could be used to access other accounts, as well as vast amounts of personal information which could easily be exploited for identity theft and fraud -- or sold onto others on underground forums.

Tax scams are a common means of cyber criminals attempting to extort information or money from victims: HMRC states it will never offer a repayment or ask for personal information via email.

However, when people get tempted by the prospect of receiving a payment, they can often lower their defences -- even by low-level attacks like this phishing scam.

"These attacks can afford to be crude, as the main pressure point is the temptation of an easy cash windfall tied to a tight deadline. Not knowing that HMRC don't issue refund notifications in this manner would also contribute to people submitting details," Chris Boyd, lead malware intelligence analyst at Malwarebytes told ZDNet.

While this phishing attack might seem basic, attackers wouldn't put time into distributing emails if it didn't work. Phishing remains an effective means of conducting cyber attacks at a number of levels, ranging from low-level scams like this, to high-level hacking and espionage campaigns by nation-state level attackers.

Indeed, a recent report by the US Department of Justice concluded that some of the biggest cyber attacks in recent years -- including the North Korean attacks against Sony and the Swift banking network -- started with a simple phishing email.

(5th October 2018)

(The Guardian, dated 16th September 2018 author Rebecca Smithers)

Full article [Option 1]:


I wish I had read your recent article on copycat websites. I have just fallen victim to one over a recent Esta application. When I applied for my first one, five years ago, I am sure such sites did not exist - or maybe I was just lucky to avoid them. This time I thought I had selected the official website, so it was quite a good fake. I have certainly learnt my lesson. Having paid $99 for "assistance", which I did not need (when the cost of the Esta is only $14), is there any way I can get some, or all, of the overpayment back?


Under the terms of the Esta visa waiver programme, all Britons entering the US are required to apply online at least 72 hours prior to travel and pay a $14 fee. Since April 2016, you also need to hold a biometric passport with a built-in chip. Unfortunately, you have been duped by a copycat website which offers services from government departments or local government, such as paying congestion charges, applying for passports or the European health insurance card … but is not official. Although they are not illegal, they often - as you found - charge a substantial premium for the same service as the official website. They trap the unwary by looking uncannily like the real thing and often appear at the top of internet search results. They justify their fees on the fact they check documents but you are eligible for a refund as you were misled.

However, there are illegal, fake websites which simply take the money and leave consumers with nothing to show for it. At least you did get your Esta. Under section 75 of the Consumer Credit Act you are eligible for a refund for breach of contract, but your transaction is below the £100 limit. Talk to your credit card company and explain what has happened.

To help others, report this website to Action Fraud, online or (if you are in the UK) on 0300 123 2040. It is interested in any of these websites where they are charging for more than just the basic service ... fraud or not. It will then be passed to the National Fraud Intelligence Bureau to see if it can be used as part of a police investigation.

(5th October 2018)

(The Guardian, dated 15th September 2018 author Miles Brignall)

Full article [Option 1]:

A profoundly deaf woman who lost £8,371 when fraudsters took over her mobile phone and used it to empty her bank account, says her faith in the banking system - and Metro Bank in particular - has been left in tatters.

Louise Harte, who only uses sign language to communicate, says two months on she still has no idea how fraudsters were able to convince staff at the network Three to hand over her service, and how they then accessed her bank account.

The justice system worker is furious that bank staff flatly refused to discuss the theft with her and her son - who is a sign language interpreter - when they went in to a branch.

Her case will shock mobile banking users who receive codes to check if payments are valid. It also exposes how some banks refuse to refund unwitting victims of fraud - and the obstacles suffered by deaf or disabled people when dealing with big companies.

Problems began for Harte, from Edgware in London, in July when she returned from holiday in Cyprus and discovered her mobile phone no longer worked. She now knows that while she had been abroad, someone had gone into the Three mobile store in Woolwich, south-east London, posing as her. They somehow persuaded staff to give them a new sim card with her number. The reason her phone no longer worked was because her service had been swapped to the new sim card - that was in the fraudster's possession.

Within a few hours, the same gang logged into her Metro account from a computer in the Maidenhead area, and removed the £8,371. To authorise this transfer, Metro sent a verification code to Harte's mobile, but as this was in the hands of the fraudster, it went through. However, a second payment was blocked "as suspicious".

Harte and her son say they have been blocked at every turn. When she initially visited the Three store on London's Oxford Street, staff failed to disclose that the sim-swap had even taken place. She says she was left "humiliated" by staff who forced her to talk over the phone in front of other customers.

"I have never felt so small and embarrassed. I can only liken it to forcing a wheelchair user to walk when forcing a deaf person to speak," she told Money.

Staff at the bank also refused to talk to her son, despite Harte asking staff to add him to her account a year previously.

"I am deaf but the bank did not take this into consideration and made no attempt to adapt to my needs," she says. "This led to confusion, misunderstandings and, frankly, atrocious customer service."

After four weeks of worry and disputes, the bank revealed (at a meeting when it brought in an interpreter) that it had been able to recover £5,700 of her money, but the rest, she was told, was lost.

Metro refused to refund her losses, arguing that only she had access to her online bank details, with the implication that she must have been negligent. This echoes an earlier case Money reported in February, when the bank refused to refund a Kent businessman who lost £20,000 when his EE mobile service was taken over by fraudsters.

Last week, the Financial Ombudsman Service warned it would no longer tolerate banks refusing refunds in cases where the consumer had no role in making the payment out of their account.

The good news is that following Guardian Money's intervention Metro has now refunded Harte the £2,671. It has also offered her £250 compensation, but she has dismissed this as derisory.

"I still have no idea how or why fraudsters have targeted me," she says. "I don't understand how someone was able to walk out of a Three shop with my mobile service, or to log in to my bank account. I simply don't trust these firms to look after my interests."

A Metro Bank spokeswoman said: "We understand and appreciate the impact fraud has on victims and we have taken the opportunity to fully review Ms Harte's case. Our investigation has shown that a fraudster was able to ascertain her online banking security credentials and her card details. Although we made every effort to take her disability into account, by communicating with her over email and offering to arrange meetings with a sign language interpreter present, we are sorry that we didn't meet her expectations during her time of need. As a gesture of goodwill, we have therefore decided to refund the outstanding £2,671."

A Three spokesperson apologised and admitted her experience had not been up to its "usual standards". It has offered few details and no compensation. "We have been looking at ways to improve our service for deaf customers, having recently partnered with Sign Solutions to pilot an in-store video relay service which we hope to roll out more widely in future."

(5th October 2018)

(Warrington Guardian, dated 14th September 2018 author Jessica Farrington)

Full article [Option 1]:

Warrington Trading Standards are warning residents to be on their guard following a call at 5pm last Friday, September 7.

The caller was described as a well-spoken, polite, male, with a northern lilt who said he was from Warrington Borough Council.

He claimed that a computer error had resulted in the resident paying too much council tax.

Council chiefs say the caller checked the resident's identity and asked for his date of birth and referred to him by a similar sounding but incorrect surname.

The resident provided his date of birth and corrected the surname.

He was told that a computer mistake meant the council owed £127 and that he could arrange immediate payment straight back into the victim's bank account and requested the debit card number.

The resident became suspicious and suggested a cheque could be sent instead.

He then asked the caller for his name and council extension number so that he could ring the council and ask to be reconnected to him for verification.

The fraudster then hung up.

A spokesman said: "Warrington Borough Council can confirm that this call was not from them and urge residents to be on their guard regarding calls from anyone attempting to gain bank details."

Any similar incidents can be reported to Citizens Advice Consumer Helpline on 03454 040 0506 or Action Fraud

(5th October 2018)

(Action Fraud, dated 14th September 2018)

We've seen an increase in reports about fake Netflix emails claiming that there's an issue with your account, or that your account has been suspended. The email states that you need to "update" your account details in order to resolve the problem. The link in the emails leads to genuine-looking Netflix phishing websites designed to steal your username and password, as well as payment details.

Always question unsolicited requests for your personal or financial information in case it's a scam. Never automatically click on a link in an unexpected email or text.

For more information on how to stay secure online, visit

(5th October 2018)

(Daily Record, dated 11th September 2018 author Tom Kershaw)

Full article [Option 1]:

A ruthless conman preyed on a vulnerable elderly couple by selling their home from under them and plundering their life savings which together totalled up to £350,000.

Syed Arfat Bukhari, 37, had wormed his way into the lives of an ex-Merchant Navy man and his wife of 40 years who both suffered from dementia .

Evil Bukhari had even sold the retired couple's home from under them after sifting through paperwork at their home.

The con artist began the sophisticated plotting by 'doing errands' for the couple who have asked not to be named.

He coerced the couple to take out loans and he spent cash on business class tickets to Dubai, designer clothes, watches and a new hair transplant.

But when the police were alerted to the defendant's schemes - brazen Bukhari told cops that he was the couple's adopted son.

The couple's son, 55, said: "I keep thinking its a bad dream and I'm going to wake up.

"I'm spending two to three hours every day chasing the various financial institutions to keep them updated an try and get my parents money back.

"I feel angry towards him, it's been hard listening to him trying to minimise what he has done on court.

"To an extent, dad's condition has protected him because he doesn't know what has happened, it's me who has the sleepless nights."

The couple, from Preston, Lancashire, who are in their 80s and have four children between them, had worked all their lives and saved to be comfortable in their retirement.

But unknown to their loved ones, Bukhari was gathering all the information he needed to steal their savings and sell their home - at £50,000 less than what it was worth.

During the process, he had tricked the confused couple into signing a genuine document delivered by couriers.

Bukhari eventually fleeced them out of £350,000 during a prolonged fraud during which he cynically befriended the couple during a seven month period starting in November 2017.

He spent their £150,000 life savings and then sold their house for around £200,000.

However, the couple are still living in the Preston property - though it is legally not theirs anymore - and their family is battling to recoup their stolen savings.

The son added: "It's been awful.

"Every time I'm sorting through my dad's financial affairs he asks what I'm doing and I have to tell him he's been conned - each time the shock and upset is exactly the same as the first time.

"His condition means he can have a full conversation with you, but as soon as you walk out of a room he doesn't realise you were there because his short-term memory capacity is affected.

"He is a very private, proud man and never shared his financial situation with anybody."

The son was increasingly suspicious and visited Lloyds Bank with his concerns - only to learn his dad had never taken out any loans.

The police were contacted, and a week later they broke the devastating news their home had been sold without their knowledge at Christmas by someone posing as their son.

The couple then had letters asking them to move out.

As the search began for Bukhari he was described as having a receding hairline - but when he was later detained he had treated himself to hair implants.

He was arrested on the tarmac at Manchester Aiport on another 'all expenses paid' trip to Dubai.

Lancashire Police said Bukhari had "taken over" his victims lives.

It is believed he started doing 'errands' for the couple, but due to the man's short-term memory being affected he could not remember

Bukhari, from Withington, Greater Manchester, was jailed for seven years and 11 months at Preston Crown Court after admitting fraud.


Further information - uaware

Suspicious about weird transactions in your bank account - contact your bank and contact CIFAS.

Curious about who is looking at your house on land registry. Register free for land registry alerts, at:


(5th October 2018)

(Daily Post, dated 10th September 2018 author Lottie Gibbons)

Full article [Option 1]:

A duped couple are warning others to be vigilant after they were almost conned out of hundreds of pounds from a caller who appeared to be from Argos.

Anita Smith and her husband who fell victim to a scam almost lost £409 after they were tricked into handing over card details to a telephone scammer.

Her husband, who did not wish to be identified, received a text from what appeared to be Argos, asking him to call an 0800 number regarding an urgent matter over his Argos Card.

Not suspecting anything out of the ordinary, he was asked a series of questions by someone claiming to be a customer representative, the Liverpool Echo reports .

He handed over details including his name, address, date of birth, card number and the pin on the back of his card.

According to Anita, the representative said: "Oh good news, we are able to offer you more credit."

Anita's husband usually receives a letter from Argos regarding any changes, raising initial suspicions.

Asking how much credit he could receive, the representative said: "Oh dear, it's not telling me how much.

"Can you please go on your Argos app and click on credit."

Following her instructions, Anita's husband was alarmed when a message on the app said "Sorry we are unable to process this right now."

However, the representative told Anita's husband to ring back in two weeks as the additional credit was still in process.

Immediately, the couple suspected something was not right and rang Argos' official customer service number, but it rang through.

Speaking to the Echo , she said: "He had a strong suspicion something wasn't right."

To his shock the next morning, Anita's husband received an email from Argos thanking him for his order, totalling £409.

He rang Argos customer service as soon as he received the email, who managed to block his account and stop the order being collected from a store.

Anita's husband was lucky, as his account was later unblocked and he managed to receive a refund - but many customers could be caught out.

Speaking to the ECHO, Argos said: "Customers should always be mindful of phishing scams.

"This message is not from Argos and we are advising customers to delete it."

While Action Fraud weren't able to comment on the specific case, they offered some advice on how to protect yourself from phising and spot the signs.

Protect yourself

- Don't assume anyone who's sent you an email or text message - or has called your phone or left you a voicemail message - is who they say they are.

- If a phone call or voicemail, email or text message asks you to make a payment, log in to an online account or offers you a deal, be cautious. Real banks never email you for passwords or any other sensitive information by clicking on a link and visiting a website. If you get a call from someone who claims to be from your bank, don't give away any personal details.

- Make sure your spam filter is on your emails. If you find a suspicious email, mark it as spam and delete it to keep out similar emails in future.

- If in doubt, check it's genuine by asking the company itself. Never call numbers or follow links provided in suspicious emails; find the official website or customer support number using a separate browser and search engine.

Spot the signs

- Their spelling, grammar, graphic design or image quality is poor quality. They may use odd 'spe11lings' or 'cApiTals' in the email subject to fool your spam filter.

- If they know your email address but not your name, it'll begin with something like 'To our valued customer', or 'Dear...' followed by your email address.

- The website or email address doesn't look right; authentic website addresses are usually short and don't use irrelevant words or phrases. Businesses and organisations don't use web-based addresses such as Gmail or Yahoo.

- Money's been taken from your account, or there are withdrawals or purchases on your bank statement that you don't remember making.

(5th October 2018)

(Indpendent, dated 8th September 2018 author Lizzie Dearden)

Full article [Option 1]:

People must now opt in to receive nuisance calls on PPI and personal injury claims as part of a government crackdown on the "menace".

Companies that continue to make unsolicited calls in violation of the new rules will be fined up to £500,000 by the Information Commissioner's Office (ICO).

People previously had to opt out of the communications by registering with the free Telephone Preference Service or withdrawing consent from each company individually.

But the new powers will force firms to ensure they have the recipient's consent before calling.

British adults have received 2.7 billion unsolicited calls, texts and emails offering to help them make a claim in the past year, the Financial Conduct Authority found - an average of 50 per person.

They include calls claiming people have had recent road accidents and bought mis-sold payment protection insurance (PPI).

Margot James, the minister for digital, said the new rules brought authorities "one step closer to ending the menace of nuisance calls".

"This is a big boost for the Information Commissioner's Office and will help them crack down on the cold call sharks," she added.

"Individuals will be able to opt-in to receiving these calls by consenting to be contacted by claims companies when enquiring about settling a claim, or when seeking claims advice.

"These new measures together with the strengthened Data Protection Act, will curb the number of nuisance calls received by consumers."

Anyone receiving unwanted calls can report them to the Information Commissioner's Office for investigation.

Andy Curry, enforcement manager at the watchdog, said cold calls texts and emails "can cause real distress to people".

"This amendment to the Privacy and Electronic Communications Regulations will increase our ability to take action against those companies who deliberately flout the law and cause real upset and harm," he added.

Previous changes made it easier for regulators to fine those breaching direct marketing rules, forced companies to display their number when calling customers and increased fines for wrongdoers.

The government has also consulted on new measures to make the managers of companies that plague people with unsolicited nuisance calls personally liable for breaking the law and subject to fines of up to half a million pounds.

Alex Neill, Which? managing director of home products and services, said: "Nuisance calls have plagued millions for years and our research revealed more than seven in 10 believe that they received unsolicited calls last month.

"While the new rules are welcome, they must be enforced to stop companies flouting the law with these dodgy practices. The government must also urgently deliver on its promise to hold those responsible personally accountable."

11th September 2018)

(Mirror, dated 2nd September 2018 author Nick Sommerlad)

Full article [Option 1]:

Crooks can buy scam kits to access the identities of one million Britons, and the tools to con them, for as little as £170.

The easily available packages use fake emails to take control of computers, usernames and passwords, a Mirror investigation found.

Nearly 500 people a day fall victim to identity fraud, according to Cifas fraud prevention service figures.

And we found some of the sophisticated tools in the scam kit can be bought online for as little as £1.58.

Cyber-security expert Simon Migliano said: "It's possible to start a criminal career in online fraud for less than the price of a coffee."

He added: "Fraudsters can buy an impressive set of hacking tools that would permit a cyber-crime spree, from infecting people with malware to hacking wi-fi networks, all with a view to commit identity theft.

"This is an alarmingly low barrier of entry to fraud. Some sellers even throw in a free hacking manual."

Criminals set up and sell phishing pages for around £2. These are fake log-in pages for popular online retailers such as Amazon and Tesco.

They are spread by spam emails sent to unsuspecting consumers. Crooks can buy genuine email addresses in bulk on the dark web.

Fraud cost Britain £6.8billion last year, the UK Fraud Costs Measurement Committee's annual fraud indicator showed. There were 600 million scam attempts in 2017, with three in four people targeted, Santander UK research found.

Two in three received phishing emails. We also found names, addr­esses, bank card details and even passwords being openly offered online as a "free sample" by criminals offering to sell thousands more.

And research by, which reviews virtual private networks, found the cost of hacking tools are dropping on the dark web.

Mr Migliano, research chief, said: "Online fraud is increasing year on year. There's certainly a correlation.

"It's easier than ever for criminals to get their hands on powerful malware. [They] can buy everything off-the-peg on the dark web."

here were some 3.6 million fraud cases and two million computer misuse offences in the 12 months to September 2017, the Crime Survey for England and Wales showed.

Mass marketing fraud is calculated to be costing £4.5billion a year, and identity fraud at £1.3billion.

Labour MP Anna Turley, who sits on the Commons Business Select Committee, said: "It's horrifying to think of how many Brits have had usernames and passwords stolen.

"It's also deeply worrying that this fraud is so cheap and accessible. The Government must urgently take action to tackle this and to beef up our defence against cyber crime."

How to protect ourselves

The first thing to do is have a good up-to-date antivirus software on your computer, says Data Security Expert Graeme Batsman.

This won't stop everything but it can make a difference.

Do some research and don't be afraid to pay for something that is good. Spending £30 is not much compared with the cost of your computer or data.

On passwords, they don't need to be overly complicated. An easy way to make a secure password is a passphrase. So instead of numbers, letters and characters, use four or five words to form a short phrase.

But some data security is still analogue and a bit of effort can make all the difference.

I shred everything. A simple cross shredder instantly makes personal documents leaving your home more secure.

You should also take the time to wipe your hard drives and USB sticks - you can get software for free online that will help. But it can be much quicker, and more satisfying, to do it yourself with magnets and a hammer.

What the hackers are using

Experts at found a set of tools that could set up a wannabe hacker.

Anonymity tools - £10.51: Rookies can pay to cover their tracks with a range of these.

Carding software - £33.83:Allows crooks to clone credit and debit cards.

Cryptocurrency fraud malware - £5.01: "Mines" cryptocurrencies, making money for fraudsters.

Keylogger - £1.58L Captures every keystroke on your computer.

Malware - £37.43: Includes nasty ransomware that locks up your computer, permanently encrypting its contents until ransom is paid.

Phishing page - £2.07: Fake log-in pages for the most popular online retailers.

Remote access trojan - £8.47: Allows a hacker to take full control of your computer.

Wi-fi hacking software - £2.29: Used to test the security of your wireless network.

Email leads - £70.70: More than 1.4 million email addresses to target with phishing scams and malware.

11th September 2018)


(Mirror, dated 29th August 2018 author Vicky Shaw)

Full article [Option 1]:

The Association of British Insurers said cold callers are ringing people up out of the blue and luring them into paying for false policies.

Scammers are cold-calling people about personal injury claims and pretending to be from the Association of British Insurers (ABI), the trade association has warned.

The ABI said it has been contacted by people who have reported receiving cold calls from those purporting to have some sort of connection with the ABI.

Fraudsters are trying to encourage people to make fake claims, it said.

It said it would never contact people in this way about a personal injury claim or endorse a claims management firm.

ABI spokesman Anthony Wright said: "Any cold callers saying they are connected with the ABI are cowboys trying to scam honest people into making a fake claim.

"We want the public to know that the Association of British Insurers will never contact members of the public in this way and does not endorse any claims management firm.

"If someone does contact you about a personal injury claim saying they work with the ABI, our advice is to just put the phone down."

Nuisance calls and texts can be reported to the Information Commissioner's Office.

(11th September 2018)

(Coventry Live, dated 22nd August 2018 authors Charlotte Ikonen and Fionnula Hainey)

Full article [Option 1]:

Superdrug say it is working to establish the exact number of accounts that may have been affected

A hacker claims they have obtained details of around 20,000 Superdrug customers.

The high street pharmacy confirmed that 386 of accounts had been compromised after it was contacted by the mystery hacker.

Superdrug say it is working to establish the exact number of accounts that may have been affected.

A spokeswoman for the chain said: "The hacker shared a number of details with us to try and 'prove' he had customer information - we were then able to verify they were Superdrug customers from their email and log-in," reports the Daily Star.

Superdrug said customers' names, addresses and in some cases dates of birth, phone number and points balances may have been accessed, but no payment or card information had been taken.

Customers who may have had their data harvested were sent an email and asked to change their passwords.

They were also advised to change them regularly in future.

"We have contacted the Police and Action Fraud (the UK's national fraud and cyber crime arm) and will be offering them all the information they need for their investigation as we continue to take the responsibility of safeguarding our customers' data incredibly seriously," the firm said.

In a separate tweet it added: "To customers who have received an email from us today, this email is genuine. We recommend you follow the steps outlined."

One angry customer replied: "Not even an apology. Your responsibility to keep our information safe. Disappointed."

Another said: "What a cagey and cryptic tweet, something you're embarrassed to talk about?"

Last year, retailer Dixons Carphone, which owns a number of electrical and tech brands including Currys and PC World, was subject to one of the biggest data breaches in history.

Around 10million records containing personal data were accessed.

In 2015, mobile network TalkTalk was targeted by hackers who exploited a flaw in the company's website, resulting in 157,000 records being accessed.

Uaware futher information

In a very much similar article (this time on Leicestershire Live), the following additional information was provided :

For further information on the Superdrug breach, call Superdrug Customer Services on 03456 710 709 or email

(11th September 2018)

(Wales online, dated 17th August 2018 author Alex Wood)

Full article [Option 1]:

People are being conned out of thousands of pounds by scammers posing as HM Revenue and Customs staff.

The scam involves people being told to buy £10 iTunes vouchers or face being arrested.

It happened to Melvyn Vernon who was conned out of £1,000 after he bought 100 iTunes vouchers from his local supermarket.

Mr Vernon was ordered not to tell anyone what he was doing and to stay on the phone at all times by the scammer who posed as a "UK tax official".

In each case, the scammers call their victim and demand immediate payment of unpaid tax.

Mr Vernon, 58, told the Bristol Post : "They said if I don't pay them £1,000 straightaway, I would have the police at my door within 45 minutes and I would have to go to court.

"The scammer phoned me on my mobile and he knew my name. He said he was from the UK tax office and said I owed them £3,828.

"I had to go to Sainsbury's and buy £1,000 worth of iTunes store vouchers. He asked me to do it, so I bought 100 £10 gift cards.

"It scared me to death. I had to stay on the phone the whole time and then when I got back to my flat, I had to spend ages giving him the codes for him to redeem.

"He has been calling me for the remaining amount of money ever since."

It was only after providing the scammer with the voucher codes - which Mr Vernon said took at least an hour to complete - that the 58-year-old decided to contact the police.

His report was forwarded to Action Fraud, who have since highlighted the scam as a wider concern.

The scam has been operating in the Bristol area but there are fears it is also happening elsewhere across the UK.

A spokesperson for Avon and Somerset Police said: "Thankfully none of the people who came into the police station have fallen for this con but the fraudsters are so convincing they've been left worried.

"We're keen to make sure others know how to deal with this."

How to protect yourself

- If you get this sort of unexpected call, end it immediately. If you are concerned about your tax status, contact HMRC directly using a number from the phone book, HMRC correspondence you know to be genuine, or from

- Do you suspect you have been contacted by a fraudster? Report it and receive a police crime reference number by calling Action Fraud on 0300 123 2040, or using the online fraud reporting tool on their website,

- Their website also has more information, including an A to Z of common scams.

- Police have also asked individuals to help their vulnerable elderly relatives or friends keep their finances secure, and ensure they know about this scam.

(11th September 2018)

(London Evening Standard, dated 17th August 2018 author Tristan Kirk)

Full article [Option 1]:

A specialist police unit backed by the City has foiled £25 million of frauds in the past six months, it was announced today.

The Dedicated Card and Payment Crime Unit (DCPCU) tackles crooked bank staff, online card fraud and scams, to bolster the security of the banking industry.

Figures released today show that 26 fraudsters were convicted between January and June this year thanks to DCPCU efforts, and seven organised crime groups were targeted.

The unit stopped frauds totalling £25 million in the first six months of this year, bringing the total to £540 million since its inception in 2002.

One of those brought to justice was 26-year-old Barclays cashier Rasad Salam, who helped fraudsters target singer Emeli Sandé.

Salam, who worked at a branch in Whitechapel, acted as the "inside man" by passing on the details of Sandé's ex-husband with whom she shared a bank account.

The cashier, from Forest Gate, admitted nine charges of fraud, including £4,500 taken from the singer's account, and was given a 12-month suspended jail sentence at Inner London crown court in July.

A representative for Emeli Sandé? said the singer was not a signatory on the bank account targeted, however this was not what was said in court.

Another of the unit's targets, online fraudster Surendiran Ganesharajah, 30, was jailed for 32 months in January for a £14,000 delivery scam on John Lewis. He used stolen bank card details, bought over the dark web, to order goods from the firm and was caught using £3,000 of stolen Harrods gift cards to buy designer shoes.

Detective Chief Inspector Glyn Whittick, who works in the DCPCU, said its success was due to "close co-operation" between financial institutions, City of London police, the Met and the Home Office.

"Criminal gangs are increasingly sophisticated and taking advantage of new technologies to commit fraud online," he added. "But with close co-operation between law enforcement and the industry, we can stay one step ahead and ensure there is no place for fraudsters to hide."

The unit carried out raids across the UK in June as part of a Europe-wide crackdown on online fraud.

(11th September 2018)

(Reuters, dated 17th August 2018 author Reuters staff)

Full article [Option 1]:

Cryptocurrency scams are using images of celebrities and upmarket London addresses to hoodwink consumers into parting with cash, Britain's Financial Conduct Authority has said.
The warning, first made in June, was reposted on the FCA's website on Friday.

Cryptocurrencies such as bitcoin and ether are not regulated in Britain, and the FCA said it has received a rising number of reports about investment scams that claim to offer high returns.

"UK consumers are being increasingly targeted by cryptocurrency-related investment scams," the FCA said in a statement.

"Cryptocurrency fraudsters tend to advertise on social media, often using the images of celebrities or well-known individuals to promote cryptocurrency investments."

The ads link to websites for investments either using cryptocurrencies or traditional cash.

"The firms operating the scams are usually based outside of the UK but will claim to have a UK presence, often a prestigious City of London address," the FCA said.

Given that cryptocurrencies are not regulated, consumers are unlikely to get their money back, and are not protected by the Financial Services Compensation Scheme, the watchdog said.

(11th September 2018)

(Action Fraud, dated 17th August 2018)

Fraudsters are contacting overseas students and visitors who are in the UK via their mobile phone or social network account and purporting to represent UK or foreign law enforcement.

After fraudsters have claimed to work with their respective embassy or government, they tell the victim that there is evidence in the form of forged documentation or parcels which implicate them in a crime such as money laundering, fraud or immigration offences.

After demanding further personal details from the victim such as their name, current address and copies of personal documentation, they threaten the victim by suggesting a warrant exists for their arrest which will result in their deportation and imprisonment unless they transfer a payment to them in order to cancel the arrest or pay a fine. Once the money is transferred, all contact between the victim and the fraudster is severed.

What You Need To Do:

- Police will never ask you to withdraw to transfer money so "it can be checked", neither would they demand money to in order to cancel an arrest.

- Do not be tricked into giving a fraudster access to your personal or financial details no matter who they say they are; protect your information and have the confidence to question and refuse unusual requests.

- If you have made a payment to someone claiming to be the police or government department, and you think you might be a victim of fraud, you can report it to Action Fraud any time of the day or night using our online fraud reporting tool. You can also get advice about fraud or cyber-crime by calling 0300 123 2040.

- If you are a student you can ask your Student Union or University for advice, help and support.

(11th September 2018)

(Mirror, dated 16th August 2018 author Andrew Penman)

Full article [Option 1]:

This was a cry from the heart.

"Help me after an incredibly frustrating few days," tweeted Supt Alun Morgan of South Wales Police.

"If you do one thing tonight, tell someone of senior years you care for or live near to NEVER agree to withdraw money from a bank for the police to look after"

He was responding to a spate of so-called courier frauds in the area - more than a dozen in Bridgend and the Vale of Glamorgan in one week plus three more in Cardiff.

The fraud works when callers posing as police officers persuade people that their bank account has been compromised and they must withdraw cash and hand it to a supposed police courier who'll take it away for safekeeping.

The bogus officers sometimes threaten arrest if victims don't comply.

While most victims are elderly, officers stress that anyone could potentially fall for the sophisticated and well-rehearsed scam.

"I am appalled by this type or criminality, it is upsetting even to the most hardened detective," said Supt Morgan.

"I have a dedicated team who have been given a clear direction to only focus on this particularly cruel type of offending - we are talking of people's life savings in some cases - and let me first say that a number of positive lines of enquiry are already underway."

He urged: "It is very important to raise awareness of this deception and vital that we reach out with your help to protect the most vulnerable in our communities.

"Police officers will never contact you asking for personal financial information and we will never ask you to withdraw money."

South Wales Police recently released a video of retired Penarth teacher Margaret Turner, who'd lost £20,000 to what she called the "ghastly" fraud.

"My message to other people who receive a call of this nature is to tell the police at once," she said.

"Don't give the fraudsters anything."

Typically for this scam, one bogus sergeant advised her to call to check the veracity of his story but kept the phone line open, so when Margaret dialed she unknowingly spoke to another member of the gang, also posing as an officer.

She only realised that she'd been defrauded when her account went into the red.

Here's the official police advise:


- Obtain details of caller including name, rank, collar number and station;

- Ask what police force they identify themselves as working for;

- Note any contact details from caller display or via 1471 after the call has ended;

- Obtain the main force control room number from the phonebook, internet or directory enquiries;

- Terminate the call advising you will contact the force control room directly to confirm their identity and be put through to them internally. (Ring a family member first to ensure the line has disconnected from the initial caller);

- If anyone calls at your address following on from this communication please call 999 immediately.


- Provide any details of bank cards, account numbers, financial circumstances or personal details;

- Agree to make purchases or obtain funds from accounts to hand over to couriers;

- Hand over your bank cards or account paperwork;

Anyone who thinks they may have fallen victim to a scammer should report it via 101, or Action Fraud on 0300 123 2040.

(11th September 2018)

(Manchester Evening News, dated 15th August 2018 author Charlotte Cox)

Full article [Option 1]:

NOTE: This article describes an example of a airport parking scam. The defendents name has been blanked (****) as they have stated they will appeal.

A meet and greet boss has been fined by magistrates after a council sting found a car in his firm's care was parked on the streets around Manchester Airport.

Mr ****, director of PPS Manchester Ltd - which is not affiliated to the airport - was rumbled after Trading Standards officers placed a tracker in a car and pretended to be customers.

Officers claim the tracker showed the vehicle had been parked on Greenwood Road in Woodhouse Park, Wythenshawe - and not in a secure car park as advertised.

Both director Mr **** and his firm PPS Manchester Ltd were found guilty at Manchester magistrates court of 'engaging in a misleading action', under consumer protection laws. Total fines and costs came to £3,567.

After the hearing, Mr **** - who denied the charge but was found guilty after a trial - said he intends to appeal the case.

Describing the investigation as a 'witch hunt', he told the Manchester Evening News: "PPS has served Manchester Airport Customers for 18 years and had never been to court before. It is one of the best companies on Manchester Airport with an impeccable reputation."

A council spokesman said in a statement how their sting was carried out.

He said: "In 2016, Manchester City Council's Trading Standards team fitted a tracking device to a vehicle and booked a three day airport parking service through the PPS Manchester website.

"The tracker showed the car had been parked on Greenwood Road in Woodhouse Park and clearly not in a secure car park as advertised.

"The company's website claimed that cars are kept on a concrete surface surrounded by fencing, patrolled 24 hours a day by security guards and under the watch of CCTV.

"Returning the following day, trading standards officers found the car in the same position before picking up the vehicle from a PPS Manchester driver the next day.

"Under interview, Mr **** claimed the cars were safe and secure as it was parked outside of his home address, and claimed the promise on the website referred to a period of time when the business was based at another location close to the airport.

"He also claimed that if the booking had been for longer, the vehicle would have been moved to one of three secure car parks that he had exclusive use of."

The sting was part of an ongoing operation to deal with several meet and greet firms following resident complaints over cars being left on streets.

Councillor Rabnawaz Akbar, Manchester Council's Executive Member for Neighbourhoods, said: "I hope this sends a clear message to other illegal operators that deceiving customers will not be tolerated. We are doing everything we can to find you, investigate you and where possible, we will prosecute."

He said holidaymakers should research firms before booking and look out for the certified 'Buy with Confidence' mark.

Mr ****, Manchester, was personally fined £425 as sole director of PPS Manchester Limited and was ordered to pay £1,000 court costs and a victim of crime surcharge of £42.

PPS Manchester Limited was also fined £1,000 after being found guilty of engaging in a misleading action, and ordered to pay court costs of £1,000 along with a victims of crime surcharge of £100.

Mr ****'s offence comes under the Consumer Protection from Unfair Trading regulations.

The prosecution follows a string of stories by the M.E.N into meet and greet firms who have lost, damaged and parked cars on streets around the airport.

###'It's a witch hunt' says company boss

Mr ****, who said he sold the company in 2016, described the council's investigation as a 'witch hunt', adding: "PPS has served Manchester Airport Customers for 18 years and had never been to court before.

"It is one of the best companies on Manchester Airport with an impeccable reputation. Trading Standards failed to bring a single complaint about the company."

He said he intended to appeal the case.

He said PPS Manchester Ltd, which stands for Premier Parking Services, had only parked the car on Greenwood Road, outside his neighbour's home, for a valet because the booking had come from a (council officer's name) at a Manchester Council email address. For this reason, he said, the customer was 'treated like a celebrity'.

(11th September 2018)

(The Register, dated 15th August 2018 author John Leyden)

Full article [Option 1]:

New figures reveal UK identity fraud dropped during the first six months of 2018 to reach a four-year low.

Cifas members recorded 84,463 cases of identity fraud in the first six months of the year, a 5 per cent drop compared to the same period in 2017 (89,199). Despite the reduction, identity fraud still represents over half of all fraud recorded by the UK's not-for-profit fraud data sharing organisation, with the vast majority (87 per cent) of identity frauds perpetrated online.

Reductions were also seen in fraudulent attempts to obtain bank accounts and mobile phone contracts. Fraudulent bank account opening scams fell from 24,759 in the first half of 2017 to 21,877 in the same period in 2018, a drop of 12 per cent. There was an even sharper 34 per cent reduction in attempts to obtain mobile phone contracts 6,000.

It's not altogether good news - both plastic card and online retail account fraud increased in the first six months of 2018.

Identity fraudsters applying for plastic card accounts rose 12 per cent from 29,851 in January to June 2017 to 33,305 in the first half of 2018. Identity fraud against online retail accounts rose by 24 per cent to reach 6,329 in 1H '18.
How cybercrims scrape enough data to become your nan

Identity fraud happens when a fraudster poses as an innocent individual to buy a product or open an account in their name. Victims may not even realise they have been targeted until a bill arrives for something they did not buy or they experience problems with their credit rating. Fraudsters need access to their victim's personal information such as name, date of birth, address, existing bank account etc in order to impersonate victims.

Fraudsters get hold of this info in a variety of ways, from stealing mail through to hacking, obtaining data on the dark and surface web, exploiting personal information on social media, or though social engineering - where victims are tricked into handing over personal information to someone pretending to be from their bank, the police or another trusted party.

Sandra Peaston, director of strategy, policy and insight at Cifas, said the figures show ID fraudsters are switching tactics.

"Identity fraud cases reached record levels in 2017, therefore it is positive that we have seen an overall reduction in the first six months of the year," she said. "However, these new figures demonstrate that identity fraudsters adapt quickly to try and circumvent security measures. The re-targeting of plastic cards, following a drop in 2017, is a prime example of this."

She added: "With identity fraud remaining uncomfortably high, more personal information available online, and increasing numbers of data breaches, the protection of personal data must be viewed as a collective responsibility. Everyone should play their part, from individuals and organisations taking steps to protect personal data to businesses ensuring their fraud prevention practices effectively defend against evolving tactics employed by identity fraudsters."

Cifas's data comes from identity fraud cases that have been recorded on the National Fraud Database by more than 400 organisations.

The number of victims aged under 21 in Cifas' figures rose from 1,012 in 1H17 to 1,309 in 1H18. The number of victims aged over 60 increased 8 per cent to 14,261. The ages of victims is not universally recorded in all cases so these figures are less than definitive.

(11th September 2018)

(Mirror, dated 12th August 2018 author Lauren MacDougall)

Full article [Option 1]:

Fraudsters are luring Morrisons and Sainsbury's customers into parting with their personal details in a new WhatsApp scam.

Consumer group Which? has issued a warning to shoppers over the bogus offers. The message tells unassuming customers that they could collect a free £150 voucher to spend in either Morrisons or Sainsbury's.

One message read: "I just received a free £150 gift voucher from Morrisons.

"Get yours before the offer ends.

"Thank me later."

It then links to a webpage used by the scammers to collect personal details, Kent Live reported.

The website address shared in scam messages usually contains the name of the supermarket or brand, leading people to believe the page is real.

But clicking on the link will take victims to an online survey asking for personal information including email address, home address and phone number before the bogus "free gift voucher" can be sent.

When the survey is complete, customers are asked to select WhatsApp friends to share the deal with and the promotional message and link is sent to all of those contacts.

A spokesperson for Morrisons confirmed the latest "offer" is indeed a scam, while Sainsbury's warned its customers to be vigilant.

A spokesman said: "Customers should always be mindful of phishing scams.

"This message is not from Sainsbury's and we are advising customers to delete it.

"Which? advise that if you're not sure whether the link or offer in a WhatsApp message is legitimate, not to click on it.The experts say you should contact the company directly to ask if the deal is genuine and warn the person who sent it to you.

They add: "If you have entered personal details, you need to be extra vigilant. If you receive any suspicious emails or odd postal messaging going forward, ignore them - they could be from a scammer hoping you'll fall for their next scam.

"Keep an eye on your credit report and bank accounts - scammers can use personal information to steal your identity and open new accounts or take out credit.

"Whatever form a message comes in, make sure you don't give away any bank details or passwords."

(11th September 2018)

(Which ?, dated 12th August 2018 author Andrew Laughlin)

Full article [Option 1]:

With broadband now a utility, much like electricity or gas, the humble internet router has become a new target for the scammers.

Which? members have contacted us about a new strain of attempted fraud that is similar to the 'Microsoft scam', but instead sees fraudsters masquerading as your internet provider and claiming that your router has been hacked.

Here, we alert you to the details of the router scam and show you how to protect yourself.

The router scam

In the scam, someone calls you supposedly from the technical support team of internet service providers, BT, Sky or TalkTalk. The caller advises you that there's a problem with your router, either that it's been 'compromised in several different countries' or that it just isn't working properly. Either way, they claim it has to be changed.

To create a sense of urgency, the caller advises that your home internet will have to be shut down within 24 hours unless you take action.

The scammers then claim that they, supposedly being the internet provider, are so sorry about the issues with the router that they want to refund a sum of money. They then move into a traditional scam aimed at tricking you into making a payment, securing your bank details or gaining access to your online bank account.

How to avoid falling victim to a router scam

- Treat all unsolicited phone calls with caution. If you have any doubt, just hang up and call your internet provider directly. Ensure you only get the number from the official website and don't call any number given by the fraudsters.

- Check your router. If they say there's a problem with your router, go check for yourself. If you don't have any internet problems, hang up.

- Don't ever give someone access to your computer unless they have 100% proven their credentials and identity. You wouldn't let just anyone in your home, so the same should apply with your laptop.

- Don't give your bank details over the phone. Your internet provider would have these details already, so there's no good reason why they would want them again.

- Warn others. If you've been targeted or know someone who has, alert other people to the scam so that they can avoid falling victim. If you use social networks, though, try to avoid revealing too much personal information.

Another strain of the 'Microsoft scam'

We contacted Action Fraud and it said that it was aware of similar cases. This falls into the broad category of 'computer software service fraud', more commonly referred to as the 'Microsoft scam', because the Windows software maker is so commonly used as the conduit for the deception.

In the Microsoft scam, a caller rings up and asks for you by name. They say they are a computer-security expert and warn that your PC, laptop or tablet has been infected with malware or has some other issue. They claim that they want to help you fix the problem.

Fraudsters often use name of well-known brands, such as Microsoft, as it's likely that the victim will have a PC running Windows in their home. With so many people now having broadband, it's unsurprising that fraudsters are now masquerading as the UK's biggest internet service providers, BT, Sky and TalkTalk.

While it is possible that your internet provider may contact directly, you should always exert caution when someone calls or emails you up out of the blue. For more help and advice on how to avoid tech scams and fraud, head over to our Computing Helpdesk website :

(11th September 2018)

(Independent, dated 9th August 2018 author Kate Hughes)

Full article [Option 1]:

Almost five million people had money stolen from their bank or credit card account last year, at a cost of around £840 each, according to shocking new figures.

More than £2bn has been snatched from about one in 10 British adults, new data from Compare the Market has revealed, and online payments are the weakest link.

More than a quarter of frauds took place online last year and 27 per cent of victims don't know or remember how they were hacked.

The level of cyber fraud in the UK has fallen over the past 12 months, but the amount of money stolen has increased.

More than half of fraud victims have had money stolen in the last year, compared with the 5.5 million people who were victims of fraud between May 2016 and May 2017.

Criminal strategies are rapidly evolving as social media and software technology do.

The figures come after 95 arrests were made across Europe earlier this summer following a joint law enforcement operation targeting online fraudsters. The suspects arrested during the operation are believed to be responsible for more than 20,000 fraudulent transactions using compromised credit cards, with an estimated value exceeding £7m.

"Fraudsters are increasingly targeting people through social media so it's vital that everyone follows the advice of the Take Five to Stop Fraud campaign and keeps their details safe," warns Detective Chief Inspector Glyn Whittick, head of the Dedicated Card and Payment Crime Unit, which led the UK side of the operation. "People should also remember when shopping online that if an offer seems too good to be true, it probably is."

Here in the UK, concerns are growing among consumers over pre-populated debit or credit card details that many people use to make online purchases. A third of consumers' credit or debit card details are saved using web browsing "auto-fill" technology, and more than half are concerned about the safety of this technology.

"In the last two years, we have seen the average amount stolen from accounts soar from £475 in 2016 to £833 in 2018. This is an extremely worrying trend and suggests a significant rise in aggressive bank and credit card fraud," says Shakila Hashmi, head of money at Compare the Market.

"It is also worrying that so few people decide to take action by moving provider after an attack takes place. Whilst we do all have a responsibility to try keep our banking and card details secure, providers have a duty of care to ensure that their customers are as protected as possible.

"It is also vital that they jump on suspicious activity, something that our research suggests does not happen enough. According to our research, 44 per cent of people who had been hacked had to alert their credit card provider or bank about the incident."

However, there is evidence that Britons are beginning to change their behaviours as a result of worrying and growing levels of fraud.

Most consumers are now more likely to check their bank and credit card accounts regularly, and to have different passwords and pins for their various accounts, and most now won't give out their bank details over the phone.

But campaigners warn anyone can be a victim of fraud and nobody should relax no matter how clued up they believe they are.

"All of these measures need to be ramped up in order for people to lessen the chance of being hacked," adds Hashmi.

"However, if a provider has not spotted suspicious activity or has not dealt with a fraud to the best of their ability then it is vital that people vote with their feet and move to suppliers with a better client service rating."

How not to be a victim of fraud

1. Keep your contactless card safe and in sight, this will help guard against misuse.

2. Make sure the PIN protecting your card, smartphone or other payment device is strong and secure and, never use the same PIN to unlock your smartphone and to verify contactless payments.

3. Regularly check the transactions on your bank statements - this will help you to spot any fraudulent activity on your account, contactless or otherwise. Checking your statements will also help you keep track of your spending.

(11th September 2018)

(Independent, dated 6th August 2018 author Eleanor Busby)

Full article [Option 1]:

Fraudsters posing as Home Office officials or as the police have been targeting international students and threatening to deport them unless they pay money upfront.

National organisations have issued urgent advice to help international students - who come from non-EU countries like India and China - to avoid falling victim to a recent phone scam.

Students have been told by fraudsters they face immediate deportation and a 10-year ban from the UK for failing to fill out paperwork correctly - unless they pay a fine of up to £6,500.

Some victims have already lost thousands of pounds to fraudsters to avoid disputes with UK authorities, according to recent University of Manchester Students' Union (SU) guidance.

It adds that fraudsters are using software which displays official Home Office or police numbers on the students' screens to make it look genuine.

"They might intimidate you by using phrases like 'deportation notice', 'late fee charges', '10-year ban to enter the UK' if you refuse immediate payment," the notice from Manchester SU says.

The National Indian Students and Alumni Union (Nisau) and the Chinese Students' and Scholars Association (Cssa) have also both published advisory statements on the latest targeted scam.

Fraudsters are "authoritative and persistent" and have told students not to hang up the phone as the authorities will assume they are "implicit in criminal activity", the Nisau advice says.

Riddi Viswanathan, international officer at Manchester SU, said on Twitter she was "absolutely appalled" international students were being "targeted" for money by fraudsters.

Yinbo Yu, international students' officer at the National Union of Students (NUS), told The Independent: "It is deeply troubling to hear of yet another scam targeting students who have come here to study from abroad.

"These fraudsters are nothing more than vultures, and the police must identify those involved and act accordingly.

"It's also worth remembering that universities have a duty of care towards their students, and could be doing much, much more to reassure students at risk that adequate protections are in place."

Victims should not make any payments or give any personal information to the caller. They should call their university international student support team and report the incident to Action Fraud.

A Home Office spokesperson said: "Legitimate Home Office officials will never contact individuals to demand payment over the phone for visa fees or fines.

"Anyone who thinks they have been a victim of fraud should contact the police."

Action Fraud UK has been approached for a comment.

(11th September 2018)

(The Telegraph, dated 4th August 2018 author Steve Bird)

Full Article [Option 1]:

Tech-savvy men in their 30's have been conned out of more than £22 million by online fraudsters who persuade them to bag a bargain by cutting out the middleman.

An increasing number of young men are falling for fake internet shopping and auction adverts in a confidence trick run by a sophisticated network of international organised criminal gangs.

In London alone, there are nearly 7,000 online shopping fraud crimes committed every year, netting criminals in excess of £8 million.

The latest statistics from the National Fraud Intelligence Bureau show men account for 61 per cent of online fraud victims, with those aged between 31 and 40 most likely to fall for the fraud.

And most are being duped by fake adverts for 'cut price' high end goods, including cars, laptops, mobile phones, expensive trainers and other fashion items.

The Metropolitan Police is launching a nationwide online campaign urging people using shopping and auction sites to think before they are rushed into buying a bargain that is simply too good to be true.

Detective Inspector Brendan Bannon, from the Metropolitan Police, said the criminal gangs tend to be based in Romania with foot soldiers in the UK who carefully price products just below genuine adverts and then make up a sob story about the need for a quick sale.

The network has 'fraudsters' posting fake adverts on sites like eBay or Gumtree, while 'mule herders' recruits 'mules' to set up fake bank accounts for the 'money launder' to processes the stolen cash.

The gang's fake accounts and emails are often based on well-known English names, like Amy or Lucy, that Britons are more likely to trust.

After emailing over a sob story, such as having an ill relative or needing to leave the country, they encourage a quick sale and insist on cutting out the website's secure payment system.

Police say "alarm bells should be ringing" when any seller asks a buyer to step away from the online auction or sales process. On average the fraudsters steal £1,200 from each victim.

In the last financial year, there were 6,879 reports of online shopping fraud in London, an increase of 946 - or 14 per cent - on the previous year.

Detective Inspector Bannon said: "People get taken over by greed and thinking they're getting a bargain - common sense goes out of the window."

Earlier this year, Dragoz Dragomir, was jailed after running a counterfeit ID factory with a an online fraud operation netting millions of pounds.

His gang posted hundreds of fake adverts for non-existent goods and services on website like eBay. Dragomir even created a fake driving licence for David Cameron, the former prime minister to show off his counterfeiting skills.

The bogus documents allowed them to open fake bank accounts for the money launderers. The vast sums of cash were filtered through bank accounts before his henchmen withdrew the cash in smaller sums at bank machines.

(11th September 2018)

(Action Fraud, dated 3rd August 2018)

We've had an increase in reports about fake British Gas emails claiming to offer refunds. The links provided in the emails lead to genuine-looking British Gas phishing websites that are designed to steal the usernames and passwords for British Gas accounts.

Always question unsolicited requests for your personal or financial information in case it's a scam. Never automatically click on a link in an unexpected email or text.

For more information on how to stay secure online, visit

(11th September 2018)

(London Evening Standard, dated 2nd August 2018 author Justin Davenport) [Option 1]

Londoners are being fleeced out of more than £8 million a year in online shopping scams.

Users of websites including Amazon, Gumtree and AutoTrader are being conned into paying for goods that do not exist, police have warned.

Ciminals lure buyers way from the main website pament process by offering hefty discounts if they pay direct.

Scotland yard said some 700 Londoners a month are being conned out of thousands of pounds trying to buy cars, laptops and mobile phones.

Last year there were 6,879 reports of online shopping fraud in London, a 14 per cent rise on the previous year. The racket now accounts for about a quarter of all reports of fraud in London.

Detective Chief Inspector Gary Miles, of the Met Cyber crime unit , said: " Organised crime is getting into this area and you will see different people taking different roles : some will set up the ads for the goods, others will set up the bank accounts to collect the cash".

Detectives have identified 5,000 victims so far in one investigation into Romanian - organised group which is suspected of netting at least £15 million.
The inquiry has led to 74 arrests.

The average loss to each victim is said to be £1,200, but the total cost to Londoners last year was put at £8.3 million.

Adverts on shopping sites are planned to alert buyers to potential fraud.

(Mirror, dated 4th July author Emma Mumbodh)

Full article [Option 1]:

More than 50,000 websites have been suspended for selling counterfeit goods, the UK's anti scams body has revealed.

City of London Police said tens of thousands of online retailers have been taken down for flogging fake goods such as designer bags, accessories and jewellery.

Since 2013, 22,084 clothing websites, 15,975 footwear websites and 3,591 brands selling bags, accessories and jewellery have been caught out, as part of Operation Ashiko - the Government's crackdown on illegitimate goods.

It follows a widespread campaign, dubbed there's more at stake when it's a fake, to protect customers from cut price online items that are often of poor quality and potentially dangerous.

The City of London Police's Intellectual Property Crime Unit, which is leading the operation, said many of these websites also contain harmful viruses and malware and your personal information is also at risk of being compromised.

Detective chief inspector Nicholas Court, of the Police Intellectual Property Crime Unit, said: "Since the launch of Operation Ashiko in October 2013, we have been extremely successful in removing websites selling counterfeit products and as such protecting people from the risks of IP crime.

"The sheer number of website takedowns should act as a warning online shoppers that there's more at stake when it's a fake," he added.

"When consumers make purchases on illicit sites, they are unknowingly handing over their personal and payment details to criminals who often use these to commit further crime."

How to tell if a website is genuine

Action Fraud has identified a number of preventative steps to help protect customers from online shopping fraud.

Detective inspector Chris Felton told Mirror Money: "As with any online shopping, we would urge people to research a seller before paying any money. Search for reviews from people who have previously purchased from the seller and check the item description carefully. If you are unsure, ask the seller questions.

"To protect your money until you've resolved any problems with the seller, always pay suing a recognised service; never pay by money transfers."

Here are the signs to watch for:

- If something seems too good to be true, it probably is. Don't be fooled into thinking you're getting a great deal.

- Get the trader to tell you if they provide an after-sales service, warranty or guarantee. Most rogue traders don't.

- Make sure you understand how the website's feedback function works. Feedback will give you useful information about recent transactions other buyers have made.

- Check the item's description carefully - ask the seller questions if you're not sure of something.

- Be aware of phishing emails that look like they come from the online auction or payment site you're registered with, asking you to update your account details or re-enter them because your account has been suspended.

- Check the URL in the web browser. A tactic often used by fraudsters is to change the address very slightly (if they're spoofing an eBay site, for instance, they may have an address such as '. . .' whereas the real site is '. . .')

- Read the terms and conditions carefully, including those relating to any dispute resolution procedures the site offers.

- Run the site through a search engine - often if a site is suspicious, there'll be people talking about it online.

Top tips to stay safe online

As record numbers of gift buyers get set to purchase online, BarclaysDigiSafe has shared the following tips to avoid being fleeced by festive fraudsters:

1. Look out for the padlock symbol and 'https' in the address bar on retailers' websites

2. Watch out for deals that look too good to be true

3. Never use public Wi-Fi to purchase shopping online

4. Never give out your PIN or online banking password - legitimate websites won't ask for it.

5. Keep an eye on your bank balance so that you can spot and report fraudulent transactions quickly

(11th September 2018)

(BBC Capital, dated 27th July 2018)

Full article [Option 1]:

Note : This article originally appeared on The Conversation, and is republished under a Creative Commons licence. The author is Stacey Wood, professor of psychology at Scripps College (Claremont, California, United States).

If you have a mailbox, you probably get junk mail. If you have an email account, you probably get spam. If you have a phone, you probably get robocalls.

Unwanted messages and solicitations bombard us on a regular basis. Most of us hit ignore or delete or toss junk mail in the rubbish knowing that these messages and solicitations are most likely so-called mass-market scams. Others aren't so lucky.

Scams cost individuals, organisations and governments trillions of dollars each year in estimated losses, and many victims endure depression and ill health. There is no other crime, in fact, that affects so many people from almost all ages, backgrounds and geographical locations.

But why do people fall prey to these scams? My colleagues and I set out to answer this question. Some of our findings are in line with other research, but others challenge common assumptions about fraud.

Scams on the rise

Sweepstakes, lottery and other mass-market scams have become surprisingly common in recent years.

The Better Business Bureau reported approximately 500,000 complaints related to just sweepstake and lottery scams over the past three years, with losses of almost $350 million.

In the past, scams like these were perpetrated by relatively small local players and often done face-to-face, perhaps at an investment seminar for a bogus real estate opportunity.

Scams still happen the old-fashioned way, but today many more are being coordinated by transnational teams, including by groups in Jamaica, Costa Rica, Canada and Nigeria.

In recent years, fraud has grown into a pervasive global criminal activity as technology has lowered its cost while simultaneously making it easier than ever to reach millions of consumers instantly.

It is also much harder to catch and prosecute these criminals. For example, a robocall may appear on your caller ID as if it's coming from your area code but in fact it's originating in India.

Why people get taken for a ride

In order to study consumer susceptibility to mass-market scams, my co-authors and I reviewed 25 "successful" mass-market scam solicitations, obtained from the Los Angeles Postal Inspector's office, in search for common themes.

For example, many of them included some type of familiar brand name, like Marriott or Costco, to increase their credibility and "authority." Scammers frequently use persuasion techniques like pretending to be a legitimate business and using local area codes to foster familiarity. Or they make time-sensitive claims to increase motivation. Some of the letters we reviewed were quite colourful and included images of money or prizes and past "winners." Others were much more businesslike and included legal-sounding text, to also create an aura of legitimacy.

We then crafted a prototype one-page solicitation letter that informed consumers they were "already a winner" and listed an "activation number" they would need to contact to claim their prize. We created four versions, which we assigned at random, intended to either manipulate authority ("We obtained your name from Target") or pressure ("Act by June 30th") to determine what persuasion factors motivated consumers more to respond.

The study was designed to replicate real scenarios - although participants knew they were part of an experiment - and examine factors that we suspected increased risk, such as comfort with math and numbers, loneliness and less income.

In our first experiment, we asked 211 participants to indicate their willingness to contact the activation number on the letter. They were then asked to rate the benefits and risks of responding to the letter on a 10-point scale and fill out a survey intended to identify their level of numeracy, social isolation, demographics and financial status.

We found that 48% of participants indicated some willingness to contact the number regardless of which type of letter they received. The consumers who indicated they would have responded to this solicitation tended to have fewer years of education and be younger. These participants also tended to rate the risks of contact as low and the benefits as high.

In a second experiment involving 291 individuals, we used the letters from the first one but added an activation fee to half of them. That is, some participants were informed that to "activate" their winnings they had to pay a $5 fee, while others were told it was $100. The rest saw no change from the previous experiment, and all other aspects of the design were identical except for a few additional survey questions related to participants' financial situations.

We hypothesised that individuals who were willing to call and pay $100 would mean they're especially vulnerable to this type of scam.

Even with the activation fee, 25% of our sample indicated some willingness to contact the number provided - including more than a fifth of those told it would cost $100.

Similar to the first experiment, individuals who rated the solicitation as having high benefits were more likely to signal intention to contact. We thought this experiment would help us identify some special vulnerable subtype, like the elderly, but instead, the interested consumers in both experiments were exactly the same - those who saw the potential for high benefits as outweighing the risks. There were no significant differences based on age, gender or other demographics we looked at.

Even though about 60% identified the solicitations as likely a scam, they also still viewed the opportunity as potentially beneficial. In some ways these advance fee scams may act as unofficial lotteries - a low cost of entry and a high chance of failure. While consumers are wary, they don't completely write off the possibility of a big payoff, and some clearly are willing to undertake the risk.

Unfortunately, consumers overestimate their ability to back out if the offer turns out to be a scam. Once potential "suckers" are identified by responding to an actual solicitation over the phone call or by clicking on a fraudulent ad, they may be relentlessly targeted by phone, email and mail.

What to do about scams?

For many, solicitations via junk mail, spam email and robocalls are just incredibly annoying. But for some, they're more than just a nuisance, they're a trap.

To best protect yourself from being targeted, you need to be careful and use resources to help avoid scams. There are some services and apps intended to assist in screening calls and preventing identify theft. And some telephone companies allow you to opt in to such services. And more consumer education on the dangers of scams would help.

It is also important to resist clicking and responding to suspicious material in any way. Consumers who quickly identify a solicitation as a risk and dispose of it without wasting time are less vulnerable.

Given that the perception of benefits and risks were the most important factors in intention to comply, consumers should only focus on the risk and avoid getting sucked in by the potential benefits.

(11th September 2018)

(Mirror, dated 1st August 2018 author James Andrews)

Full article [Option 1]:

Some scams are so laughable you wonder how anyone falls for them. Others catch even the canniest consumers out, seeing people lose thousands they will never see again.

So when I spotted an email purportedly from HSBC in my inbox with the title "James, Your account has security issues" - I took a look.

At first glance it's convincing.


"Dear James Andrews,

"We have received notice that you have recently attempted to withdraw the following amount from your checking account while in another country: £361.49.

"If this information is not correct, someone unknown may have access to your account. As a safety measure, please visit out website via the link below to very your personal information:"

Verify Information Here [link]

Once you have done his, our fraud department will work to resolve this issue. We are happy you have chosen us to do business with

Thank you,
HSBC Group


The e mail came with official looking header logo and footer

Yes, there's a minor mistake - "out" instead of "our", but that's easily missed.

What sparked my concern then? Well, it's what happened when I highlighted the text.

The fraudster had hidden a very large amount of non-sensical white text - on a white background - in an attempt to beat my spam filter.

That meant the actual content of the email read:


"Dear James Andrews,Direct trade vape franzen, raclette semiotics blog fixie glossier snackwave literally. Thundercat

"Marfa pug selvage tbh butcher, offal +1 jean shorts scenester flexitarian tousled farm-to-table. Stumptown authentic microdosing blog echo park

"Weihaveireceivedinoticeithatiyouthavetrecentlytattemptedltolwithdrawltheifollowing amountifromtyourtcheckingtaccounttwhiletintanothertcountry: £361.49.

"Squid neutra health goth snackwave, cloud bread distillery gentrify church-key lomo. Hashtag narwhalbrooklyn copper mug, meditation artisan

"Iftthistinformationtistnottcorrect,tsomeonetunknowntmaythavetaccessttotyour account.tAstatsafetytmeasure,tpleasetvisittouttwebsitetviatthetlinktbelowttotverify your personal information:Photo booth 8-bit slow-carb pork belly air plant before they sold out, hella brooklyn.

"Deep v bespoke poutine lomo, roof party meggings pickled fixie gastropub four loko vape green juice tofu.Sriracha prism venmo food truck, deep v a"


Why would they do this?

A decade or so ago, as people used search engines more and more, programmers realised that computers read things that humans can't see.

As early search engines used something called "keyword density" - that is to say how often the page in question mentioned the word people were searching for - some developers started hiding key terms in text the same colour as the background.

That way the search engines read 32 instances of the term "credit cards" but the page looked like it only mentioned them once or twice, making it far more readable.

Search engines cottoned on pretty fast - and these tactics didn't work for long. But the truth behind it remains.

In this case, an email filter programmed to read emails and identify suspicious phrases is confused by this.

Additionally, if the same message is sent out to several people at the same time and they mark it as 'spam', your email provider will automatically place it in the junk folder.

But if these hidden words are randomised, then each time it was sent the email would look - at least to the computer - to be substantially new and even personalised to me.

"The use of 'white text' makes each email unique, and thus difficult to detect by spam-filters," a spokesman from Kapersky Lab confirmed to Mirror Money.

###How to spot it

Even without noticing the hidden text, there were reasons to be suspicious about this email.

Firstly, banks never ask you to enter your details over email - they have them already.

The most you'd get is someone asking you to confirm something with a simple "yes" or "no" and even that's rare.

Secondly, while the email said "HSBC", the actual address was "". It's always worth checking this.

And that's before we get to the hidden raclette.

I sent the email on to HSBC's official fraud reporting account - - to try and ensure no one else is caught out.

"Although HSBC may send you emails from time to time, we never ask for your security information or your login details. We also never link from an email to a web page that asks for this information. If you receive an unsolicited email from HSBC, the chances are that it is a 'Phishing' email," HSBC replied.

"The key distinguishing features of such emails are:

"A request to the reader to log on to their banking service, via an embedded link

"A request for security information (typically not just random characters but the whole password, and card details as well...)"

###Staying safe in general

A rigid set of rules can prove problematic when it comes to spotting fraudsters - because they keep changing tactics.

"Phishing relies on social engineering, ie manipulating human psychology," explained David Emm, principal security researcher at Kaspersky Lab UK.

"So, there are always new ways to try and trick people, and just like road safety, it's best to adopt a security culture that will keep you safe in any situation - not just some that you've practised.

"For example, it's best never to click on links in e-mails; if you adopt this rule, you never need to rely on being able to distinguish a real from a phishing link."

He added: "Remember, if it looks important, and you're not sure, you should always call to check."

Here are Kaspersky Lab's top tips for staying safe:

- Use Internet security software - Installing updates as soon as they are available and using unique, complex passwords for online accounts.

- Set up multiple email addresses - It's a good idea to have at least two email addresses: A private email address only be used for personal correspondence - and never published on publicly accessible online resources; a second public email address for when you need to register on public forums and in chat rooms, or to subscribe to mailing lists and other internet services. Treat it as a temporary address and don't be afraid to change it if you start getting inundated with junk mail.

- Never respond to any unsolicited message or click on attachments or links - Most spammers verify receipt and log responses. The more you respond, the more spam you're likely to receive.

- Think before you click 'unsubscribe' - Spammers send fake unsubscribe letters in an attempt to collect active email addresses. If you click 'unsubscribe' in one of these letters, it may simply increase the amount of spam you receive. Do not click on 'unsubscribe' links in emails that come from unknown sources.

- Keep your browser updated - Make sure that you use the latest version of your web browser and that all of the latest Internet security patches have been applied.

- Use anti-spam filters - Only open email accounts with providers that include spam filtering. Choose an antivirus and Internet security solution that also includes advanced anti-spam features.

(11th September 2018)

JULY 2018

(Action Fraud, dated 27th July 2018)

Watch out for fake LinkedIn emails. They are phishing attacks.

We've received multiple reports about these fake LinkedIn emails. They claim that your LinkedIn profile has appeared in multiple searches and provide links you can click on to get more details. These links lead to malicious websites designed to steal your personal and financial details.

Always question unsolicited requests for your personal or financial information in case it's a scam. Never automatically click on a link in an unexpected email or text.

(1st August 2018)

(The Sun, dated 23rd July 2018 author Zlata Rodionova)

Full article [Option 1]:

PAULTONS theme park - home of Peppa Pig World - has warned parents of a new scam circulating on WhatsApp that offers claimants free tickets to the park.

The fake offer is luring potential visitors into handing over their personal details by giving them a chance to grab five press passes.

Clicking on it directs users to an online survey designed to steal their personal information like their bank details.

The company warned WhatsApp users in a message on Twitter. It comes after many schools broke up for the summer holiday this week.

Paultons Park said: "We have been advised that a message offering 5 free passes to 500 families to Paultons is being shared on WhatsApp.

"Please note this is not a genuine offer and is not associated with Paultons Park.

We advise that you do not click the link or share the message. PP."

It's not the first time scammers have used the messaging app to trick people into handing over their details by tempting them with spoof offers.

Earlier this year, WhatsApp was used to send fake vouchers to people, appearing to be from trusted chains such as Asda, Tesco and Aldi.

But when they clicked on the provided download link, they were directed to a website riddled with malicious software.

ust last week, Alton Towers issued a similar warning, after a fake giveaway offering free tickets to the theme park spread on WhatsApp, with users complaining of receiving a torrent of spam messages with links to a malicious website.

Another spin on the same scam features the Alton Towers resort logo with a button beneath it that shows how many free tickets are remaining.

Like other WhatsApp scam messages, it's full of grammatical errors: a dead giveaway that something dodgy is at play.

"We're giving 5 free passes to 500 families to celebrate our 110nd birthday!" reads the text below the image. (Bogus offer)

Clicking on it directs users to an online survey and encourages them to send it on to 20 of their friends.

Action Fraud, the UK's national reporting centre for fraud and cyber crime, suggests anyone who has fallen victim to this scam to report it online or call 0300 123 2040.

(1st August 2018)

(Which?, dated 21st July 2018 author Danielle Richardson)

Full Article [Option 1]:

Scammers are finding new ways to target people, threatening to share compromising footage captured without victims' knowledge unless they transfer large sums of money, Action Fraud has warned.

At least 110 cases so far have been reported to the organisation, which is the UK's national reporting centre for fraud and cyber crime and part of the City of London Police.

Which? explains what the scam is, what to do if you've been affected and how you can prevent becoming the next victim.

What are the scammers doing?

In a new tactic by scammers, the bribery begins with the cyber criminal emailing the victim with their own password as 'proof' that they have been hacked in some way.

In a twist straight out of dystopian sci-fi series 'Black Mirror', the hacker then claims to have discovered not just the victim's password, but also footage of adult content that they've been watching, footage of the victim watching it, plus details of their contacts on Facebook, Messenger and email.

The victim is left with the choice of sending a large Bitcoin payment to the hacker, or taking the risk that very private footage could be revealed to everyone they know.

Action Fraud has said there is currently no evidence to suggest that these videos have actually been made, although it's worth bearing in mind that it is possible for your webcam to be hacked.

The issue is also not necessarily specific to computers, Action Fraud has said.

While 110 instances of this fraud have been recorded so far, it could be the case that many more people have been too embarrassed to come forward.

If you have been scammed, defrauded or experienced cyber crime, you should always report it to Action Fraud.

Could I be at risk?

It's suspected that, rather than actually hacking into individuals' computers and gaining access to their screens and passwords, fraudsters have actually gained victims' passwords from old data breaches.

These are incidents where people have signed up to various accounts, which have then been hacked, and the data has been sold on to a network of cyber criminals.

Several data breaches have taken place over the years, and not all of them hit the headlines.

Action Fraud recommends checking whether your details have been accessed on the website (Have I been pwned? : After entering your email address, it will tell you whether any sites holding your details have been hacked and which details could have been stolen.

In regards to this latest scam, Action Fraud has run some victims' email addresses through the site and found almost all affected accounts were identified as at risk.

I've received these emails. What should I do?

The police advise against paying criminals and you shouldn't email the fraudsters back.

Instead, report the incident to Action Fraud as a phishing attempt through the online form.

If you've received the email and have already paid the fine, report the incident to your local police force.

How to protect yourself from scammers

There are steps you can take to keep your identity safe online.

Action Fraud suggests doing the following:

_ Always use a strong and separate password for any account you set up. If possible, enable two-factor authentication (2FA).

- Regularly update your antivirus software and operating systems.

- Cover your webcam whenever it's not in use.

(1st August 2018)

(Daily Mail, dated 21st July 2018 author Jeff Prestridge)

Full article [Option 1]:

Fraudsters are using new tactics to plunder people's bank accounts. They include social engineering and computer takeover fraud.

When David Couldwell received a call on his landline from a BT engineer explaining that his internet router had been hacked and urgent security tests were needed, he was only too willing to help.

But unbeknown to David, the call was not from BT. It was from a fraudster who, by taking control of his computer remotely, removed almost £7,800 from his bank and saving accounts with NatWest.

The fraud David suffered is the new game in town. Such 'computer takeovers' are increasingly used by criminals developing new ways of emptying victims' bank accounts. Last year, we reported on a near identical case involving financial adviser Joanna Coull, who was also scammed out of £7,800.

According to the latest data on banking fraud from trade body UK Finance, last year £121 million was removed from customers' accounts by criminals who had gained unauthorised online access. This is a 19 per cent increase on the year before and more than double the figure five years ago.

By contrast fraud losses overall are falling, according to UK Finance, with banks and card companies preventing £2 in every £3 of attempted unauthorised fraud.

The report says that computer takeovers often result from criminals using 'social engineering' tactics to deceive and manipulate people into divulging key details.

The 'manipulation' stems from the criminal purporting to be from a trusted organisation, such as a person's bank, the police, a government department or utility firm. In many cases, they ring claiming there has been suspicious activity on the victim's bank account or there is an internet problem that needs fixing.

For the 'problem' to be resolved, the victim is asked for more details. This allows them to be tricked into giving away sufficient information for the criminals to gain remote access to their bank account and steal money.

For David Couldwell, the 'trusted' company was BT. Late last month, the 73-year-old was at home in Norfolk and took a call from a man claiming to be from the telecoms giant. The individual said the internet router which David and his wife Brenda use had been hacked and that he needed to carry out urgent tests. David, a retired computer manager, agreed and was reassured by the fact the caller proceeded to get the router to flash. But the fraudster had only just begun. He then asked if he could have access to David's computer to ensure no hacker had managed to log into it.

It was then the caller said David would receive £500 by way of a thank you for the inconvenience caused. The call was transferred to 'BT's accounts department' so it could effect the payment.

David was asked to provide his account details and then instructed to log in to his NatWest account to check the money had gone in. When he looked he found that £5,000 - not £500 - had been deposited. He was asked to refund the overpayment - to Wells Fargo Bank in San Francisco. When he queried this, he was told BT was a global firm and had accounts worldwide.

By this stage, the fraudsters had taken control of his account - not just the main one but three others - including an Isa - that he either held in his own name or jointly with Brenda. The £5,000 was not a 'deposit' but money moved by the criminals from the other accounts to look as if it were a fresh credit.

By the time David discovered this and alerted NatWest to the fraud, it was too late. The criminals had extracted £7,767 from his accounts.

Initially, NatWest told David he would not get a full refund, holding him partly culpable. But last week it backtracked after The Mail on Sunday's intervention and agreed to refund the full loss.

David is grateful. He says: 'I am sure we would have had a long battle getting our money back had it not been for The Mail on Sunday. Maybe I should not have allowed myself to be tricked, but at the time I was convinced I was dealing with bona fide BT employees.'

He says the criminals tried the same scam on both his neighbours but failed.

On Friday, NatWest said: 'We appreciate this has been a distressing experience for the Couldwells. We take our responsibilities seriously in preventing fraud and remind customers to remain vigilant against scams.'

It added: 'Customers should never give anyone remote access to their computer and not divulge security details to someone over the phone. They should decline and report it to their bank immediately on a phone number they can trust.'

Katy Worobec, at UK Finance, said: 'Criminals have become adept at impersonating legitimate organisations such as banks and utility companies to trick people into giving away their bank details.

'Never let someone else have access to your computer remotely, especially if they have contacted you via an unsolicited phone call.'

BT said it was working with law enforcement agencies to bring fraudsters to justice.


Be extremely wary of unsolicited approaches by phone, especially people claiming to offer refunds.

- Avoid letting someone you do not know have access to your computer, especially remotely.

- Do not log on to your bank account while someone else has remote control of your computer.

- Do not share passcodes or card reader codes with anyone.

- Do not share your Pin or online banking password, even by tapping them into a telephone keypad.

- Further details on how to combat financial fraud can be obtained from the 'Take 5 - To Stop Fraud' pages of the website of trade body UK Finance, available at:

(1st August 2018)

(Action Fraud, dated 20th July 2018)

These fake emails are after your Amazon login details!

We've had an increased number of reports about these fake emails purporting to be from Amazon. The subject line and content of the emails vary, but they all contain links leading to phishing websites designed to steal your Amazon login details.

Always question unsolicited requests for your personal or financial information in case it's a scam. Never automatically click on a link in an unexpected email or text.???????

(1st August 2018)

(The Guardian, dated 7th July 2018 author Patrick Collinson)

Full article [Option 1]:

Digital bank Monzo is one of the fastest-growing new banks in Britain, opening 750,000 accounts over the past two years. Now, in an extraordinarily candid move for a bank, it has thrown open its doors to Guardian Money to expose the scams and brazen criminality that threaten customers - and how it is fighting back. Some of the scams are shocking, others audacious - and one so simple we are banned from telling you about it.

The student 'mules'

Students are selling their bank accounts - giving someone else their account details such as logons - for as little as £50 to £100, often as they are finishing university and heading abroad for a period. These accounts are then used by fraudsters to evade the strict checking procedures when individuals try to open an account.

These "mule" accounts are a vital link for crooks moving money around the banking system. A common cry among victims of fraud is that banks must have an electronic record of where their money has gone. The mules are the way stolen money is transferred and laundered through the system.

Sometimes the scamsters ask students for their active cooperation - for example, they will tell them that £20,000 will come into their account and that they should send £19,800 to a different account, often overseas, and keep £200 themselves.

Monzo says it uses artificial-intelligence systems to flag up unusual sums and block accounts. But Tom Blomfield, the bank's chief executive, makes a plea to students: "Don't sell your identity. All you are doing is enabling money laundering."

Transaction attacks

On the Monday morning I visited Monzo's offices, just 12 hours earlier there had been a "pan enumeration" attack on its computer systems. This is where fraudsters, often based overseas, bombard a bank's computers, trying to guess passwords and logins, or attempting to do transactions by generating card expiry dates and three-digit CVCs (card verification codes) in the hope that some might break through.

Often the attacks begin in the middle of the night. I was shown a screen of transaction activity that spiked around midnight on a Sunday. Suddenly Monzo was being hit with 100 failed transactions a second. This went on for 10 minutes. I was told that the bank experienced "a few of these every month. Last night's attack could just be a warm-up," said an IT expert at the bank.

Monzo is aware that as a challenger bank it is high on the target list for fraudsters keen to exploit any gaps in its defences. But it also has an advantage - its new IT systems are better primed to deter fraud than the legacy systems of traditional banks. Monzo says that following Sunday's attack it had "new kill switches and triggers" in place within hours.

Blocking dodgy transfers and deposits

One of the saddest scams is when an older person is conned by a cold caller posing as their bank manager. They are told there has been suspicious activity on their account and that they need to switch their money to a safer place. The calls can be frighteningly convincing.

What Monzo sees is the other side of the equation - when a large sum from a big bank is deposited into a Monzo account (which later turns out to be a mule). Using sophisticated machine-learning techniques, Monzo says it is better able to identify suspicious deposits. In one instance, it froze thousands of pounds that had arrived into an account. "We blocked it and contacted the originating bank," says Blomfield. "But that bank [one of the biggest UK players] said it was all fine. Then it rang a few days later to say it looked like the customer had been conned. Luckily, we were able to return the money."

Frustratingly, there are few mechanisms for banks to communicate with each other. "In the US, there is a web portal for banks to contact each other on these issues. Here, it's just email, Blomfield adds. "Sometimes we are even told to use a fax."

Detecting data breaches

On 6 April, Monzo was contacted by 50 customers reporting fraudulent transactions. This was not remarkable in itself - Monzo has about 750,000 customers - and it replaced their cards immediately. But its financial crime and security team noticed a pattern. "About 70% of those affected had used their cards with the same online merchant between December of last year and April this year," a Monzo statement said. "That merchant was Ticketmaster. This seemed unusual, as overall only 0.8% of all our customers had used Ticketmaster.

"Within four-and-a-half hours, the team rolled out updates to our fraud systems to block suspicious transactions on other customers' cards. That evening, we reached out to other banks and the US Secret Service (which is responsible for credit card fraud in the US) to ask if they had seen anything similar. At the time, they hadn't."

The following week, it saw four more compromised cards - all had been used at Ticketmaster. "Given the pattern that was emerging, we decided to reach out to Ticketmaster directly," the statement continued. "On 12 April, Ticketmaster's security team visited the Monzo office so we could share the information we had gathered. They told us they would investigate internally."

Over the next few weeks it became obvious that something was happening with cards used on Ticketmaster. Confident that the ticket site had suffered a data breach, the bank contacted Mastercard and replaced every Monzo card - 6,000 - that had been used at Ticketmaster.

Meanwhile, on 19 April, Ticketmaster told Monzo it had found no evidence of a breach. But on 27 June, its customers were informed by that they could be at risk of fraud or identity theft, admitting a major breach had affected tens of thousands of people.

The question is why it took Ticketmaster so long to inform customers, given Monzo's warnings. Ticketmaster says: "When a bank or credit card provider alerts us to suspicious activity it is always investigated thoroughly with our acquiring bank, which processes card payments on our behalf. In this case, there was an investigation, but there was no evidence the issue originated with Ticketmaster."

Meet Fraudster No 1

In Monzo's financial crime unit at its London offices just off London's so-called "Silicon Roundabout", he is known as Fraudster No 1. I was shown his picture, name, full address (in south-west London), Facebook page and even photographs of the luxury goods he has snaffled with money looted from other people's accounts and ostentatiously posted on Instagram. Monzo has shared all these details with the police. Yet this man has not been apprehended. Why? Because, much to the frustration of Monzo's fraud team, the police are not interested because the sum stolen - £40,000 - is deemed not large enough to bother the authorities.

The man is known as Fraudster No 1 not because of the £40,000 he has stolen, but because he was the first account holder that the bank, which was founded in 2015, identified as a con man.

"He used the dark web to buy a few hundred stolen debit and credit cards," says Tom Blomfield, chief executive of Monzo. "He loaded cash stolen from those cards on to his Monzo prepaid card, then used that to buy goods. He's utterly brazen. He has posted on Instagram the high-value electricals he has bought with the money, from stores such as Maplin.

"He has stolen £40,000 from us. We have passed his details to the NCA [National Crime Agency]. It's so frustrating. He actually poses in pictures with his stolen gear. If someone smashed your windows and stole £40,000 from you, the police would be all over it. But nothing has been done to him."

In one extreme case, Monzo identified a man who was convicted for card fraud, who subsequently used a stolen debit card to pay his court fine. Unlike Fraudster No 1, at least he has been apprehended.

Monzo suspends or terminates accounts when it identifies fraud, but can't tell the "customer" of its suspicions. The response from the fraudsters is shocking. "They will go on to their Twitter feed and accuse us of being scammers," says Natasha Vernier, head of Monzo's financial crime unit. "We don't respond. They will call our customer centre and use every trick to try to get them to buckle and reopen the account, so they can continue defrauding others."

Call centre workers will hear sob stories from crooks who pretend that the account closure is causing them huge grief - to the extent that they even use recordings of babies crying, while screaming down the line that they need the money for baby food. The call centre workers have to stand firm and refuse to reopen the account.

Fancy a £5,000 refund?

A gang goes into a shop and distracts staff. One of them goes to the point-of-sale (POS) terminal, inserts their card and requests a refund. Monzo says it is aware of merchants losing up to £5,000 in this way, and banks do not cover them for it.

In a more basic version of the fraud, gangs grab a POS terminal in a shop, run out and try to process a refund outside.

Fuelling card crime

This is an extraordinary new fraud, which relies on petrol stations where there are no attendants - often at night - and where drivers can use a card to pay at the pump.

According to Monzo, it works like this: the customer has a card with £100 in their account. The card reader at the pump pre-authorises the person wanting to fill their car by taking an initial £1 payment, purely for card validation purposes. After that, the driver can fill up with up to £100 worth of petrol. The charge may take a day or two to be deducted from the person's account. The fraudster does the pre-authorisation again and again, with just £1 deducted each time, until the £100 on the card has been used up. The customer therefore gets 100 times £100 worth of petrol, at a deduction from the card of just £100. Only later is the £10,000 worth of petrol charged to the card, which does not have the funds and is therefore bounced.

Fraudsters are buying vans and retro-fitting them with huge tanks. Monzo says it knows of £56,000 worth of petrol stolen in this way. The loser here is the petrol station as, while the money initially comes off the card, it is then charged back to the forecourt operator.

The police are concerned about the prospect of vans carrying vast amounts of petrol.

Natasha Vernier, head of Monzo's financial crime unit, says that when other banks spot a new kind of fraud, they can take weeks to put in place technical patches to spot it on their systems. "When we first saw pay-at-pump fraud, we had a new rule in place in five hours," she says.

Your ears are the giveaway

Monzo requires that new account openers submit a photo of their identity document, plus a selfie video. It sends this to an ID verifier such as Jumio or Au10tix, which have software that checks whether the person in the ID photo is the same as the one in the selfie.

I was shown pictures of one male in his 20s who made four attempts to open an account at Monzo. He was identified as a fraudster on his first attempt. In later attempts his picture changes - it is still him, but with a beard, then a long beard, short hair on top, longer hair on top, and so on. Each time Monzo's systems identified him - because of his ears. According to Monzo, ear positions are the most difficult thing to fake.

(1st August 2018)

(Action Fraud, dated 6th July 2018)

These fake text messages purport to be from Argos and claim that you're owed a refund. The link in the messages lead to phishing websites designed to steal your personal information, as well as payment details.

Always question unsolicited requests for your personal or financial information in case its a scam. Never automatically click on a link in an unexpected email or text.

For more information on how to stay ecure online, visit

(1st August 2018)

JUNE 2018

(Dated May / June 2018)

(The Herald, dated 3rd June 2018 author Peter Swindon)

Full article [Option 1]:

HOW safe from the scammers do you think you are? Many of us are confident that we would never fall for crimes that can end up costing thousands of pounds.

However, Citizens Advice Scotland (CAS), which oversees 60 advice bureaux, says more of us are at risk than we might have thought, and a new campaign will warn four groups of people most at risk of being conned out of cash.

CAS says people aged over 70 are most at risk, but three other groups are also likely to fall victim to scammers - young people aged 16 to 24, life established people aged 45 to 60 and socially isolated people of all ages.

The organisation has launched Scams Awareness Month, which begins tomorrow, in the hope of helping people to spot the dangers.

CAS has seen a sharp increase in the number of victims coming forward in the last year. Lucy Manson, a Community Action Team manager with the organisation, said: "Scams can happen by phone, by mail, online or on your own doorstep, and they can cost people hundreds or even thousands of pounds.

"We've seen a 24 per cent increase over the last year in people reporting scams to the Scottish CAB network. That shows how big the problem is, but it is also an encouraging sign that people are coming forward to talk about their experience of being scammed, because that is the way we are going to beat the scammers.

"So, our message throughout this month is that we all need to be vigilant and watch out for scams." And the key messages?

Take your time before making any decisions to part with your cash. Don't be rushed into a decision.

Make sure you research the company first - for example by asking friends and family about them or researching them online.

Remember, if something sounds too good to be true, it probably is.

"If people are hit by a scam," Manson added, "they should talk about it to their friends and family and report it to the CAB service or to Trading Standards or the police, so we can warn other people about it."



The average age of reported scam victims is 75 and those over 70 have the highest losses from a range of scams, targeted by landline, phone and mail. CAS research found the average financial loss for those aged between 75 to 79 is £4,500. Although older people often report scams, they can lack confidence in their ability to protect themselves against scammers, which makes them more vulnerable.

CAS advice: Be wary of cold callers and thoroughly check the ID of tradespeople on your doorstep. Be cautious when answering the phone to an unknown caller or opening unexpected letters.

Life established

People aged 45 to 60 are targets because they are more likely to own their own home and have access to financial assets, making them a likely target of investment scams. Seven out of ten people with income exceeding £25,000 say they have been contacted by someone trying to scam them, compared with four of out ten of whose earnings are less than £9,500 per year, according to research by CAS. A third of all victims of scams are aged 41 to 60.

While the life established are targeted by a wide range of scams, they are most vulnerable to phishing and other banking scams, property scams and pension liberation scams.

CAS advice: Be wary of deals that use persuasive messaging to sell you 'once in a lifetime' deals.

Young people

As digital natives, young people are confident when using the internet, leading them to feel they are unlikely to fall for online scams that target them through social media and website advertising. They are often found to be victims of online scams, such as subscription traps, job scams and identity fraud. But they are least likely to report a scam - CAS research found that more than half of adults aged 18 to 24 would be unlikely to report being conned, making them the largest group who are unlikely to take any action when encountering a scam.

CAS Advice: Be cautious of pop-ups on social media and websites that take you to an unknown site.

Socially isolated

People who are socially isolated can be the hardest to reach and often can't access the same support to protect themselves from scams as other groups. Although people who are socially isolated don't always report scams, they can be badly affected, both mentally and financially. It has been reported that the names and addresses of approximately 300,000 people nationally are on lists which are being sold between criminals to use as targets for scams. CAS research has found that nine out of ten people on these target lists are unaware that they are being targeted. Often, people who are socially isolated are not able to connect to support or help to prevent this.

CAS Advice: Be cautious of unknown callers and unexpected mail


A businessman has revealed he was conned out of £3,500 after his details and passwords were obtained by scammers.

Clifford Selbie, 48, from Glenrothes, runs a gardening business in Fife and agreed to an advertising deal with a magazine for emergency services personnel which cost him £250 a year.

The married father-of-three paid up front and the advert appeared for a year, then last year he received a call from someone claiming to be a debt collector who demanded thousands of pounds.

Selbie said: "They threatening to go to take my house over a £3,500 debt, unless I paid £2,500 immediately. Straight away alarm bells went off in my head and I told them if they called again I'd call the police, then I hung up.

"But they phoned me back and said they had my password, and it wasn't a simple password. When they read it out I just assumed it was legitimate.

"I protested and said I'd paid upfront, but they then threatened to get the police and go to my house and take what they wanted. I gave them bank details. They took the money twenty minutes later."

He later went online and discovered the magazine publisher had gone bust and his personal data had been sold on to scammers.

Selbie contacted his bank and the police but there was nothing they could do because he had willingly handed over the cash.

He has since to borrow money from relatives which he is struggling to pay back.

"I'm doing overtime, working an extra job as a forklift operator for a building company to get that money back. My gardening business is struggling too, because I can't afford to buy equipment and materials.

"I'm angry at the scammers, I'm angry at the company which went bust, I'm angry at the law because nothing can be done, I'm also disappointed at having my trust violated.

"I would say to anyone else contacted by so-called debt collectors to check a company still exists and make sure you get a letter from the company to confirm they have referred you to debt collector."


(London Loves Business, dated 20th June 2018 author LLB Reporter)

Full article [Option 1]:

Ninety five arrests have been made across Europe following a joint law enforcement operation targeting online fraudsters between 4 and 15 June 2018. The suspects arrested during the operation are believed to be responsible for more than 20,000 fraudulent transactions using compromised credit cards, with an estimated value exceeding EUR 8 million (£7 million). The action was coordinated by Europol, working closely with law enforcement, the banking industry and retailers across 28 countries.

The operations in the UK were led by officers from the Dedicated Card and Payment Crime Unit (DCPCU). Nine search warrants were executed across the country, resulting in four interviews under caution and two arrests - one in Bolton and another in London. During the searches valuable intelligence was gathered and several devices that were suspected of being used to commit remote purchase fraud were seized. Ongoing investigations are now underway that are expected to result in further arrests and charges.

Several of the fraudsters targeted during the operations were using social media to commit remote purchase fraud. Often, criminals will offer goods to buyers for a heavily discounted price via social media and then use stolen card details to make the purchase. The buyers' card details are then usually stolen and passed on to other fraudsters.

The operation has been followed by the launch of an awareness-raising campaign on social media -#BuySafePaySafe - by Europol and law enforcement agencies across Europe. This complements UK Finance's Take Five to Stop Fraud campaign, which provides customers with advice to help them stay safe from fraud and scams.

T/DCI Glyn Whittick, head of the DCPCU, commented: "The success of these operations shows how through close cooperation with our European partners, retailers and the financial sector, we are cracking down on the criminal gangs targeting consumers online.

"Ongoing investigations are now underway and we will continue to work together to bring those committing remote purchase fraud to justice.

"Fraudsters are increasingly targeting people through social media so it's vital that everyone follows the advice of the Take Five to Stop Fraud campaign and keeps their details safe. People should also remember when shopping online that if an offer seems too good to be true, it probably is."


(17th July 2018)

(The Guardian, dated 27th June 2018 authors Rupert Jones and Patrick Collinson)

Full article [Option 1]:

UK customers of Ticketmaster have been warned they could be at risk of fraud or identity theft after the global ticketing group revealed a major data breach that has affected tens of thousands of people.

The company could face questions over whether there was a delay in disclosing the breach after it emerged that some UK banks have known about the incident since early April.

The Guardian understands that a number of Ticketmaster customers have already had fraudulent transactions debited from their accounts, with the fraudsters spending people's cash on money transfer service Xendpay, Uber gift cards and Netflix, among other items.

Ticketmaster said customers who bought concert, theatre and sporting event tickets between February and 23 June 2018 may have been affected by the incident, which involved malicious software being used to steal people's names, addresses, email addresses, phone numbers, payment details and Ticketmaster login details.

The breach also affects customers of two other UK websites owned by Ticketmaster: TicketWeb and the resale website Get Me In!.

The company said less than 5% of its global customer base had been caught up in the breach, and indicated the number directly affected was fewer than 40,000. However, Ticketmaster claims to serve more than 230 million customers a year globally.

Ticketmaster, part of the Live Nation Entertainment group, said that on 23 June it discovered that malware on a customer support product hosted by Inbenta Technologies, an external third-party supplier, was exporting UK customers' data to an unknown third-party. As a result, it said, some of its customers' personal or payment information may have been accessed by this third party.

Digital bank Monzo was the first to spot customers' cards were being compromised. It identified in April that the common factor behind a spike in frauds was that every customer who lost money had also had interaction with Ticketmaster.

On 12 April it warned Ticketmaster of the issue, but "couldn't get any traction" out of the company, according to Monzo's head of financial crime, Natasha Vernier.

In the meantime, Monzo contacted all customers who had ever dealt with Ticketmaster - about 5,000 - to replace their cards.

It also told banks that are part of the UK Finance group in April that it was aware of what appeared to be a significant data breach at Ticketmaster.

Monzo's experience suggests that anyone who has bought a ticket through Ticketmaster should check their accounts for unusual transactions involving Xendpay, Uber and Netflix. None of these companies were involved in the fraud itself, but were the means by which the fraudsters were able to steal money from people's accounts.

Ticketmaster did not give any further information about precisely which payment details may be affected, but it warned customers: "We recommend that you monitor your account statements for evidence of fraud or identity theft.

"If you are concerned or notice any suspicious activity on your account, you should contact your bank(s) and any credit card companies."

The company said: "Based on our investigation, we understand that only certain UK customers who purchased or attempted to purchase tickets may have been affected by the incident."

It added that forensic teams and security experts were "working around the clock" to understand how the data was compromised, and that it was working with the Information Commissioner's Office, credit card companies, banks and others.

A page on Inbenta's website - which appears to have been taken down - reveals that Ticketmaster turned to Inbenta because it was having to deal with large numbers of "repetitive questions" from customers "that fatigued agents and cost a lot of money to answer".

As a result, it said, "Ticketmaster now saves hundreds of thousands of dollars in unnecessary incoming support emails and contact center calls".

Ticketmaster said it was offering affected customers a free 12-month identity monitoring service. There is a dedicated website,, and customers can also email

(17th July 2018)

(Money Saving Expert, dated 26th June 2018 author Callum Mason)

Full article [Option 1]:

Scammers are pretending to be from the Financial Ombudsman Service to try and trick victims into handing over personal information, the watchdog has warned.

Fraudusters are falsely claiming to be calling from the Financial Ombudsman Service (FOS) to try to persuade people to reveal details about their personal and financial circumstances - and they are even managing to make FOS's number appear on people's caller ID.

The ombudsman - which sorts out complaints between financial businesses and their customers - doesn't write to or phone people out of the blue to ask for personal information. It will only contact you if you've been in touch to register a complaint, and even then it would only speak to you about that complaint.

It's also a free service and would NEVER ask you for money. It also wouldn't pay you compensation directly.

I've been caught out - what should I do?

If you've been contacted by someone pretending to be from the FOS, you should contact the ombudsman on 0800 023 4567.

Remember though, even if this number appears on your caller ID when you get an incoming call, it isn't necessarily the FOS.

If you've given out personal information, call your bank and let it know.

You can also report the scam to the police through Action Fraud on 0300 123 2040, or report a scam anonymously on its website (

What does the FOS say?

A Financial Ombudsman Service spokesperson said: "Criminals use a wide range of tactics to defraud people, even stooping so low as to pretend to from our service. If you're suspicious about a call you've received, hang-up, check the line is clear, then call back by dialling our helpline number.

"We update our website whenever we hear fraudsters are actively trying to con people in our name; and pass the information we get from our customers onto Action Fraud - the agency that works closely with the police to tackle fraud crimes."

(17th July 2018)

(Telegraph, dated 26th June 2018 author Sam Meadows)

Full article [Option 1]:

Banks will now be forced to accept complaints from fraud victims if they have allowed criminals to open accounts, under proposals from the City watchdog.

In a major victory for Telegraph Money's Make Banks Act on Fraud campaign, the FCA has published plans which would allow you to complain to a bank despite not being a customer.

Bank transfer fraud, officially known as "authorised push payment" fraud, where a victim is tricked into sending money to scammers, has hit record levels with £236m stolen last year.

Telegraph Money has consistently called on the banks which received the stolen money, and often breached money laundering regulations by allowing an account to be opened with false credentials, to do more to support victims.

Most are told they must liaise with their own bank and are given spurious reasons, including data protection, for the recipient bank's silence.

Many of these sorts of scams involve life-changing sums. One of the most common types of case involves a criminal impersonating a conveyancer and stealing money for a house deposit. The worst case Telegraph Money has seen resulted in the victim losing £600,000.

If the Financial Conduct Authority's (FCA) proposed rules are adopted it would mean fraud victims could make an official complaint to the criminal's bank and, if they were unsatisfied with the response, then take the case to the Financial Ombudsman Service.

Christopher Woolard, the watchdog's executive director of strategy, said: "The FCA takes push payment fraud and the harm it causes to consumers very seriously.

"Our proposals build on our work in this area, and seek to reduce the harm experienced by victims of push payment fraud where they believe the bank who received the money did not do enough to prevent it.

"We are proposing to require payment service providers to handle complaints about this in line with our complaint handling rules, and to provide the victims with access to the Financial Ombudsman Service."

The Payment Systems Regulator (PSR) is currently working on an industry framework which will determine in what circumstances a bank or building society should refund victims or pay compensation. The finished document is expected later this year.

A spokesman said the body welcomed any changes which would help reduce the impact of bank transfer fraud on victims. "The PSR is driving a range of initiatives in this area, working with industry, consumer groups and other regulatory and government bodies to make it harder for criminals to commit this type of crime - but if they do occur, to reduce the impact on the victim," she added.

Telegraph Money has reported in the past on the unwillingness of recipient banks to support the victims of crime, even when they have allowed criminals to open accounts.

In one case Halifax held a victim's money for six months despite admitting the account in question belonged to fraudsters. It only refunded the £8,000 after pressure from Telegraph Money.

The FCA is welcoming comments on its proposals until September 26 and is expected to publish its final findings before the end of the year.

(17th July 2018)

(Manchester Evening News, dated 21st June 2018 author Paul Beard)

Full article [Option 1]:

A Moston man kept thousands of pounds belonging to a lonely widow in his account following an intricate scam involving a bogus doctor.

The woman was tricked into parting with more than £9,000 after being assured that 'Dr Marcus Harry' would be able to pay her back when he returned to the UK, a jury has heard.

She paid £4,000 into an account owned by Akinyemi Adigun, 35, from Attleboro Road, Moston, but he denied any involvement in the activity.

A jury at Warwick Crown Court found Adigun guilty of possessing criminal property.

Prosecutor Daniel Wright explained that the 'property' Adigun possessed was money paid into his bank account which was the proceeds of criminal activity.

He said that by September 2015 the victim, a Leamington woman, had been living alone for three years following the death of her husband.

"She found herself getting lonely and, at the suggestion of a friend, she joined a dating site for widows.

"She was contacted by 'Dr Marcus Harry,' who said he was a 50-year-old male from Bristol who was working overseas in Nepal.

"They hit it off, and within a month Dr Marcus Harry starts to ask for money from her. At first these were small amounts," said Mr Wright.

It began with a request over WhatsApp, asking her if she would mind getting him £50 of i-Tunes vouchers which he said he was unable to get hold of in Nepal.

She agreed, and bought a £50 voucher at Argos in Leamington before photographing it and sending the picture to him by e-mail.

Two weeks later Dr Harry told her he was planning to fly back to the UK on October 17, but was unable to get hold of the £1,000 he needed for the flight - so she agreed to send it to him on the basis that he would repay it on his return.

That money was transferred into the account of a woman called Jayne Chew, from Burnley, but although she had originally faced a similar charge, proceedings against her have ceased, said Mr Wight.

The victim also sent Dr Harry another £50, supposedly so he could top up his mobile phone.

"A few days later there were further requests. This time Dr Harry asked for £4,000 on the fifth of October because he said he had been fined for bringing gold into Dubai on his way back, and would not be released until he had paid a £25,000 fine."

She was reluctant, but he pleaded with her and said he would pay her back, and she transferred the £4,000 to the account of a co-defendant, Dare Moyo, who has pleaded guilty.

Dr Harry then claimed he had not been able to come up with all of the rest of the money, and persuaded the woman to transfer a further £4,000 which was paid into Adigun's account.

t initially went into his business account, but the same day £3,100 of it was transferred into his personal account and then back into the business account.

"Ultimately the £3,100 was transferred out with the payee reference 'Bro TJ.' The prosecutions say the remaining £900 was the defendant's cut.

"The prosecution say that what happened was a fraud, that she was duped, so whatever money flows from that is criminal property."

Adigun, who accepted the money had been transferred into his account, made no comment when he was arrested.

But in court he claimed it had been done at the request of a friend, a Nigerian national who had been living in the UK but had returned to Nigeria and needed the use of a UK bank account for the transfer of some money.

Adigun said he had agreed the man could use his account, and that he had no idea the money had come from a crime.

After the jury rejected his account and found him guilty, he was granted bail as the case was adjourned for a pre-sentence report, and he and Moyo (39) will be sentenced together at a later date.

(17th July 2018)

(Action Fraud, dated 20th June 2018)

There is concern that victims of previous Computer Software Service Fraud (CSSF) are being re-targeted for "owed money". The National Fraud Intelligence Bureau (NFIB) reports that CSSF scammers are returning to contact previous victims, requesting that they pay money owed for a fake malware protection service they had provided. Alternatively, the fraudster will ask for a new subscription fee in return for protection from a new threat. The victims that have made payments to the fraudsters have done so via credit/debit card payments. In some instances threatening and aggressive language has been used against victims, as part of the attempt to coerce them into sending money.

Computer Software Service Fraud involves the victim being contacted, told that there is a problem with their computer, and that for a fee this issue can be resolved. The aim of the fraudster at this point is usually to gain remote access to the victim's computer and, subsequently, access to their online banking account. No fix actually occurs. The victims will often be cold-called or will receive a pop-up on their computer, prompting them to phone the suspect.

Since the beginning of this year (2018), the total loss for repeat victims of CSSF has been reported as £16,712.85. The National Fraud Intelligence Bureau has noticed an increase in such reports since the beginning of May.

Protect Yourself

- If you receive such an unsolicited call or pop-up, do not make a payment. Always ensure you know who you are talking to. If in doubt, hang up immediately.

- Do not allow remote access to your computer.

- Don't be rushed or pressured into making a decision. Under no circumstances would a genuine bank, or another trusted organisation, force you to make a financial transaction on the spot; they would never ask you to transfer money into another account for fraud reasons. Remember to stop and take time to carefully consider your actions.

- Listen to your instincts. If something feels wrong then it is usually right to question it. Criminals may lull you into a false sense of security when you are out and about or rely on your defences being down when you're in the comfort of your own home. They may appear trustworthy, but they may not be who they claim to be.

For more information about how to protect yourself online, visit and

If you have been a victim of fraud or cybercrime, report it to us at, or by calling 0300 123 2040.

(17th July 2018)

(Action Fraud, dated 19th June 2018)

These fake text messages purport to be from EE and claim that you haven't paid a bill. The link in the message leads to a phishing website designed to steal your EE account login details, as well as personal & financial information.

Don't be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link or attachment in an unexpected email or text.

For more information on how to stay secure online, visit

(17th July 2018)

(Action Fraud, dated 15th June 2018)

The National Fraud Intelligence Bureau has identified an increasing number of reports submitted to Action Fraud from the public concerning courier fraud.

Fraudsters are contacting victims by telephone and purporting to be a police officer or bank official. To substantiate this claim, the caller might be able to confirm some easily obtainable basic details about the victim such as their full name and address. They may also offer a telephone number for the victim to call to check that they are genuine; this number is not genuine and simply redirects to the fraudster who pretends to be a different person. After some trust has been established, the fraudster will then, for example, suggest;

- Some money has been removed from a victim's bank account and staff at their local bank branch are responsible.
- Suspects have already been arrested but the "police" need money for evidence.
- A business such as a jewellers or currency exchange is operating fraudulently and they require assistance to help secure evidence.

Victims are then asked to cooperate in an investigation by attending their bank and withdrawing money, withdrawing foreign currency from an exchange or purchasing an expensive item to hand over to a courier for examination who will also be a fraudster. Again, to reassure the victim, a safe word might be communicated to the victim so the courier appears genuine.

At the time of handover, unsuspecting victims are promised the money they've handed over or spent will be reimbursed but in reality there is no further contact and the money is never seen again.

Protect Yourself

Your bank or the police will never:

- Phone and ask you for your PIN or full banking password.
- Ask you to withdraw money to hand over to them for safe-keeping, or send someone to your home to collect cash, PIN, cards or cheque books if you are a victim of fraud.

Don't assume an email or phone call is authentic

Just because someone knows your basic details (such as your name and address or even your mother's maiden name), it doesn't mean they are genuine. Be mindful of who you trust - criminals may try and trick you into their confidence by telling you that you've been a victim of fraud

Stay in control
If something feels wrong then it is usually right to question it. Have the confidence to refuse unusual requests for personal or financial information.

For more information about how to protect yourself online visit and

(17th July 2018)

(The Guardian, dated 5th June 2018 author Miles Brignall)

Full article [Option 1]:


I have been the victim of identity theft and card fraud over several months now. I have had a bank account opened in my name and four credit cards issued, two of which have been maxed out and run up more than £16,000.

I have reported events as they happen to Action Fraud and dealt with the banks directly to stop the accounts.

However, as there seems to be no end to the card applications being passed, I am wondering if something is going wrong with the reporting to the credit agencies that would flag up concerns attached to my name and address.

There is also the issue of how they are physically getting hold of the cards, as they have not come to the house. I have applied for an Experian report but it insists I send it several forms of ID. I have had to take days off work to sort it out.

Every time a white envelope comes through the door now, I feel sick.

SM, London



What a nightmare this has been, and our first reaction was that you must make sure you are registered with Cifas - the fraud prevention body that will warn any other bank that your ID has been used by thieves. This has since been done and should prevent any future applications succeeding.

The next thing to do is to get a copy of your credit file. You said you were having problems. We asked Experian's HQ to step in and it has now sorted this out and sent you a code that will enable you to see your file. You probably need to contact the other two credit agencies, Equifax and CallCredit, too.

Experian says that once you have established the fraudulent applications, its "victims of fraud team" will then dispute these entries directly with the lenders on your behalf, to help take away some of the legwork.

It says it will take some time to sort out, depending on the extent of the fraud.

However, once it is all done, your credit file should be restored. It also says you should consider adding a password to this report using a "notice of correction". This is an additional security measure that can be sensible if your identity has been compromised, particularly as not all lenders are members of Cifas - this was a new one to me and, I suspect, many others.

Lastly, I would be asking for compensation from the bank (HSBC) and the card providers to cover the days that it will take you to get it all resolved.

(17th July 2018)

(Daily Mail, dated 3rd June 2018 author Charlotte Dean)

Full article [Option 1]:

Cyber thieves are sending's partner properties bogus texts warning of a security breach in a bid to steal cash.

Victims of the scam were told via Whatsapp and text messages that due to a security breach they must change their account password.

However once they clicked on the link given in the message the hackers had full access to the customers booking details.

They then sent them a further message warning that a full payment for their holiday accommodation was needed with bank details to send it to.

Due to the thieves access to booking details including names, addresses, phone numbers, dates, prices and reference numbers the texts appeared legitimate.

Marketing manager David Watts, 35, of Newcastle, told the Sun: 'It looked very believable and I can believe people fell for it.'

However even if alert customers avoided falling for the scam the hackers still managed to retrieve personal data. reported that their systems were not compromised, but hotels it works with on a separate portal were and customers will be compensated. A spokesperson for the company told Mail Online "Security and the protection of our partner and customer data is a top this case, there has been no compromise on systems. This property has been targeted by phishing emails sent by cyber criminals and by clicking on those emails, the property compromised its account. If customers have any questions, they can contact our customer service team" .

(17th July 2018)

(Independent, dated 25th May 2018 author Oliver Wheaton)

Full article [Option 1]:

New data laws (GDPR) coming into force are being used by scammers to steal personal information, police have warned.

Customers of NatWest are among those targeted by the scammers, who have been sending fraudulent emails claiming to be from the bank.

Companies have been contacting their customers to give reassurance that they are adhering to the new General Data Protection Regulation laws. In addition, many companies are asking customers if they are happy to continue receiving emails.

However scammers have created fake emails telling customers their accounts could be terminated if they do not update their records, at which point they are directed to a site which steals any data they input.

These phishing scams are usually perpetrated to gain access to victims' bank accounts.

Action Fraud have released a statement confirming that banks will never ask for a pin, password or memorable information by text or email.

The agency has also pointed out that fraudulent GDPR emails will often contain poor spelling or grammar, as well as sub-quality design you would not expect in a legitimate email from a bank.

Fake emails might also fail to address you by name (instead starting with "Dear friend" or "Dear customer") or could come from a strange email address, such as a Gmail or Yahoo account.

The new GDPR law brought in on Friday after being passed by the European Parliament forces businesses to actively secure consent before using customers' personal data such as their name, phone number and email address.

Having been enshrined in the UK's upcoming Data Protection Bill, the laws will still apply after Brexit and apply to all businesses offering goods or services within the EU.

Several US websites including that of the Los Angeles Times have temporarily been made unavailable in EU counties as a precaution due to the law coming into effect.

(17th July 2018)

MAY 2018

(CCN, Dated 28th May 2018 author Conor Maloney)

Full article [Option 1]:

Described by his sentencing judge as a "one man cybercrime wave", British hacker Grant West caused hundreds of thousands of dollars worth of damages through his activities stealing and selling personal and financial information on the dark web.

West sent phishing emails under the guise of surveys from popular takeaway food delivery service Just Eat, offering food vouchers in exchange for completing a survey. The survey was a fake, and respondents were actually sending their personal details back to Grant so that he could sell them to the dark black market - the phishing scam alone netted West £180,000 or $240,000 which he then converted into Bitcoin. BBC reports that the scam cost the Just Eat company £200,000 or $265,000.

West also directly targeted over 100 other companies including major firms like Barclay's, Asda, Ladbrokes, Uber, and British Airways, hacking them for more customer data to sell. His Barclay's attacks resulted in West's clients fraudulently removing £84,000 or $110,000 from customer accounts and costing the bank £300,000 or $400,000 to remedy through new security measures. Similarly, West cost British Airways £400,000 or $530,000 after he hacked Avios accounts.

He reportedly used the money to pay for a new Audi worth £40,000 or $53,000 and several trips to Las Vegas among other luxuries.

West was arrested in 2017 on a first-class train to London in September 2017. Detectives from the Scotland Yard cybercrime unit chose the moment to end their two-year investigation carefully, making sure Grant was logged into his computer so and grabbing his arms before he could log out of his heavily encrypted cryptocurrency wallets and dark web accounts, which otherwise would be very difficult to link to him legally.

On the laptop, which belonged to West's girlfriend, police found the financial information of 100,000 people. A subsequent raid on his home revealed an SD card with the details of 63,000 credit and debit cards as well as 7 million email addresses and passwords, along with £25,000 or $33,000 in cash and half a kilogram of cannabis, which West was also selling on the dark web.

West went by the username Courvoisier, after the top-shelf brandy, selling stolen information and drugs on the now-defunct site Alpha Bay. He pled guilty to conspiracy to commit fraud, computer misuse, and drug offenses on 2 May and on Friday May 25 Judge Michael Gledhill sentenced West to 10 years and eight months in prison.

Police accessed and seized over £500,000 or $667,000 worth of ill-gotten Bitcoin from West's girlfriend's device, and she was sentenced to community service for unauthorised access of computer material - however, according to Judge Gledhill, over £1.6 million or $2.13 million worth of West's cryptocurrency is still unaccounted for.

(16th July 2018)

(Action Fraud, dated 26th May 2018)

There has been an increase in reports made in May by TSB customers relating to "port-out" fraud. Fraudsters are number porting a victim's telephone number to a SIM card under their control and then using the number to access the victim's bank accounts.

The increase in the number of reports corresponds with the timing of TSB's computer system update, which resulted in 1.9 million users being locked out of their accounts. Opportunistic fraudsters are using TSB's system issue to target individuals, which follows the increase in phishing and smishing communications also targeting TSB customers this month. Victims' bank account and personal details including their phone number are collected by the fraudster, providing them with the information to execute the fraud.

Number porting is a genuine service provided by telecommunication companies. It allows customers to keep their existing phone number and transfer it to a new SIM card. The existing network provider sends the customer a Port Authorisation Code (PAC), that when presented to the new provider allows the number to be transferred across. This service can, however, be abused by fraudsters.

To gain control of the victim's phone number, fraudsters convince the victim's mobile phone network provider to swap their number on to a SIM card in the fraudster's control. Once the fraudster has control of the number they are able to intercept the victims' text messages, allowing them to use services linked to the victim's phone number. This can include requesting an online banking password reset or access to any two factor authentication services.

Victims have reported large losses as a result of this fraud. One victim initially dismissed text messages received from their network provider containing a PAC number. Two days later £6,000 was removed from the victim's TSB current account. The victim subsequently contacted their phone provider and was informed that someone contacted the provider purporting to be the victim and had cancelled their contract and transferred their number to a new SIM. This action allowed the banking fraud to take place.

Protect Yourself:

PAC Code notifications

If you receive an unsolicited notification about a PAC Code request, contact your network provider immediately to terminate the request. Also notify your bank about your phone number being compromised.

Clicking on links/files:

Don't be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text. Remember, criminals can spoof the phone numbers and email addresses of companies you know and trust, such as your bank.

Requests to move money:

A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account.

Port-out Fraud versus SIM Swapping

Port-out fraud is often incorrectly referred to as SIM swap fraud. SIM swap fraud works in a similar fashion, however, instead of porting the victim's number to a new network provider, the fraudster impersonates the victim and requests a new SIM card for their account. Once they have access to the new sim, they have access to the number.

(16th July 2018)

(Action Fraud, dated 25th May 2018)

There has been a sharp rise in fraudsters sending out fake text messages (smishing) and phishing emails claiming to be from TSB. The increase in the number of reports corresponds with the timing of TSB's computer system update, which resulted in 1.9 million users being locked out of their accounts. Opportunistic fraudsters are using TSB's system issue to target people with this type of fraud.

Since the start of May there have been 321 phishing reports of TSB phishing made to Action Fraud. This is an increase of 970% on the previous month. In the same reporting period, there have been 51 reports of cybercrime to Action Fraud which mention TSB - an increase of 112% on the previous month.

Fraudsters are commonly using text messages as a way to defraud unsuspecting victims out of money. Known as smishing, this involves the victim receiving a text message purporting to be from TSB. The message requests that the recipient clicks onto a website link that leads to a phishing website designed to steal online banking details.

Although text messages are currently the most common delivery method, similar communications have been reported with fraudsters using email and telephone to defraud individuals.

In several cases, people have lost vast sums of money, with one victim losing £3,890 after initially receiving a text message claiming to be from TSB. Fraudsters used specialist software which changed the sender ID on the message so that it looked like it was from TSB. This added the spoofed text to an existing TSB message thread on the victim's phone.

The victim clicked on the link within the text message and entered their personal information. Armed with this information, the fraudsters then called the victim back and persuaded them to hand over their banking authentication code from their mobile phone. The fraudsters then moved all of the victim's savings to a current account and paid a suspicious company.

Protect Yourself:

Don't assume an email or text is authentic:

Always question uninvited approaches in case it's a scam. Phone numbers and email addresses can be spoofed, so always contact the company directly via a known email or phone number (such as the one on the back of your bank card).

Clicking on links/files

Don't be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected text or email. Remember, a genuine bank will never contact you out of the blue to ask for your full PIN or password.

If you have received a suspicious TSB email, please do not respond to it, report it to us and also forward it to

Every Report Matters. If you have been a victim of fraud or cyber crime, report it to us online or by calling 0300 123 2040.

Visit Take Five and Cyber Aware for more information about how to protect yourself online.

(16th July 2018)

(Leinster Express, dated 23rd May 2018 author Justin Kelly)

Full article [Option 1]:

uaware note : Scams are international and travel !

The advent of the new General Data Protection Regulation on May 25 within the EU has seen online customers being asked by their service providers to update personal user agreements so that their services such as email updates or record maintenance can be continued.

However, cybercriminals have been trying to take advantage of this type of email on the continent, using it as an opportunity to exploit those agreements and sent fake GDPR notices to customers asking them to confirm login or personal information via online links so that they can continue to use the service being provided.

Recent enquires have already identified a string involving the sending of fake notices which allege to be from Airbnb asking customers to update details in order to continue their agreement.

Clicking on fake or fraudulent links within a phishing email can result in:

- Redirections to fake/infected sites for watering-hole attacks targeting specific online users or organisations
- Malicious attachments which appear to be GDPR related documents or invitations which attack the network or system
- Request for private or personal and financial information such as account details, credit card details, passwords etc.
- Harvesting of email account details which can be exploited for marketing or junk mail campaigns

Users and organisations who have agreements or connections with services for which they have supplied personal information should be aware of this potential threat. The Garda National Cyber Crime Bureau advises that before following any link which asks for personal or financial data, you should ensure

- you are careful before responding to unsolicited emails

- You have an agreement with the service sending you the email

- The email address used to send you the message is genuine and from the provider

- The link within the email is genuine by either hovering over it to ensure it leads to where it says it does, or by checking the page it leads to and its contents

- If still unsure contact the service provider or organisation and confirm that they sent the email

- Never supply banking or financial information via email

Gardaí have stated that banking institutions will never ask for personal information via email. If you receive one, the advice is to delete it and report it to your bank or financial institution. All incidents of phishing or theft of personal information should be reported to your Local Garda Station with a copy of the original email you received.

(16th July 2018)

(The Telegraph, dated 16th May 2018 author Sam Meadows)

Full article [Option 1]:

Those who have lost hundreds of thousands of pounds in so-called "home hijacking" scams - where criminals pose as the owner of a building to sell it - have been given fresh hope after a High Court ruling.

Development company Dreamvar successfully appealed to the High Court relating to a £1.1m fraud. Yesterday's decision places liability on the seller's solicitors for failing to carry out adequate identity checks.

According to Land Registry figures released last year, property hijackings are on the rise. The value of successful frauds rocketed from £7.2m in 2013 to £24.9m this time last year.

Suzanne Raftery, of Requite Solutions, a scam recovery business, said the frequency of cases was increasing, particularly in London where is it not uncommon for properties to be marketed for £1m or more.

She explained that criminals will typically rent a vacant property and begin to intercept the landlord's post before posing as the true owner and selling the house to a cash buyer. Often the Land Registry will be the first to recognise the crime, by which time it is usually too late.

Ms Raftery said: "It's very easy to pretend to be the seller of a property. The checks are pretty much non-existent, solicitors will check a passport and verify it's a picture of you but they often won't verify that it's a real passport. A good fake will get you through.

"The estate agents will then just go 'that's fine' and the sale can go ahead. If you're actually in a property it is much easier to intercept mail and you will have utility bills with your name on. A lot of people are actually renting property with the intention of committing this crime."

In the Dreamvar case, the company purchased a London property from a seemingly legitimate seller for £1.1m. It was only after the firm had already begun refurbishment work that the scam came to light.

Jerome O'Sullivan, a partner at Healys, the law firm that acted for Dreamvar, said the court had confirmed that the vendor's solicitor was best-placed to verify the seller's identity, and that solicitors who were negligent in this duty would have liability to the victim.

He told Telegraph Money that the conveyancers had not met the fraudsters posing as the owners and had accepted a week-old driving licence and a TV licence form as proof of identification.

The Land Registry has reportedly prevented hundreds of these cases in the past decade with a total value of more than £100m.

Ms Raftery, who is a former Metropolitan Police detective, said that cases in London were frequent given the value of homes in the capital. She said she had investigated a case worth £10m relating to the fake sale of a property in Kensington.

"In London even flats are worth a lot so it doesn't look out of the ordinary when someone says they own a £1m property. So it becomes a target for these criminals," she said.

Telegraph Money has reported extensively on conveyancing scams, also known as "Friday afternoon fraud" because of the day that many property purchases go through.

Often fraudsters will gain access to a buyer's email account or that of the solicitor, and insert themselves into the conversation shortly before money is due to be transferred "informing" the buyer of a change of bank account.

After transferring the money, which could be for a deposit or, in some cases, the total value of the property, the criminals will disappear - leaving the victim down tens if not hundreds of thousands of pounds.

In one case reported by this newspaper in March, a 50-year-old restaurateur lost £600,000 to this sort of scam.

How to protect yourself

If you are the owner of a property then an easy and free way to secure it is to register for the Land Registry's alert service. This will notify you whenever someone makes a search for your property.

Ms Raftery said anyone looking to rent out a property should take this step.

In almost all cases the owner will regain control of their property, but this involves complex legal wrangling and could take a long time. It could also derail a sale if you had planned to sell in the near future.

If you are the buyer, there are some avenues you can take to attempt to recover your money, or prevent this from happening to you. Ms Raftery said you should ask your solicitor to check that the vendor's representatives had made the required checks.

If you have already been the victim of a scam you could take hope from the Dreamvar case. Mr O'Sullivan said the case put liability on to the vendor's solicitor if they had not carried out the required identity checks.

Another avenue could be to target the bank that allowed the criminal to open an account. Telegraph Money has campaigned for so-called "recipient banks" to take more responsibility when they have allowed a fraudster to open an account - usually with false or forged documents.

Some banks have paid refunds and compensation to victims in these circumstances, but there is currently no requirement for them to do so and responses are inconsistent.

Ms Raftery said: "If the bank hadn't allowed the proceeds to be laundered then this fraud just couldn't take place."

(16th July 2018)

(The Telegraph, dated 16th May 2018 author Telegraph Reporters)

Full article [Option 1]:

Coffee drinkers are being conned by suppliers fraudulently mixing inferior beans into products labelled 100% Arabica, scientists say.

A study by British researchers testing a new and more accurate method of testing coffee quality looked at coffee on sale at shops and supermarkets.

They found that a tenth of high quality products labelled "100% Arabica" contained significant levels of inferior and cheaper "Robusta" beans. Arabica coffee trades at twice the price of Robusta because of its superior taste.

Finding rogue Robusta in a sample labelled Arabica is not easy, especially after grinding and roasting.

The standard technique detects the fingerprint chemical 16-OMC, which is only found in Robusta coffee, but is costly and takes three days, making large scale surveillance impractical.

The new method takes only 30 minutes and is sensitive enough to detect just 1% Robusta in a blended coffee.

Lead scientist Dr Kate Kemsley, from the Quadram Institute, formerly known as the Institute of Food Research, said: "This is an important milestone for detecting fraud in coffee, as 1% is the generally accepted cut-off between trace contamination, which might be accidental, and more deliberate adulteration for economic gain."

For the study a total of 60 different coffee samples were purchased in consumer countries around the world, including 22 from the UK.

All were tested for 16-OMC using the new nuclear magnetic resonance (NMR) technique, which employs radio waves and strong magnetic fields to obtain detailed information about a substance's molecular composition.

"It was immediately obvious using our test that there were several suspicious samples, producing results that were consistent with the presence of substantial amounts of Robusta - far more than would be expected through unavoidable contamination," said Dr Kemsley.

Two of the samples flagged as "suspicious" were bought in the UK. One contained 1.6% Robusta and the other 21.7%. Other UK samples had notable levels of 16-OMC but fell below the "suspicious" threshold.

Suspicious samples were also obtained from the US, Italy, France and Estonia. One US sample was a third Robusta, despite being labelled 100% Arabica.

A spokesman for the Quadram Institute said it was not possible to name the brands involved. The research, published in the journal Food Chemistry, was funded by the Biotechnology and Biological Sciences Research Council (BBSRC) and had no support from the coffee industry.

Giles Chapman, head of intelligence at the Food Standards Agency's National Food Crime Unit, said: "We're always keen to understand how scientific advances expand the range of tools which can be used to validate the authenticity of food products sold to UK consumers.

"This piece of work has generated some interesting insights which we will be looking to explore further."

Chris Stemman, executive director of the British Coffee Association, said: "The BCA welcomes the new insights that the Quadrum Institute are able to provide in determining what types of coffee make up specific products on sale.

"This is an important and easily accessible tool that could potentially be applied as an assurance measure along the coffee supply chain, so that authenticity can be checked and validated at all stages from farm to cup.

"Supply chain integrity remains a key priority for the UK coffee industry and we welcome further research that looks into this in further depth. Currently there is no evidence to suggest that these findings have any impact on the vast majority of products that consumers buy and enjoy drinking every day in the UK."

(16th July 2018)

(Mirror, dated 13th May 2018 author Bronte Howard)

Full article [Option 1]:

The new plastic fiver has been around for almost two years but would you know if you were handed a fake one?

The new £5 note was released in September 2016 amid much fanfare as the first polymer currency ever issued by the Bank of England.

It's supposed to be the safest yet with a host of new security features.

But one man claims he was handed a counterfeit and is now warning other people to watch out.

Peter Fowler, 37, bought lunch in Port Talbot, south Wales, on Friday and was given a £5 note as part of his change.

But when he folded it up to put it into his wallet he said he noticed something strange, reports WalesOnline .

He said: "It felt like a plastic carrier bag. It felt like it was made out of thin plastic. I looked closer and saw the Big Ben was missing and part of the serial number and the Queen's face were coming off.

"When I compared it to a genuine note I already had I also saw the silver strips were green."

Mr Fowler, who works as a heating engineer, said that if he had been given the £5 note with other notes, he wouldn't have realised.

"At first glance, it looked real. People definitely need to pay attention when they're being handed their change," he said.

"A lot of people won't think twice when putting it in their pocket and it's a lot of money to lose."

So, how do you spot a fake note? This is the Bank of England's official guide to spotting a real one...

- Check the see through window and the portrait of the Queen.
- Check the Elizabeth Tower (Big Ben) is gold on the front of the note and silver on the back.
- Check the foil patch below the see through window changes from 'Five' to 'Pounds' when the note is tilted.
- Check the coronation crown appears 3D.
- Check the ultra-violet feature.
- Check the circular green foil patch on the back of the note which contains the word BLENHEIM.
- If you're worried about whether a note is fake, the Bank of England has a free smartphone app you can download to check.

(16th July 2018)

(Mirror, dated 10th May 2018 author Andrew Penman)

Full article [Option 1]:

The bogus police officer scam continues to claim victims.

One 91-year-old woman lost almost £1,000 after being called by a supposed detective who said that her bank cards had been cloned and should be handed over to a police courier who would come to her home - this scam is sometimes known as courier fraud.

The cards were used in shops and a cash point in Epsom and Ewell, Surrey, before being cancelled. Surrey Police are keen to speak to a skinny man in a green cap captured on CCTV.

Meanwhile, in North Yorkshire there have been some great results in the fight against this scam.

Last week crooks convinced a man aged 78 that he must withdraw £13,000 from his supposedly compromised bank account to help with a police investigation.

Another man, aged 85, was persuaded to withdraw £8,000 and an 80-year-old woman was told she had to take out £7,500.

Worst of all was the attempt to extract £20,000 from an 86-year-old woman who lived in Knaresborough.

In all cases, staff at Lloyds, Barclays and Yorkshire Bank branches realised that something was wrong, prevented the transactions and contacted police.

"The fact that the Banking Protocol has prevented such significant amounts of money being lost to fraudsters this week shows how collaborating with the banks and building societies in North Yorkshire can make a real difference when it matters most," said Detective Inspector Jonathan Rowland, of North Yorkshire Police's Economic Crime Unit.

In three other cases, the intended victims, including a York woman aged 93, realised the calls were bogus and contacted their banks or the police.

Det Insp Rowland added: "It's also positive that our message is getting out there and that members of our community are recognising that these types of calls are not genuine.

"They absolutely did the right thing by ending the phone calls then either alerting the police or their banks.

"North Yorkshire Detectives from the forces Economic Crime Unit are investigating these crimes and doing everything possible to catch those responsible."

(16th July 2018)

(tnooz, dated 2nd May 2018)

Full article [Option 1]:

Travel fraud is escalating at an unprecedented rate. In 2017 alone 4,700 travelers were impacted by fraud. The new findings from ABTA, the City of London Police and Get Safe Online also revealed accommodation booking to be one of the main types of travel fraud.

In many cases, the fraud was related to fake hotels - a scam in which a fraudster will list a fake hotel and then use stolen credit cards to make a booking via the online travel agent's (OTA) website. The OTA will then receive chargebacks for bookings after making a payment to the fake hotel. By this point, the fraudster will have withdrawn all the funds paid by the OTA and won't respond to any contact attempts, leaving the OTA with a financial loss.

This phenomenon is leaving both consumers and online travel agents (OTAs) frustrated and out of pocket. And the criminals are becoming more sophisticated and believable too. In recent months, the travel industry has witnessed an avalanche of fake chalet websites, with consumer press identifying how some criminal enterprises have conned unsuspecting holiday-makers out of tens of thousands of euros.

Another rising accommodation booking scam is 'inflated room prices', with instances of room prices being inflated dramatically followed by a spike in booking volume. This indicates collusion between a hotel and a fraudster. When hotels raise the cost of their rooms, fraudsters will use stolen card details to book rooms via an OTA. When the OTA receives chargebacks, the hotel can provide guest documentation that relinquishes responsibility of them being debited for the fraud. The result? The OTA takes the hit and the hotel and fraudsters split the winnings.

Combating accommodation booking fraud

Travel and tourism now accounts for 10.2 per cent of global GDP and continues to grow as prices reduce and online brands make it easier for consumers to spend. And, with hotel revPAR in Europe increasing 6% in 2017 compared to 2016, accommodation booking is a natural breeding ground for cybercriminals.

Our new research, "It Pays to Know", reveals that fraud is now costing travel intermediaries a whopping $21 billion each year. The rise of fake hotels and inflated room prices must be taken seriously.

There is some straightforward best practice advice that, if followed correctly, could limit OTA's exposure to accommodation booking fraud. This can be as simple as educating employees to recognise the warning signs of dodgy customers. Or it might be ensuring your company's payment solutions are up to date and offer protection and recovery mechanisms.

Virtual cards generally allow controls to be set that significantly decrease the risk of fraud, and they also help recover from it too. For example, Virtual Account Numbers (VANs) allow users to define booking and payment parameters, minimising the risk of fraud when paying travel suppliers. It also offers sophisticated chargeback capabilities, meaning funds may be recovered should fraud occur.

There's no getting away from the fact that fraud in the travel industry will continue to surge, with fraudsters becoming more creative in how they con consumers and OTAs. However, being aware of the signs for new types of fraud, and following simple steps to protect your business, will put you in the best position to reduce incidents and impact.

o learn more about how to better control fraud and lower the potential impact on profits, download our Fraud in travel payments report.

uaware comment

Eight years ago we booked a hotel in Kensington through LastMinute. The hotel was meant to be a 4 star. It was a rush booking on the day and we only viewed the pictures on the Lastminute website rather than also checking rating sites. When we arrived we discovered it was a Georgian "boutique" hotel, but due to an electrical fault we were unable to stay there and a booking had been made a their sister hotel. A taxi had been arranged to take us to the other hotel which was 10 minutes drive away.

When we arrived at the other hotel we discovered it was a seedy hostel and refused the room. We also wrote a refusal letter at the reception desk and asked for a copy; the receptionist complied.

On contacting Lastminute we informed them that the original hotel was not a 4 star hotel, but a 4 star English Tourist Board bed and breakfast. Lastminute gave us a refund. Luckily we are Londoners and know the location of other hotels. Many other London visitors dont know the lie of the land and would have been duped.

Always double check hotel credentials, no matter where you are going.

(16th July 2018)

(Nerdwallet, dated 27th April 2018 author Bev O'Shea)

Full article [Option 1]:

Note : This is a US article, so Social Security Number equals NI number. If someone steals a NI number in the UK, it gives them the right to work. There has been many cases of crooks registering themselves against details of deceased children to get NI Numbers. That scam is meant to have been blocked ???

Identity theft, or identity fraud, once meant crooks were churning out fake credit cards. But as that became easier to detect, a more insidious crime has evolved: the creation of completely new identities.

Known as "synthetic identity theft," it involves fraudsters using a combination of fake information, such as a fictitious name, and real data, like a child's Social Security number, to create fraudulent accounts.

It is a growing problem, says Eva Casey-Velasquez, president and CEO of the nonprofit Identity Theft Resource Center.

But the scope of the problem is difficult to determine because the crime can go undetected for years, she says. However, the rate of children's identity theft was more than 50 times that of adults, according to a 2011 report by Carnegie Mellon University's CyLab, which studied the identities of over 40,000 children. And that report was published before a change in the way Social Security numbers are issued made identity thieves' work a bit easier.

How does synthetic identity theft work?

First, thieves assemble an unused Social Security number - typically that of a minor - along with a fictitious name and birthdate, and an address controlled by the thief.

With those pieces in hand, identity thieves apply for a credit card. While an initial application will be turned down because the "applicant" doesn't have a credit profile, it creates a record of a "person" who doesn't actually exist. The next step is to add that "person" to a legitimate account, or more likely several.

One way to do that is by "piggybacking" - or becoming an authorized user - on a legitimate account, perhaps that of an accomplice or a patsy, who doesn't understand what's going on, Casey-Velasquez says.

A second, more pernicious piggybacking involves paying a credit-boosting company for the persona to be temporarily added as an authorized user to someone else's card - a card that has a long history and low utilization. It doesn't include getting a physical card or a card number or having charging privileges.

In time, there will be a credit history and score for this fictitious person, making it easier to qualify for credit. Casey-Velasquez said the identity often includes an occupation and income, and as long as it seems reasonable, it can go undetected by card issuers.

Over a period that can span years, identity thieves may make small charges and pay them off, thus building a good credit score and receiving higher credit limits.

Then, when they decide the limits are high enough, they do what is called a "bust-out" - suddenly charging the cards up to their limits, paying nothing and discarding the identity.

How do thieves get minors' Social Security numbers?

Taking over a child's Social Security number was made easier after the federal agency's switch to randomization in 2011. Before then, the digits were tied to birthdate and geography, so it was more difficult to use a child's Social Security number without it being discovered.

Now a child's number can more easily be used to establish a credit history. Minors are especially vulnerable because they are likely to have an unblemished credit history.

Some thieves have even been able to make made-up, random numbers work. Casey-Velasquez said criminals have used Social Security numbers that haven't even been issued yet - and when that number is eventually assigned to a newborn, parents find out that the number already has a credit history. In some cases, thieves get access to a child's stolen Social Security number.

And since address verification measures for credit applicants are often out of date, anyone with a printer can produce a fake utility bill for an abandoned property to "prove" the fictitious person lives there.

What are the uses of synthetic identity?

According to the Government Accountability Office, there are three main reasons people create these false identities:

- Identity fraud for nefarious activities: stealing money or benefits. This is the one that costs businesses the most in terms of credit card fraud.

- Identity fraud for residency or work: a false identity created to live or work in the U.S.

-Identity fraud for credit repair: the perpetrator combines his or her real name with an unblemished Social Security number to create an alternate credit history.

Who is most at risk?

Randomized Social Security numbers put children born after 2011 at especially high risk for synthetic identity theft - and the theft of a child's Social Security number can go undetected for years.

Only later, when a victim tries to apply for credit using that number, is he or she likely to discover it has been misused. For example, a high school student applying for a student loan or a first job might find their Social Security number is already in use. Then, it's their mess to clean up.

Anyone with a pristine credit history can be a target. Data breaches mean a lot of Social Security numbers are out there and up for sale. It's best to assume those digits aren't private and to try to ensure they aren't misused.

(16th July 2018)

(BBC News, dated 30th April 2018)

Full article :

A bogus Help for Heroes collector who made thousands of pounds while pretending to be a serving soldier must pay back £725.

David Santini, 56, was caught while collecting money at an antiques fair when police became suspicious about the style of his military uniform.

Lincoln Crown Court heard he made £5,000 from his crimes, with a significant amount already seized.

He was jailed in November for 15 months after admitting two charges of fraud.

The hearing was told Santini, of North Drove, Quadring, near Spalding, had already been freed from jail under the early-release scheme.

He came to the attention of police who were patrolling the antiques fair at Newark Showground in Nottinghamshire in 2014.

During sentencing, the court heard he was unable to produce an armed forces identity card when challenged.

It was later discovered that he had served in the army but received a dishonourable discharge in 1983.

He also admitted conning £2,000 out of Patricia Taylor, a widow in her 70s, which she wanted to donate to a Lincolnshire-based veteran's charity.

The cash collected at Newark was already with police and Mrs Taylor's money had already been returned, the court previously heard.

Judge Andrew Easteal ordered £518 in cash and a further £207 in Santini's bank account to be confiscated under the Proceeds of Crime Act.

(16th July 2018)

(Hull Daily Mail, dated 15th May 2018 author Sophie Corcoran)

Full article [Option 1]L:

A fraudster made fake car insurance policies for hundreds of people and offered quotes to thousands.

Nigel Fox, 49, of Hull, admitted acting as a "ghost broker" and using false personal details to create numerous fake motor insurance policies.

He also forged no claims discount letters (NCDs), which he submitted to insurance companies to significantly lower the price of the premium.

Fox, who had been faking documents since 2009, had previously been employed as an insurance broker for a company in Hull, and he knew about insurance practices and the industry.

Fox told an investigation by City of London Police's Insurance Fraud Enforcement Department (IFED) he did not change his contact work mobile number after he left his previous employment, and as a result, continued to receive calls from his customer base of 5,000 people.

He went on to admit he arranged policies for those who contacted him, and admitted he had made around 7,000 quotes for people who had contacted him. In a separate interview, Fox also stated that he intercepted motor insurance policies for "hundreds" of people from 2009-2015.

An investigator by a financial investigator for IFED identified a significant amount of financial transactions passing through bank accounts held by Fox during the years of his offences. It is estimated that Fox gained roughly £25,000.

Fox has been jailed for 12 months at Hull Crown Court.

City of London Police Detective Constable Peter Gartland, who led the IFED's investigation, said: "It's clear Fox used his prior knowledge of the insurance industry to deceive multiple insurance companies and manipulate their policies so that he could offer them at a cheaper price.

"On top of this, he defrauded a number of innocent members of the public with offers of fraudulent cheap insurance and exposed them to the direct harms caused by ghost broking, such as points on their licence and possible seizure of their car. It seems his fraudulent activity also helped facilitate local criminal gangs as their vehicles were insured to appear legitimate.

"This case is just one in a series of investigations where the IFB and the insurance industry has shared valuable intelligence with IFED to help us convict insurance fraudsters, including ghost brokers, and bring them to justice."

Head of investigations, Jason Potter, said: "Fox was a particularly manipulative individual who was willing to go to great lengths to deceive members of the public in order to line his own pockets. We are pleased that the collaborative work between IFB, IFED and our insurer members has been successful in bringing Fox's criminal activities to light.

"We hope that this sentencing sends a clear message to anyone considering carrying out an insurance fraud scam that the industry is committed to tackling this serious issue and we are dedicated to working together in order to ensure these fraudsters get the justice they deserve."

(16th July 2018)

(Birmingham Live, dated 1st May 2018 author Cathrina Hulse)

Full article [Option 1]:

A pensioner was scammed out of thousands of pounds and fooled into a £16,500 spending spree in Birmingham city centre by a conman she met on a gaming app.

The 85-year-old victim was drained of ever-increasing sums of money after handing over her name and address to a man she encountered on the 'Words with Friends' platform.

Police said the crook sent a 'friend' to her address to collect cash after they met on the app last October.

The scam only ended when police received a tip-off and visited the victim's home on April 9.

It was revealed that the she'd been taken into Birmingham city centre on April 3 and made to buy £16,500-worth of jewellery under false pretences.

Officers conducted CCTV checks at the store on Vittoria Street in the Jewellery Quarter .

They now want to trace a man who was spotted with the victim inside the shop.

Anyone with information should call West Midlands Police on 101, quoting 20WS/78872X/18.

To remain anonymous, contact Crimestoppers on 0800 555 111.

Last month, a Solihull pensioner was conned out of £500 in a cruel doorstep scam by a man claiming to be a council worker.

The elderly victim, from Shirley , handed over the cash after the con-artist knocked at his door earlier this month.

The fraudster said he was investigating a 'cowboy builder' job and that he would need £500 in 'court fees'.

The victim told Solihull Trading Standards that he paid the bogus official the money in order to get rid of him.

Shockingly, the brazen thief tried to con the pensioner out of more cash on March 14 and 15 but the victim did not have any money.

The ruthless crook even managed to obtain the pensioner's phone number and later harassed him for more cash.

(16th July 2018)

(The Telegraph, dated 28th April 2018 author Amelia Murray)

Full article [Option 1]:

EBay has been accused of failing to protect users from scams and dodging responsibility for the number of fake listings it allows to be posted on its website. Shopping scams of all kinds are rife online.

More than 42,000 reports were made to Action Fraud, Britain's fraud reporting service, last year. The average loss was £1,349.

Yet a protective legal framework introduced almost 20 years ago and its own terms and conditions allow eBay, the multi-billion-pound online marketplace, to distance itself from the problem.

The e-Commerce Directive 2000 states that as long as the "service provider has no knowledge or control over the information that is transmitted" it is not liable for the accuracy of the listings. But sites must "act expeditiously" when "removing or disabling access to information on obtaining actual knowledge".

Sarah Miles, a partner at Nockolds, the law firm, said eBay "obviously relies" on this part of the directive as a "get-out clause" when accused of failing to combat fraud. EBay's own terms and conditions also allow it to shrug off responsibility.

It said that although it used "techniques" that aim to verify users, it was a "difficult" task. Therefore the company says it is "not responsible" for ensuring "the accuracy or truthfulness" of users or the information they provide.

Thousands of individuals have joined Facebook groups, such as eBay Vehicle Scam Alerts, which has more than 5,000 members, or forums to warn others.

They publicise suspicious email addresses used by criminals on eBay and to report scam listings, often featuring high-value items such as vehicles, before others are conned out of thousands of pounds.

###'An eBay fraudster stole £1,500 and they'd been reported before'

After Colin Labouchere lost £1,500 trying to buy an organ on eBay, he discovered that the fraudster's email address had been reported online months earlier.

Mr Labouchere, 79, spotted a Roland C-330 Classic organ listed on the site at the start of April.

Within the listing was an email address, which is against eBay's rules. This is to ensure that deals are not taken "off platform".

But the fraudster had managed to bypass the marketplace's systems by including the information in an image.

Criminals will try to get buyers to contact them directly so that eBay cannot intervene and they avoid detection.

The listing disappeared but Mr Labouchere emailed the seller and they agreed on £1,500, which the seller insisted was paid "through eBay".

Mr Labouchere, who said he was a regular user of eBay, received what appeared to be an invoice from eBay. He said he hadn't seen one before but believed it was genuine, and protected, so went ahead and paid by bank transfer.

The seller said he would arrange for a delivery the next week. But when the organ didn't arrive as expected, and the fraudster stopped responding to emails, Mr Labouchere knew he'd been conned.

He reported the crime to his bank, Action Fraud and eBay and found that someone had posted a list of email addresses used by eBay scammers on the Facebook page of Action Fraud in December last year, including the one he had corresponded with.

Mr Labouchere said: "If eBay had taken due care it would have picked up that the email address had been associated with another scam before."

###'The website can't seem to stop scam listings'

Peter Barrett spotted a number of suspicious listings for around 20 classic cars on eBay last October, all with a starting price of 99p.

The seller explained in the post he would offer a reasonable quick-sale price. Those interested were to contact the user directly over email.

Mr Barrett, 62, said the messages were almost identical and contained the same email address. He suspected a scam and contacted eBay. Eventually the ads got removed, he said, but they would soon reappear.

He said: "This has been going on since at least October last year. It's clearly a problem but eBay doesn't seem to be able to stop it."

Mr Barrett, who teaches computing at a junior school, said eBay "didn't seem to be that bothered" but he was concerned for new users of the service.

###Is eBay doing enough to protect users from fraudsters?

Chris Underhill, chief technical officer at Equiniti Cyber Security, said there was a "massive fraud team" at eBay, which should be "keeping on top of this".

He said it wouldn't be unreasonable for eBay to install software that detected text, such as email addresses, in images.

"You can hide all sorts of information in pictures but the technology that detects it is not that advanced," Mr Underhill added.

"It's not difficult for eBay to implement this software."

Telegraph Money reported how fraudsters used pictures to hide text on eBay in 2016 - yet fraudsters are still able to get away with it.

Ms Miles said until eBay was forced to take responsibility for the scams, which would "hit it in its pocket", the onus would be on users to keep themselves safe.

###How to protect yourself against eBay scams

Be suspicious of items with unrealistically low prices.

If you are buying a car arrange to see it before paying. Walk away if the seller refuses.

Don't email the seller directly, even if they offer you an "off platform" price. Use eBay's messaging service.

Be wary if the descriptive text is in a picture or screenshot. This is to stop buyers copying and pasting the text into a search engine to see if it has appeared elsewhere.

?Google the email address to see if it's been associated with a scam and report it to eBay if so.

?Don't pay by bank transfer, as the bank won't refund you if things go wrong; neither will eBay. PayPal is safer. Vehicles are not covered by eBay's money back guarantee.

If you've been tricked into making a bank transfer, on eBay or otherwise, read our guide which explains in detail what you should do.

For more tips about avoiding vehicle scams on eBay see here :

EBay's response

The firm said it continually invested in new technology and "works hard to protect customers from criminals who attempt to attack the entire industry".

It claimed to use a "combination of online and human detection methods" but said criminals "continue to actively try to engage in online fraud" and on "very rare occasions make it beyond listing". An eBay spokesman said the site had "redoubled" efforts to help users protect themselves.

(16th July 2018)

APRIL 2018

(Action Fraud, dated 30th April 2018)

The National Fraud Intelligence Bureau (NFIB) have noticed an increase in Action Fraud reports where fraudsters are offering a discount on Television service provider subscriptions. Fraudsters are cold-calling victims, purporting to be from a Television (TV) provider offering a discount on their monthly subscription. Victims have been told the following: their subscription needs to be renewed; that part or all, of the TV equipment has expired and they are due an upgrade on the equipment/subscription. In order to falsely process the discount, the fraudster asks victims to confirm or provide their bank account details. The scammers may also request the victim's identification documents, such as scanned copies of passports.

The fraudsters are using the following telephone numbers: "08447111444", "02035190197" and "08001514141". The fraudster's voices are reported to sound feminine and have an Asian accent.

Later victims make enquiries and then discover that their TV service provider did not call them and that the fraudster has made transactions using the victim's bank account details.

This type of fraud is nationwide. Since the beginning of this year (2018), there have been 300 Action Fraud Reports relating to this fraud. From the reports received, victims aged over 66 seem to be the most targeted.

What you need to do

- Don't assume a phone call or email is authentic: Just because someone knows your basic details (such as your name and address or even your mother's maiden name), it doesn't mean they are genuine. Criminals can exploit the names of well-known companies in order to make their scams appear genuine.

- Don't be rushed or pressured into making a decision: a genuine company won't force you to make a financial decisions on the spot. Always be wary if you're pressured to purchase a product or service quickly, and don't hesitate to question uninvited approaches in case it's a scam.

- Stay in control: Have the confidence to refuse unusual requests for personal or financial information. Always contact the company yourself using a known email or phone number, such as the one written on a bank statement or bill.

Visit Take Five ( and Cyber Aware ( for more information about how to protect yourself online.

(1st May 2018)

(London Evening Standard, dated 25th April 2018 authors Nicholas Cecil and Joe Murphy)

Full article [Option 1]:

Scotland Yard is probing allegations of postal vote malpractices in a key borough for the May 3rd local elections, the Standard reveals today.

Eleven cases in Hammersmith and Fulham have been reported to police including some where residents say they have been issued with postal votes they did not request. Officers are understood to have spoken to some individuals who believe they were tricked into applying for a postal vote.

One woman thought that she was signing a petition about Charing Cross Hospital, it is claimed.

The allegations come amid a surge in people applying for postal votes in some marginal wards in the Labour-run borough. The Conservatives claim there have been huge increases in postal vote registration on several estates where Labour is strong.

Figures compiled by the Tories show postal vote registrations in Town ward, which has three Conservative councillors, rose from 1,268 before last year's general election to 2,005 this month. More specifically, in the Town ward "C" polling district which runs from Fulham Road towards Putney Bridge, the number jumped from 307 in March 2017 to 758 this month.

Conservatives say that on four estates in this district there have been big rises in postal vote registrations to 50 per cent of the electorate in Pulton Place, 42 per cent in Fulham Court, and 35 per cent on Barclay Close and Lancaster Court.

Greg Hands, Tory MP for Chelsea and Fulham, said: "Some people were signed up by the Labour Party and are telling us that they had not knowingly requested one [a postal vote] and do not want one." The Conservatives referred their concerns to the police.

The London Labour Party rejected accusations of wrongdoing against its campaign teams. A spokesman said: "This is a completely baseless allegation and a desperate, politically-motivated attempt by a Tory MP to use the police to grab a headline during a closely-fought election campaign."

A council spokesman said: "There are currently no concerns about the validity of any votes in Hammersmith and Fulham." Scotland Yard has been contacted for comment.

(1st May 2018)

(Action Fraud, dated 24th April 2018)

The 2018 FIFA World Cup will take place from 14th June - 15th July 2018. The worldwide demand for match tickets, flight tickets, and somewhere to stay throughout the competition is expected to be significant. Those planning to travel should exercise caution when considering the purchase of tickets or accommodation because the event is highly likely to be targeted by fraudsters looking to take advantage of unsuspecting fans.

Fraudsters will likely be posing as;

- Official World Cup ticket vendors or private individuals attempting to sell on a match ticket via online marketplace.

- A fraudulent website or operator offering non-existent flights or other transport to host cities.

- An accommodation booking service, hotel or operator, offering seemingly convenient accommodation in one of the host cities for the duration of the game.

- Lottery or competition organisers claiming that you've won a prize or cash related to the tournament.

Action Fraud received over six hundred reports and intelligence submissions in relation to the previous World Cup so it's vital that football fans exercise caution when considering a purchase or making a transaction.

Protect yourself:

- Listen to your instincts: If something feels wrong then it is usually right to question it. Fraudsters will use the promise of steep discounts to lure you into handing over your money or revealing personal/financial details.

- Clicking on links/files: Don't be tricked into giving a fraudster access to your personal or financial details, and never automatically click on a link in an unexpected email or text.

- Visit the Action Fraud website and take a look at their Ticket Fraud, Holiday Fraud and Lottery Fraud advice pages before making any decisions or bookings.

- For useful advice and information on the World Cup please visit the Government Guidance Pages:

Visit Take Five ( and Cyber Aware ( for more information about how to protect yourself online.

(1st May 2018)

(The Telegraph, dated 23rd April 2018 author Olivia Rudgard)

Full article [Option 1]:

MoneySavingExpert founder Martin Lewis is to sue Facebook over scam adverts using his image.

The commentator and financial journalist is claiming defamation over allegations that the site is publishing scam adverts using his image causing vulnerable people to hand over thousands of pounds to criminals.

He said the company had hosted more than 50 of the scam ads and that it had failed to act because it was motivated by "greed".

Mr Lewis said the legal action, due to be launched on Monday, was the result of months of frustration with scammers who were piggybacking on his reputation and preying on Facebook users with outlandish get-rich-quick scams.

Supporters have handed over thousands of pounds in good faith, only to find the advert has nothing to do with Mr Lewis or his company.

"Vulnerable people are the ones being scammed and the ones being hurt," he told the Daily Telegraph. "It has to take some responsibility."

"It is not worth Facebook's while improving its systems. The company who is the leader in facial recognition, when it's been put on notice by someone that there is a scam and that that person never does adverts, it is not beyond its wit and wisdom to notify me of these adverts, and ask if they are legitimate.

"But its processes don't work like that - it wants to make it flexible and easy for anyone to be able to advertise - and it has done, including criminal scammers.

"Facebook has become this big agglomerated organisation where no-one seems to take care and responsibility."

Any damages won through the lawsuit will be donated to charity, by Mr Lewis said the legal action was not designed to win the case itself, but to force the company to change its policy on advertising, for example by having inbuilt settings notifying well-known people every time their image was used in an advert, requiring their approval.

He said he has repeatedly reported the adverts, only for new, almost identical ones to appear days later.

"I don't do ads, so an ad with me in it, does not have my permission. These are companies warned about by the FCA, warned about by Action Fraud - this is about as clear cut as it gets," he said.

"Why do I have to go through the time, cost and stress of doing the work? I have people spending half their week doing this. I'm not being paid by Facebook. It's making the money - if I'm going to have to do that can it pay me a fee to police it?

"It sees each advert as discrete, and the next day there's another one. They're not identical but it's the same thing. They say 'it's a new advert, you've got to report it'.

"It's distressing, and genuinely makes me feel physically sick when I hear someone has lost money because of this, and because they trusted me, and now they blame me. It is very upsetting, personally - not as upsetting as it is for the people who have lost money."

He said "fake ads" needed to be taken seriously alongside "fake news" as a threat to civil society.

"Our democracy is failing to protect vulnerable from scammers by appeasing one of the world's biggest and richest companies. That is a bit of a threat as well. There isn't enough focus on fake ads."

Solicitor Mark Lewis of Seddons, leading the lawsuit, said: "Facebook is not above the law - it cannot hide outside the UK and think that it is untouchable.

"Exemplary damages are being sought. This means we will ask the court to ensure they are substantial enough that Facebook can't simply see paying out damages as just the 'cost of business' and carry on regardless.

"It needs to be shown that the price of causing misery is very high."

A Facebook spokesperson said: "We do not allow adverts which are misleading or false on Facebook and have explained to Martin Lewis that he should report any adverts that infringe his rights and they will be removed.

"We are in direct contact with his team, offering to help and promptly investigating their requests, and only last week confirmed that several adverts and accounts that violated our Advertising Policies had been taken down."

What happens to victims of fraud

Victims are told to first report the scam or fraud to Action Fraud, the national reporting centre for cyber crime and fraud.

Action Fraud passes the report to the National Fraud Intelligence Bureau. The NFBI then analyses the case to find out if there are any viable lines of enquiry. If there are, the report is sent to the police for investigation.

The police unit may not have the resources to dedicate to investigating the fraud even if it receives the report.

According to independent charity, the Fraud Advisory Panel, victims outside of London have even less chance of their fraud cases being investigated.

If there are insufficient viable lines of enquiry for an investigation, the NFBI holds the report in case new leads emerge.

(1st May 2018)

(The Telegraph, dated 20th April 2018 author Adam Williams)

Full article [Option 1]:

A growing number of young people are being lured into illegal work as "money mules".

Anti-fraud prevention service Cifas said there was a 27pc increase in the number of 14-24 year olds being used as money mules during 2017.

A money mule is a person who is used by criminals to move illegal funds between accounts, whether in person or electronically, in order to launder the money and evade authorities.

Young people are often used to transfer money. The National Fraud Database warned earlier this year that fraudsters were using popular messaging app WhatsApp to lure in unsuspecting youngsters.

Cifas said cash-strapped students were a particular target for the scam as criminals often promised large rewards for small amounts of work.

More than 32,000 bank accounts were highlighted as being subject to money laundering by money mules last year, an 11pc rise on 2016.

Dean Curtis, of financial crime firm LexisNexis Risk Solutions, said young people were engaging in illegal activity without considering the potential repercussions.

"To avoid banks' stringent identity fraud checks, criminals are increasingly turning to laundering their illicit funds through other people's bank accounts, and probably giving them great compensation for doing so," he said.

"This trend has already increased 11pc since 2016 and could easily continue to rise. More young people are being recruited in this manner, particularly among the student population, who are handing over their identities and banking credentials without understanding the implications."

Other data published by Cifas showed identity fraud reached an all-time high during 2017, with 174,523 cases recorded. It said 95pc of these cases involved the impersonation of an innocent victim.

Mike Haley, of Cifas, described the levels of fraud in the UK as "frighteningly high" and said criminals were using increasingly sophisticated techniques to find victims.

"As some targets become harder to crack, criminals turn to what they consider are softer targets. However, as fraudsters see their attempts become more difficult, the question will arise about where they will target next."

(1st May 2018)

(Action Fraud, dated 20th April 2018)

The 2018 FIFA World Cup will take place from 14th June - 15th July 2018. The worldwide demand for match tickets is expected to be significant. Action Fraud have been alerted to several websites which are offering World Cup Tickets for sale, some at highly inflated prices. A FIFA spokesperson said:

"FIFA regards the illicit sale and distribution of tickets as a very serious issue and it has been reminding all football fans that is the only official and legitimate website on which to buy 2018 FIFA World Cup tickets."

"FIFA has received various complaints and enquiries by customers of non-authorised ticket sales platforms, and has consistently confirmed that these companies cannot guarantee access to the stadiums as the respective tickets may be cancelled. Insofar customers are at risk of investing a high amount of money (also for travelling and accommodation) without having the certainty to actually be able to attend the matches."

FIFA have also warned that "any tickets obtained from any other source, such as ticket brokers, internet auctions or unofficial ticket exchange platforms, will be automatically rendered void and invalid".

Action Fraud received over six hundred reports and intelligence submissions in relation to the previous World Cup so it's vital that football fans exercise caution when considering a purchase or making a transaction.

Protect yourself:

- Don't take the risk. Tickets for the World Cup 2018 can only be purchased directly from FIFA. For more information, please visit

- A FAN ID is required for fans to be able to enter the 2018 FIFA World Cup stadiums. Exercise caution if using a third party to obtain your FAN ID for you. You may be charged inflated costs for the service and your personal details may be compromised. For more information, please visit

- Visit the Take Five website for the latest guidance on how to avoid becoming a victim of fraud.

- For useful advice and information on the World Cup please visit the Government Guidance Pages;

(1st May 2018)

(BBC News, dated 9th April 2018)

Full article :

Dozens of travellers returning to Bristol Airport were left stranded after a meet-and-greet parking company failed to return their cars.

Police said a "significant number of motorists had been unable to retrieve vehicles" after returning to the terminal between Friday and Sunday.

Bristol Airport said the firm involved - Absolutely Secure Airport Parking - was not connected with the airport.

The company is yet to respond to requests for a comment.

The Bristol Post reported that some customers found their "filthy" vehicles in lay-bys and fields.

Russell and Amanda Lewington, from Box in Wiltshire, called police on Friday morning after their calls to the company went unanswered.

They said dozens of other travellers who were in a similar situation had apparently booked the same service through different intermediaries.

Mrs Lewington said, when the company's owner eventually left with police to fetch the keys, he was taken ill.

She said: "People were getting more fractious but trying to stay calm because there were children waiting with us.

"Some people were returned their keys but had no idea where their cars were parked. Some found their cars in lay-bys near the airport."

After getting a taxi home, the Lewingtons eventually located their car through a WhatsApp social media group set up by another stranded passenger and collected it from a farmers' field about 15 miles from the airport on Saturday afternoon.

Lee Drinkwater, a Royal Marine from Exmouth in Devon, found his Mercedes nine hours after returning to the airport on Friday.

He said he was charged £35 by the company for 24 hours of secure parking.

"The vehicles were stored in lay-bys, farmers' fields, down dirt tracks. They were not in secure locations as advertised."

Mr Drinkwater said that up to 30 families were among those waiting for their cars on Friday.

"They were cold, tired and hungry," he added.

Other passengers took to social media to express their anger at the situation.

Writing on Facebook, Kim Price-Harris said: "Cars left in lay-bys or on farms covered in mud. They don't even know where people's cars are or their keys.

"Lots of people left stranded at the airport."

A spokesperson for Bristol Airport said: "While we have no control nor influence over the services provided by Absolutely Secure Airport Parking Bristol, our ground transportation team and on-site police unit provided assistance to passengers affected to help locate their vehicles."

Avon and Somerset Police said it was investigating but "keeping an open mind as to whether any criminal offences have been committed".

uaware comment

This may not be deemed as fraud, but it definitely is deception.

(1st May 2018)

(BBC News, dated 7th April 2018)

Full article :

Holidaymakers are being warned about fraudsters who place false adverts on accommodation websites, conning them out of hundreds of pounds.

Last year, some 4,700 travellers fell victim to such scams, which included fake airline tickets.

On average those affected lost £1,500 each in 2017, according to the police, a 25% rise on the year before.

In many cases the fraudsters hack into accommodation websites and ask to be paid directly.

But as soon as payment is made, they disappear.

The Association of British Travel Agents (Abta) is also warning about fake airline tickets that never arrive. Last year, most of the flights concerned were to Africa or Asia.

"I was petrified"

Last May, legal secretary Georgia Brown tried to book a holiday in Amsterdam for herself, her partner Jamie, and some friends.

She spotted an advert on an accommodation website, where the owner of the apartment was asking for a deposit of £915.

She corresponded with the man by email, and then sent the money off by bank transfer.

But she never heard from him again.

"At the time I was petrified. I thought someone had hacked into my bank account. It was really scary," she said.

She was also critical of the booking site involved.

"I just don't understand how this person was allowed to advertise on the website."

Georgia Brown eventually got her money back through her bank.

'Emotional impact'

In order to avoid being conned, Abta advises holidaymakers to:

- Do research. Check the holiday company's credentials, and look at several reviews of the property involved

- Check the web address is legitimate, and has not been altered. For example from to .org

- Be cautious about paying directly into an individual's bank account. Bank transfers are like paying by cash, so are difficult to trace. It is safer to use a debit or credit card

More than half of the victims of travel scams told Action Fraud that the experience had affected their mental health or financial well-being.

In some cases the impact was even more serious.

"The startling emotional impact of falling victim to holiday fraud is highlighted in the latest figures, as 575 people reported that the harm to them was so severe, they had to receive medical treatment or were at risk of bankruptcy," said Pauline Smith, head of Action Fraud.

It follows earlier warnings this year about so-called "chalet fraud" for people booking ski-ing holidays.

On average those who were tricked into sending off money to reserve a chalet lost more than £2,000 each.

(1st May 2018)

(Action Fraud, dated 5th April 2018)

Action Fraud has received several reports indicating that sellers of items on online marketplace websites are falling victim to fraud by bogus buyers. Typically, the bogus buyers contact the seller wanting to purchase the item for sale and advise they will be sending the requested amount via PayPal or other electronic payment method. The seller then receives a fake, but official looking email stating they have been paid more than the asking price and to send the difference back to the buyer's bank account. In reality, no money has ever been sent to the seller; the bogus buyer has spoofed an email and purported to be an online payment company. All contact is then severed with the seller.

It is important to remember that selling anything could make you a target to these fraudsters however the NFIB has identified that those offering sofas, large furniture and homeware are particularly vulnerable.

Protection Advice

- Don't assume an email or phone call is authentic. Remember criminals can imitate any email address. Stay in control. Always use a trusted payment method online, such as Paypal, and have the confidence to refuse unusual requests for payment like bank transfers.

- Don't be rushed or pressured into making a decision. Always verify that you have received payment from the buyer before completing a sale.

- Listen to your instincts. Criminals will try and make unusual behaviour, like overpaying, seem like a genuine mistake.

Visit Take Five ( and Cyber Aware ( for more information about how to protect yourself online.

If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting or by calling 0300 123 2040.

(1st May 2018)

(Action Fruad, dated 5th April 2018)

Victims receive a telephone call from someone purporting to be a bailiff enforcing a court judgement, attempting to recover funds for a non-existent debt. The fraudsters state the debt originates from the victim not paying a magazine advertisement subscription.

A variety of magazine names and publishers are being used by the fraudsters, who also commonly use the names of certified Bailiff Enforcement Agents such "Scott Davis", "Stephen King" and "Mark Taylor". These are names of certified Bailiff Enforcement Agents employed by debt enforcement companies.

The fraudsters request that the debt be repaid by bank transfer. If the victim refuses, they threaten to visit the victim's home or place of work to recover the debt that is owed.

Once the money has been transferred, victims are not provided with receipt details of the payment or contact details. Later when victims make enquiries, they'll discover that the debt did not exist, and often that no advertisement was placed.

This type of fraud is nationwide. Since 2017, there have been 52 Action Fraud Reports relating to this fraud. From the reports received, there are a range of different businesses and individuals being targeted.

Protection Advice:

1. Listen to your instinct: just because someone knows your basic details, such as your name and address, it doesn't mean they are genuine.

2. Stay in control: always question cold callers: always contact the companies directly using a known email or phone number.

3. Don't be rushed or pressured into making a decision: a legitimate company will be prepared to wait whilst you verify information.

If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting or by calling 0300 123 2040.

Visit Take Five ( and Cyber Aware ( for more information about how to protect yourself online.

(1st May 2018)

MARCH 2018

(Telegraph, dated 27th March 2018 author Telegraph Reporters)

Full article [Option 1]:

The chief locksmith at a major hospital trust defrauded it out of nearly £600,000 by hiring his own supply firm and charging a 1,200 per cent mark-up on goods, a court heard.

Andrew Taylor, who was the main locksmith for Guy's and St Thomas' NHS Foundation Trust in London, was found guilty of fraud by abuse of position at Inner London Crown Court and jailed for six years.

The 55-year-old, of London, was responsible for obtaining a best value quotes for locksmith supplies, but purchased locksmith materials from a company that he owned himself.

According to the NHS Counter Fraud Authority (NHSCFA), which investigated the case, he failed to declare a conflict of interest and charged "extortionate" mark-up prices, some up to 1,200%.

Taylor started to work at the hospital trust as a carpenter in 1998 and was appointed permanent locksmith in 2006. Between 2007 and 2013, a company called Surety Security supplied Guy's and St Thomas' with locksmith materials.

Investigators found that apart from two very low value jobs, Surety Security had no customer other than Guy's and St Thomas'. It was later discovered that the company was owned and controlled by Taylor.

When the deception was discovered Taylor was suspended, and resigned before disciplinary procedures were completed.

The NHSCFA said Taylor abused his position of trust to defraud his employer of £598,524.27.

It is the first conviction secured by the NHSCFA since its establishment as a special health authority in November 2017.

"This is a significant and rewarding outcome for the NHSCFA, and sends a clear message that we will intervene and take action against those who commit fraud against the NHS and who take money originally intended for patient care for their own personal gain," said Sue Frith, interim chief executive of the NHSCFA.

"Andrew Taylor exploited his position at Guy's and St Thomas' to satisfy his own greed and personal lifestyle.

"The sentence imposed today should act as a clear deterrent to anyone else who thinks that NHS funds are there for their own gain, instead of being there to meet the healthcare needs of everyone.

"The NHSCFA's action now continues to pursue the money taken by Taylor in order to return it to the NHS."

(1st April 2018)

(Action Fraud, dated 16th March 2018)

Fraudsters are cold-calling victims, falsely stating that they are calling from one of the well-known UK telecommunication service providers. They call victims claiming to provide a 'Telephone Preference Service' - an enhanced call-barring service, which includes barring international call centres.

The fraudsters ask victims to confirm/provide their bank account details, informing them that there is a one-off charge for the service. Victims instead see monthly debits deducted from their accounts, which they have not authorised. The fraudsters often target elderly victims.

In all instances, direct debits are set up without following proper procedure. The victim is not sent written confirmation of the direct debit instruction, which is supposed to be sent within three days.

On occasions when victims attempted to call back, the telephone number provided by the fraudster was either unable to be reached or the victim's direct debit cancellation request was refused.

During 2017, there were 493 Action Fraud Reports relating to this fraud.

Protect yourself:

- There is only one Telephone Preference Service (TPS). The TPS is the only official UK 'do-not-call' register for opting out of live telesales calls. It is FREE to sign-up to the register. TPS never charge for registration. You can register for this service at

- You will receive postal confirmation of genuine direct debits. If you notice unauthorised payments leaving your account, you should contact your bank promptly.

- Always be wary of providing personal information, or confirming that personal information the caller already claims to hold is correct. Always be certain that you know who you talking to. If in doubt hang up immediately.

If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting or by calling 0300 123 2040.

(1st April 2018)

(Liverpool Echo, dated 12th March 2018 author Caroline Jones)

Full article [Option 1]:

Sorting out your car insurance can be enough of a nightmare without falling foul of a scam in the process.

But there's a scheme you'll want to be aware of when deciding where to get your policy from - and it's been doing the rounds for a little while now.

Not everyone, however, has heard of ghost-broking, which makes it very difficult for motorists to remain vigilant about what has been described as an "extremely complex" scam.

Here, we explain what it is and how you can avoid being fooled by it:

So, just what is ghost-broking?

Ghost brokers are fraudsters who sell drivers apparently cheap motor insurance deals but issue policies that aren't worth the paper they're written on, says the Insurance Fraud Bureau.

They may use some of the drivers' correct details but often falsify information, such as the address or age, to benefit from lower premiums.

Typically the scam works in one of two ways:

- Policies are bought from legitimate insurance companies using false information and then doctored before being sold on to customers;

- Fake policy documents designed to look like they have been issued by legitimate insurance companies are created and sold on to customers.

The consequences of buying a fake insurance policy can be the same as having no policy at all:

- Your car may be seized by police;
- You'll pay a fixed penalty notice of £300;
- You'll have to buy valid insurance and pay at least £150 to get your car back from the pound;
- You could be liable for any damage you cause while driving without insurance, which could include compensation if you injure someone.

So, how can I beat the fraudsters?

Advice from the Insurance Fraud Bureau says:

Find a legitimate broker via the BIBA website and check that your insurance adviser is on the Financial Services Register -

Beware of buying insurance policies from unusual sources such as social networks, newsagents or bars and pubs;

Check your insurer is a Motor Insurers' Bureau (MIB) member -

It's also worth bearing in mind that some of the bogus websites set up by scammers appear genuine, while others are clearly fake and are usually advertised through social media.

People should ensure websites are regulated by the Financial Conduct Authority (FCA) before handing over details or money. Report any suspicious activity to the fraud bureau on 0800 422 0421.

(1st April 2018)

(Liverpool Echo, dated 9th March 2018 author Caroline Jones)

Full article [Option 1]:

It's fair to say that keeping an eye out for scams is becoming an important part of our daily routine.

Once upon a time, many of us would recognise a scam from miles away - and we would be on the alert for the promise of too-good-to-be-true lottery wins or appeals for money which just didn't make sense.

But, now, more and more of us are on the lookout for seemingly routine e-mails, text messages and communications via social media which could have a hidden agenda lurking behind them.

And, today, Action Fraud has tweeted about yet another nasty scam which is trying to trick us - this time while we're at work. It's called spear phishing and it's important not to be fooled by it.

So, what exactly is spear phishing?

Basically, this involves fraudsters sending e-mails - which appear to be from a known or trusted sender - in order to induce targeted individuals to reveal confidential information.

In the most recent case revealed by Action Fraud, an e-mail was sent to a worker which appeared to be from a senior member of staff within the same organisation.

It said in its tweet: "Spear phishing campaign targets businesses with fake payment requests. (In this case), the spoofed e-mail purports to be from a senior staff member within the recipient's organisation and requests that a new 'faster payment' be set up.

"The attachment doesn't contain malware and the bank details are fake. It works when victims email back the criminals after unsuccessfully trying to pay. Fraudsters then get in contact and send over real bank details.

"Remember, criminals can spoof e-mail address to make it appear as though an e-mail was sent by a person or company you know.

"Ensure that your organisation has established procedures in place to verify and corroborate all payment requests."

How can I protect myself from scams like this?

Phishing, vishing and smishing scams come in the form of any website, online service, phone call or text message that poses as a company or brand you recognise.

Any contact like this is designed to convince you to hand over valuable personal details or your money, or download something that infects your computer.

This is advice from Action Fraud about how to protect yourself:

- Don't assume anyone who's sent you an email or text message - or has called your phone or left you a voicemail message - is who they say they are.

- If a phone call or voicemail, email or text message asks you to make a payment, log in to an online account or offers you a deal, be cautious. Real banks never email you for passwords or any other sensitive information by clicking on a link and visiting a website. If you get a call from someone who claims to be from your bank, don't give away any personal details.

- Make sure your spam filter is on your emails. If you find a suspicious email, mark it as spam and delete it to keep out similar emails in future.

- If in doubt, check it's genuine by asking the company itself. Never call numbers or follow links provided in suspicious e-mails; find the official website or customer support number using a separate browser and search engine.

If you think you have been a victim of fraud, you should report it to Action Fraud by calling 0300 123 20 40 or by visiting

(1st April 2018)

(Telegraph, dated 7th March 2018 author Sara Spary)

Full article [Option 1]:

WhatsApp fraudsters are targeting 'naive' young people and turning them into money mules.

New data, compiled from the National Fraud Database by not-for-profit fraud prevention body, Cifas, suggests in the past year there has there has been a "sharp rise" the number of 18 to 24 year olds being tricked into using their bank accounts to transfer the proceeds of crime.

According to the figures, there were 8,652 cases of 'misuse of facility' between January and the end of September this year, a 75 per cent rise.

Speaking to The Telegraph, Sandra Peaston, Assistant Director at Cifas, said social media was being increasingly tool used by fraudsters to convert young people into accidental money launderers - by offering them fake money making schemes or even fake job offers, and then convincing people "who don't ask many questions" to transfer money as a favour.

"The use of social media is one of the things we know is happening... be that by instant messages, or via adverts on YouTube.

Ms Peaston said they were known to be using messaging apps such as WhatsApp to communicate with would-be victims.

Cifas is launching a 'Don't Be Fooled' campaign alongside UK Finance that aims to deter young people - in particular, students - from becoming money mules.

UK Finance added: "If an offer of easy money sounds too good to be true, it probably is."

(1st April 2018)

(The Guardian, dated 6th March 2018 author Rebecca Smithers)

Full article [Option 1]:

Six people have been given jail sentences after defrauding the public out of more than £37m in one of the largest UK online crime cases brought to court.

The group set up and operated a number of "copycat websites", which impersonated official government services to sell passports, driving licences and other key documents for hugely inflated prices. The convictions and sentences followed one of the biggest investigations undertaken by the National Trading Standards eCrime Team.

The convictions and sentences were handed down following two trials - one in July 2017 and another that ended this week. The convictions and sentences relating to the July 2017 trial can only now be reported.

The individuals - who received sentences of varying lengths - are Peter Hall, Claire Hall, Syed Bilal Zaidi, Collette Ferrow, Liam Hincks and Kerry Mill, all of various addresses across the UK.

The July 2017 trial heard how the defendants set up copycat websites through the company Tadservices Limited between January 2011 and November 2014. These mimicked official websites run by 11 government agencies and departments and manipulated search engine results to appear more genuine.

Hundreds of thousands of purchasers were duped into paying more than they needed for new or replacement passports, visas, birth and death certificates, driving licences, driving tests, car tax discs and the London congestion charge.

The criminals also set up websites that mimicked the American, Cambodian, Sri Lankan, Turkish and Vietnamese official visa sites where travellers could apply and pay for electronic visas. It is believed that in addition to UK consumers, Indian, Turkish and US citizens were also defrauded.

The illegal profits funded a glamorous lifestyle for the defendants, with extravagant spending on expensive cars and luxury holidays. At one stage Claire Hall was preparing to buy a house for £1.4m in cash when the authorities intervened.

"These convictions represent an important milestone in the fight against online fraud," said Lord Harris, the chair of National Trading Standards. "This was a huge fraud and a very large number of people lost money as a result of the malicious actions of these criminals."

Handing down sentence on Tuesday, Judge Sean Morris said: "The internet is now the most frequently used marketplace. It is full of busy people in a rush who don't have time. There is a lot of money to be made by dishonest people out of the honest people who don't have time to check that a site is an official government service."

(1st April 2018)

(Penarth Times, dated 6th March 2018 author anon)

Full article [Option 1]:

People are continuing to be scammed in the Vale of Glamorgan by someone claiming to be a police detective, prompting police to reiterate their warning not to hand money over to the fraudster.

The individual masquerading as a police officer has been targeting individuals with an elaborate story, before attempting to get victims to hand over significant amounts of money.

In the past fortnight, South Wales Police has seen a marked increase in the number of people reporting calls of this nature. In Cardiff, at least eight reports were received in two days, while in the Vale of Glamorgan reports have been made on an almost daily basis. Force-wide, the number of similar reports has also increased.

In some of the instances, the victims were told their cards had been cloned or they had been victim of fraud, and they were asked to provide their bank details. During other calls, the victims were told a family member had been arrested, while others were told to visit cashpoints and draw out thousands of pounds or purchase expensive items to hand over to a 'courier' who would collect the money from their home.

In all of the cases, the person calling claimed to be a detective and was so convincing that some of those contacted handed over the money or bank details requested.

Detective Inspector Paul Raikes, said: "These scammers are extremely persuasive and convincing and are often very successful in duping people in to handing over substantial amounts of money.

"Many of this week's victims have been elderly, but the truth is anyone can be targeted by these scammers and I'd urge everyone to be on their guard and to talk to their friends and loved ones about the scams. The more awareness there is of them, the less successful these fraudsters will be. Anything suspicious should be reported to us immediately."

Detective Inspector Paul Giess, from the Economic Crime Unit, added: "While many of the victims in these cases have been elderly or vulnerable, I cannot stress enough how sophisticated and well-rehearsed these scammers are, and any one of us could fall victim to their con if we are not vigilant.

"My message to the public is simple - the police, or any other legitimate organisation for that matter - will never contact you in this manner. All calls of this nature are a scam, and the person receiving the call should hang up as soon as possible."

To minimise the risk of falling victims to fraudsters, the public are encouraged to remember these simple tips:


- Obtain details of caller including name, rank, collar number and station
- Ascertain what Police force they identify themselves as working for
- Note any contact details from caller display or via 1471 after the call has concluded
- Obtain the main force control room number from the phonebook, internet or directory enquiries service
- Terminate the call advising you will contact the force control room directly to confirm their identity and be put through to them internally. (Ring a family member first to ensure the line has disconnected from the initial caller)
- If anyone calls at your address following on from this communication please call 999


- Provide any details of bank cards, account numbers, financial circumstances or personal details
- Agree to make purchases or obtain funds from accounts to hand over to couriers
- Hand over your bank cards or account paperwork

Anyone who thinks they may have fallen victim to a scammer should report it via 101, or Action Fraud on 0300 123 2040.

(1st April 2018)

(Kent online, dated 6th March 2018 author Kentonline Reporter)

Full article [Option 1]:

A fraudster who tried to con an elderly man out of thousands of pounds was thwarted by suspicious bank staff who stopped the victim withdrawing cash.

Aaron Wiltshire, 31, of Page Crescent, Slade Green, attempted to convince the victim - aged in his 90s - that he needed to hand over money for work to his home.

Maidstone Crown Court heard a man knocked on the victim's front door in Old Perry Street, Northfleet on January 17 last year claiming to live nearby.

He said there was a problem causing his water to turn brown, and he thought it may also be affecting him.
Two days later, a different man knocked on the victim's door and claimed there was a problem with the victim's water which would require a lot of specialist equipment.

This man, later identified as Aaron Wiltshire, said it would cost around £9,000 to repair.

The victim gave the man his mobile phone number and later that day he received a call from a man discussing the repairs.

The man told the victim he would need a £3,000 deposit, and believing the man, the victim went to the NatWest bank in Gravesend to withdraw the money. But staff would not release the funds as they felt it was suspicious.

The following day, Wiltshire visited the victim's home and took him via a number of taxis to banks in Dartford to withdraw funds up to £1,700. Returning to his address, Wiltshire then told the man that he wanted more cash.

The victim told Wiltshire he had no further money and wrote out a cheque for £19,800, which Wiltshire took before leaving.

Later that night the victim was contacted by an officer at Kent Police. The victim then cancelled the cheque and his cards.

The next day Wiltshire went back to the victim's address asking why he cancelled the cheque.

The victim told him that he did not wish to go ahead with the work. The man was also told that solicitors would be contacted over the breach of contract. Wiltshire then ripped up the cheque before leaving.

Following an investigation by Kent Police, Wiltshire was identified through CCTV and was arrested and later charged with fraud.

He has now been jailed for four years after being found guilty by a jury of two counts of fraud by false representation, with an additional four weeks for breaching a suspended sentence.

The judge praised the bank staff for their actions.

Investigating officer PC Colin Bassett said: "Wiltshire preyed on a vulnerable man on numerous occasions pressurising him to hand over thousands of pounds of cash without any care for the victim.

"I'd like to echo the judge's sentiments and commend the staff at the bank for stopping the first large transaction and passing on their concerns. Had it not been for those staff then this case would have had a very different outcome and who knows where it would have stopped.

"If anyone thinks they have been a victim of fraud or believes someone they know may be being targeted then please do get in touch with Kent Police so officers can investigate fully."

(1st April 2018)

(BBC News, dated 5th March 2018 author Kevin Peachey)

Full article :

Hoards of scam letters are being seized before reaching the letterboxes of vulnerable potential victims, according to Royal Mail.

The delivery service received stinging criticism from government and campaigners after the Royal Mail logo was found on scam letters.

It prompted a series of changes which the service said had halted three million letters in just over a year.

Fake lotteries and bogus clairvoyants have used mass mail drops in the past.

The BBC has reported cases in which people have lost tens of thousands of pounds to these postal scammers.

Impounding letters

An investigation by the Daily Mail in 2016 alleged that scammers paid companies to print their scam letters in bulk.

If printed abroad, the letters were then taken to the UK where firms sorted and mass transported them to Royal Mail, which made the final delivery to people's homes. The Royal Mail logo was printed on the envelopes.

The issue led Royal Mail to be hauled before a government minister.

The service said it faced difficulties owing to the law which made it an offence to open postal items to look at the contents. Once envelopes were sealed, neither Royal Mail nor the intermediary companies delivering the mail to Royal Mail for final delivery were permitted to open them and assess the content, it said.

However, staff were trained to spot potential scam letters, and a series of new initiatives - including an industry-wide code of practice - have been launched since 2016.

Changes to terms and conditions governing bulk mail contracts in March 2017 meant Royal Mail could follow up on solid intelligence by refusing to carry mail suspected to be fraudulent.

The next month it started to contact, by Special Delivery, households receiving high volumes of scam mail, and impounded scam letters at its distribution centres before it reached the customers' letterboxes.

"We are committed to doing everything we can to stop this fraudulent material from reaching UK households," said Stephen Agar, managing director of letters at Royal Mail.

"We continue to deploy a range of different initiatives to keep one step ahead of the scammers."

The initiative does not cover electronic mail, and many con-artists have turned to email and social media to blitz potential victims with similar scams.

(1st April 2018)

(The Leader, dated 12th March 2018 author Rory Sheeham)

Full article [Option 1]:

A MAN from Wrexham has admitted his role in a £37 million copycat website fraud scam.

Six people have been sentenced to a total of more than 35 years in prison after being convicted of defrauding UK consumers out of more than £37m in one of the largest UK online crime cases.

They operated a number of 'copycat websites', impersonating official government services to sell passports, driving licences and other key documents for vastly inflated prices.

The convictions and sentences follow one of the biggest investigations undertaken by the National Trading Standards eCrime Team.

These sentences were handed down following two trials - one in July 2017 and the other in March 2018.

The convictions and sentences relating to the July 2017 trial can only be reported now due reporting restrictions which were in place.

Liam Hincks, 28, of St Albans Heights, Tanyfron, pleaded guilty before the July 2017 trial began and was sentenced to three years for his part in the multi-million pound fraud.

Hincks also pleaded guilty before the March 2018 trial and will be sentenced at a later date.

The July 2017 trial heard how the defendants set up copycat websites through the company Tadservices Limited between January 2011 and November 2014.

These sites mimicked official websites run by eleven government agencies and departments and manipulated search engine results to appear more genuine. They knowingly misled hundreds of thousands of consumers into paying more than they needed for a number of government services including new or replacement passports, visas, birth and death certificates, driving licences, driving tests, car tax discs and the London Congestion Charge.

The criminals also set up websites that mimicked the American, Turkish, Cambodian, Vietnamese and Sri Lankan official visa sites where travellers could apply and pay for electronic visas to visit those countries. In all cases the sites offered little or no additional value to consumers using them. It is believed that in addition to UK consumers Indian, Turkish and US citizens were also defrauded.

The second trial in March 2018 heard how five defendants established a series of copycat websites through the companies Online Forms Limited and AE Online Services Limited in 2014 and 2015.

These copycat websites mimicked a range of the visa application websites in countries including the United States, India, Turkey, Bahrain and Sri Lanka.

Lord Toby Harris, who chairs National Trading Standards, said: "These convictions represent an important milestone in the fight against online fraud.

"This was a huge fraud and a very large number of people lost money as a result of the malicious actions of these criminals.

"Our eCrime team, operating with finite resources, has worked tirelessly to bring these criminals to justice and I'm delighted their efforts have led to these historic convictions.

"I urge members of the public to report any copycat websites they spot to the Citizens Advice consumer service by calling 03454 04 05 06."

Mike Andrews from the National Trading Standards eCrime Team said: "This was a crime motivated by greed. This group defrauded people so they could enjoy a luxury lifestyle.

"They showed no regard for the unnecessary costs they imposed on their victims. I would say they treated them with contempt.

"I urge people to always use the GOV.UK website when looking to apply for any kind of government service such as a passport, driving licence or EHIC card.

"Search engines may seem the easiest route but searching using the GOV.UK website is the safest way of ensuring you do not fall victim to a copycat website."

(1st April 2018)

(Telegraph, dated 2nd March 2018 author Sophie Christie)

Full article [Option 1]:

As well as spelling mistakes and poor grammar, there are a number of things you can look out for to help you recognise a 'phishing' or bogus email, says HM Revenue & Customs (HMRC) in its latest guide on scams.

Thousands of taxpayers are targeted by criminals every year with bogus emails, texts, and even social media messages that can seem genuine, but on closer inspection provide clues to their falsity.

Here are the five things you should look out for if you receive correspondence purporting to be from the taxman.

1. Fake email addresses

Fraudsters typically own email addresses with names associated with HMRC, like Revenue, HMRC or gov. Here's an example of a fake email address:

Be aware that fraudsters can spoof the "from" address to look legitimate. For example: it may look like it is from '', but if you hover over the link and look at the bottom left-hand corner of your browser page, you will see the actual link that that text leads to, and that will not end with at all. If you're unsure whether the message is real, don't open it. Instead, forward suspicious emails to HMRC 's phishing team at, and wait for their guidance.

2. Offering a tax rebate or payment

Emails from HMRC will never offer you a repayment, notify you of a tax rebate, ask you to disclose personal information such as an address or bank details, or provide a non-HMRC personal email address to send a response to.

But because the taxman does offer tax rebates to customers, which can be significant sums of money, people are often lured into engaging with crooks who are promising to transfer large amounts of cash.

3. Demanding urgent action

Con artists often ask for immediate action in their emails. Be wary of messages containing phrases like "you only have three days to reply" or "urgent action required".

4. Bogus links to websites and dodgy attachments

If the email includes a link to a webpage or an attachment, be on your guard. Fraudsters often include web links that lead to pages that look like the homepage of the Revenue's website. This is to trick recipients into disclosing personal or confidential information.

Sometimes they'll even include links to actual HMRC webpages in their emails, to try and make them appear genuine.

Attachments could contain viruses designed to steal your personal information.

5. Common greeting

If an email claiming to be from the taxman begins with a general greeting, such as "Dear Sir/Madam", "Dear customer" or "Hello", rather than your name, it's highly likely to be fake.

Emails from HMRC will usually start with the recipients name and will include information on how to report phishing scams further down the page.

In 2014 almost 50 per cent of HMRC consumers reported being targeted in a phishing scam. And in 2013 customers reported more than 91,000 phishing emails to the tax agency.



This group of group of scams was compiled by the National Trading Standards team.

(The Herald / Sunday Herald, dated 3rd February 2018 author Iona Bain)

Full article [Option 1]:

Facebook has banned advertising for Bitcoin following a wave of complaints about the number of crypto-currency scams being promoted through the site.

The world's most popular social networking site said its ban will cover all adverts for "financial products and services that are frequently associated with misleading or deceptive promotional practices", with crypto-currencies and binary options cited as the main offenders.


(Llanelli Herald, dated 5th February 2018 author Jason Cooper)

Full article [Option 1]:

Love might be in the air around Valentine's Day, but Dyfed-Powys Police is urging people to be wary of who they meet on dating websites after saving potential victims from sending £52,000 to fraudsters.

The force's Financial Crime Team has offered advice to people dating online to help stop their heart - and their finances - take a bruising.

Romance fraud is where fraudsters set up fake profiles to form relationships with unsuspecting people looking for a genuine partner on dating websites. They use the site to gain your trust and ask you for money or enough personal information to steal your identity.

(Birminghamlive, 5th February 2018 author James Rodger)

Full article [Option 1]:

WhatsApp users are being warned over yet another scam doing the rounds. This is because free pairs of Adidas trainers are being used as bait by cruel scammers.
Fraudsters offering the recipient one of 3,000 pairs of free trainers in exchange for the completion of a survey.

"We are aware of the WhatsApp message that is currently circulating claiming that Adidas is giving away free footwear and would like to caution the public about believing this, as it is definitely a hoax", said Lauren Haakman, Brand Communications & PR Manager of Adidas South Africa.


(North Yorkshire Police, dated 6th February 2018)

Full article :

Police in York have urged residents to be on their guard following the arrest of three suspected rogue traders.

Neighbourhood Policing Team were alerted to the Dunnington area at 8.17am on Monday (5 February 2018) after an elderly and vulnerable resident reported she had been pressured into purchasing a new front door by men claiming to be from a reputable home improvement company.

(Kentlive, 9th February 2018 author Mary Harris)

Full article [Option 1]:

Residents have been warned about a "rude and intimidating" doorstep seller knocking on the doors of residents in Tunbridge Wells.

People who live in the town have reported a man with an "aggressive manner" who was "banging on doors" trying to sell over-priced cleaning goods, with two saying they had been sworn at when they refused to buy anything.

One householder nicknamed the sellers "Nottingham Knockers".
Trading Standards has today (February 9) issued an alert about a man selling household cleaning products door-to-door.


(Action Fraud, 1st February 2018)

Full article :

Action Fraud are warning people to watch out for fraudsters claiming to be from the Financial Ombudsman Service.

Fraudsters claiming to be from the Ombudsman are cold-calling victims and telling them they have a cheque for a large amount of money from a compensation claim. The victim is then told to buy an iTunes (or similar voucher) roughly to the value of £300 to 'release' the compensation. They then claim that a courier will collect it from their home address and that a cheque will be sent to them in the post.

The service, which deals with complaints from consumers about the financial services industry, is a free service for the public and it would never cold call households to ask for a fee in order to claim reimbursement.

(Somersetlive, dated 6th February 2018 author Liam Trim)

Full article [Option 1]:

A criminal pretending to be a Metropolitan Police Inspector almost defrauded an elderly woman out of her life savings, according to a police Twitter account.

Only the intervention of staff at a Somerset bank branch stopped a devastating fraud taking place.

(Birmingham Live, dated 7th February 2018 author Ross McCarthy)

Full article[Option 1]:

A greedy fraudster who fleeced a frail widow out of her £20,000 life savings - and used it to buy five drum kits - has been jailed.
Heartless Simon Roe also splashed out on fast food binges and video game consoles, using his housebound neighbour's cash as his "own little lottery fund".

He left the 80-year-old with just £13.33 in her account after she trusted him with her bank card to do her shopping.

(Action Fraud, dated 12th February 2018)

Full article :

Fraudsters are purporting to be from the Home Office and cold-calling victims to claim that there is a problem with their immigration status.

Fraudsters are calling victims from what appears to a genuine Home Office telephone number 0207 354 848 - which has in fact been 'spoofed'. To spoof numbers, fraudsters use software that allows them to display any number they wish on a victim's phone.

Fraudsters tell victims there is a problem with their immigration status and in order to rectify this issue, they must pay an up-front fee. They are asked to confirm personal details, such as their passport number and date of arrival in the United Kingdom. If a victim starts to question the call, the fraudsters point out the 'spoofed' number to make the request seem legitimate.


(1st March 2018)

(Daily Mail, dated 24th February 2018 author Katherine Faulkner)

Full article [Option 1]:

Conmen who targeted British pensioners with millions of letter frauds are facing court action after a Daily Mail investigation.

More than 200 scammers have been charged or served with court orders in a joint action by US and Canadian police using evidence uncovered by this newspaper's investigations unit.

One of those facing legal action, Andrew John Thomas, was caught on camera by an undercover Mail reporter boasting that he was a 'proud w****' who used his 'beautiful talent to sell this s**t to people who don't need it'. Another is his associate Patrick Fraser.

The evidence gathered by the Mail is described in court papers as proof of the pair's 'intent to defraud'. Police believe they may have run hundreds of millions of pounds worth of frauds, sending four million letters a year.

They are understood to have told their printing providers they valued having Royal Mail branding on their letters to dupe British victims into thinking they were genuine.

The developments will pile pressure on postage firms in the UK and on Royal Mail, which has launched a drive to stamp out scam letters in response to the Daily Mail's investigation in October 2016.

We revealed how conmen were using Royal Mail's bulk mail contracts with postal partners to target the elderly. In some cases they paid to use the Royal Mail logo.

Some of their letters conned vulnerable people, including dementia patients, into thinking they had won a prize they could claim by sending money. Officials believe up to £10billion is lost to such scams each year.

Court papers filed in New York by the US Department of Justice on Thursday cite evidence gathered by the Daily Mail that Thomas and Fraser were directors of a mail fraud scheme to defraud the elderly.

They used eight shell companies, rented mailboxes and cross-border couriers to hide their activities, the US Department of Justice alleges.

The pair have now been banned from sending further mass mailings pending an investigation by the department. Criminal charges have not yet been brought against them, but sources said they could later be charged with mail fraud.

The hundreds of scammers targeted by the action are accused of defrauding more than a million elderly people globally out of more than £600million. More than 200 have been charged and civil actions brought against dozens more.

The Daily Mail's exposé came after reporters infiltrated a conference at a ski resort in Canada where scammers met to trade 'suckers lists' with names and addresses of those considered susceptible to fraud.

They boasted of 'ripping off suggestible' victims and of using Royal Mail's discounted bulk postage rates to send letters to the UK. This also allowed them to have Royal Mail branding on envelopes.

Royal Mail said last night it was 'working with industry partners and law enforcement agencies to tackle this issue even more vigorously'.

Since its crackdown in 2016, more than three million fraud letters have been stopped before delivery.

(1st March 2018)

(Daily Express, dated 20th February 2018 author Tom Gillespie)

Full article [Option 1]:

CONVINCING copy-cat websites which mimic those of big legitimate pensions and savings firms are leaving Brits just one click away from losing their entire lifesavings to fraudsters.

Criminals have been impersonating legitimate companies such as Halifax and Vanguard Asset Management to target people with savings to invest or with access to their pension - and they are raking in £500,000-a-day from victims.

So-called clone fraud investigations have almost doubled in the past year, and pensioners are especially at risk, the Financial Conduct Authority (FCA) said.

The body, the City's chief watchdog, has said some victims have lost out on hundreds of thousands of pounds. Official figures sourced by The Times show that nearly £200million has been stolen by "investment fraudsters" in the last year.

The paper reports that the figure is thought to grossly underestimate the seriousness of the problem, citing the fact many victims will be too embarrassed to report the crime.

Some victims have been tricked out of more than £250,000.

The FCA has looked into 157 attempts of fraudsters imitating companies over the past year - a huge rise from the 90 attempts recorded in 2015.

Each cloned company is thought to have been likely to have targeted thousands of savers.

The gangs typically cold-call investors to promote property, shares or other non-existent opportunities.

The scale of the problem is likely to fuel further calls for a ban on pensioner cold-calling.

Con artists have been targeting elderly savers ever since pensions freedoms introduced in 2015 allowed anyone over 55 to gain early access to their retirement pots.

The oldest reported victim of investment fraud is 98, while the average age is 61, according to City of London police.

Ministers vowed last week to ban pension cold-calling so that if an old person is called they know it is a fraudster.

It has not been made clear how the law would be rolled out.

The FCA says that clone fraudsters use the name, address and registration number of established businesses.

They then give their own phone number, address and website details to victims.

The website details will often link to a copy of the actual company's page.

Subtle changes will have been made, such as an altered phone number.

The cruel fraudsters have even faked the watchdog's website to include their own contact details rather those of a genuine company.

Last year a con-artist pretended to be a top fund manager at JO Hambro Capital Management, and went on to persuade a victim to invest £100,000.

The unnamed victim, told they were investing in Barclays bonds, never saw his cash again.

The FCA is said to issuing a warning on its website every other day about a cloned firm.

The watchdog said clone fraudsters are tough to tackle because they operate from outside the UK.

Their British addresses are said to be fake and the bank accounts they use are usually based abroad.

The FCA has also warned about a pension review scam.

Investors are phoned out of the blue and are offered a free pension review designed to encourage them to move money into high-risk or fake investment schemes.

FCA spokesman Tim Matthews said: "Fraudsters use sophisticated methods to get hold of your cash - this can include cloning a legitimate firm. If you're buying a financial product such as a loan, insurance, investment or pension, only deal with an FCA-authorised firm."

###How can you protect yourself?

If you are uncertain about a firm that has contacted you, be sure to check the FCA's online registers.

The authority says the investor should sued the details on the register to contact the firm, rather than information provide by the person who has phoned you.

The FCA added that you should only access their register from its website, and not through links provided by anyone else.

(The Times, dated 19th February 2018 author Andrew Ellson)

Full article [Option 1]:

Savers are being tricked out of half a million pounds every day after a surge in criminals targeting British pension riches, The Times can reveal.

People with nest eggs to invest, including those with new freedoms to access their pensions, are falling for well-resourced foreign fraudsters impersonating the identities of legitimate companies.

Investigations into "clone fraud" have almost doubled over the past year, according to the Financial Conduct Authority (FCA), the City's chief watchdog, with some victims losing hundreds of thousands of pounds.

The finding comes as official figures obtained by The Times show that almost £200 million has been stolen by investment fraudsters over the past year, although this is thought to grossly underestimate the true scale of the problem.

(1st March 2018)

(Telegraph, dated 24th February 2018 author Martin Evans)

Full article [Option 1]:

Organised criminals and fraudsters are stealing the identities of dead people in order to get cheaper car insurance, it has emerged.

Unscrupulous motorists with poor driving records are increasingly targeting the deceased, in order to take advantage of more attractive premiums.

Police technology also means it is now very difficult to drive around in an uninsured vehicle without being detected, so having some sort of cover is usually vital to avoid unwanted attention.

Driving a vehicle that is insured in a dead person's name also means there no chance of the scam being discovered by the victim.

It is feared organised criminals and even terrorists, could take advantage of the scam, in order to move around on the roads undetected.

The widow of former Tory Minister, Ian Sproat, has described how she realised his identity had been stolen when she received a letter saying he was being prosecuted for speeding, six years after his death.

Judith Sproat, 80, said: "The first I knew of this was in August last year when I received a letter from an insurance company asking for bank details to renew Ian's insurance. He had died in 2011 and so of course I knew it was a mistake.

"Then in January this year I received a letter from South Yorkshire Police, again addressed to my husband, containing a Notice of Impending Prosecution for a speeding offence committed on 1 September 2017.

"The police explained they had obtained my late husband's name and address from the car number plates of the speeding vehicle."

Mrs Sproat contacted both the insurer and the police to inform them of the situation but was simply told to report it to the National Fraud Intelligence Bureau. And while she cannot be held liable for any financial penalty incurred in the scam, she is angry that her law abiding husband's name, has been used as part of a criminal enterprise.

She said: "There could be many motives for this identity theft, from the fairly simple one of wanting to gain benefit of a no claims bonus, the more sinister ones of a fraudster being banned from driving, or a career criminal wishing to avoid detection, or even to a terrorist with the same idea."

Mrs Sproat added: "Of course I have no means of knowing if my late husband's identity theft relates only to car use. If it has been used in other ways I daresay I will find out in time."

Last month the Sunday Telegraph reported on the growth of a worrying phenomenon known as Ghost Broking, where fraudsters sell fake insurance policies to drivers desperate to find a good deal.

But experts at the Insurance Fraud Enforcement Department (IFED) at the City of London Police admitted they have no idea of the scale of identity theft involving car insurance, because so few cases have been reported.

This could be because it is still not widespread, but it could also be because the families of those dead people being targeted are simply unaware.

A spokesman for the City of London Police said: "False addresses are used to get cheap insurance as they are often taken out using low risk postcodes.

"We have often seen that this type of fraud can facilitate organised crime gangs with insuring their vehicles so they don't come to the notice of police and also obtain cheaper policies."

Colin Jemide, and adviser with IFED said: "There is so much information available online these days that identity fraud is obviously a danger. There could be all sorts of reasons why someone would seek to use somebody else's details when getting car insurance.

"In order to prevent this sort of thing happening it is important to carefully check all letters you receive in the post from insurance companies and not assume they are junk mail.

"If you receive documents for someone with no connection with your address contact the company's fraud department immediately and report it."

(1st March 2018)

(London Evening Standard, dated 23rd February 2018 authors Jonathan Prynn and Barney Davis)

Full article [Option 1]:

A string of City bosses have fallen victim to a "slick" £1 million rugby tickets scam after paying for fake Six Nations corporate boxes at Twickenham.

Dozens of senior executives said they were left feeling "like mugs" when they learned that the corporate hospitality packages they had paid up to £12,000 each for did not exist.

A company calling itself Elite Sports Hospitality targeted senior business figures with offers of "half-price" boxes at sell-out rugby fixtures including last week's clash between England and Wales and likely decider England v Ireland on March 17, St Patrick's Day.

The Oxford-based firm sent emails detailing packages for up to 20 people in a "glass-fronted private box" in the ground's East Stand costing between £8,700 and £12,240 including VAT.

The deals promised a champagne reception, four-course lunch with "fine wines", a complimentary bar and "post-match savoury selection".

However, rugby fans who transferred money to the company's HSBC account received emails at the start of February signed by a "Delroy Forgah" telling them that their "booking will no longer be going ahead" after a "mix-up".

The email went on to ask for bank details as "a full refund will be offered on the package purchased". But when victims tried to contact Elite Sports Hospitality, emails bounced back and phone lines were dead.

As many as 80 executives are believed to have fallen victim, handing over hundreds of thousands of pounds and possibly as much as £1 million.

One target, Patrick Goodwin, head of a City financial recruitment firm, who booked a box at the Irish game, said: "I received the first email approach in September last year. It all seemed above board, they had a slick website, they checked out on Companies House.

"I must have spoken to them six to eight times about details such as dietary requirements, parking and the itinerary - they were genuinely nice people, it was incredibly well done.

"I've been in business over 20 years and I've never been scammed before. I like to think I'm pretty streetwise. If I can get ripped off then anyone can get ripped off."

He said when he contacted Elite Sports Hospitality's address he was told the company had moved out without paying its bill.

Another victim Glyn Heatley, of Clerkenwell-based data services group Cervello, who also paid for a box at the Ireland game, said: "It's not just the financial aspect of it, I feel like a mug.

"We had to go back and tell clients it's a scam, it was a bit embarrassing and we've been the butt of many jokes."

A third, Mark Cardy of financial adviser Skerritt, said: "I thought £500 a head for a slap-up lunch at Twickenham on St Patrick's Day was pretty good value. I was super-excited. Now I've had to confess I've been a bit of a numpty. I feel pretty gutted, annoyed, frustrated and stupid really."

The website for Elite Sports Hospitality lists its parent company as Elite Direct Advertising and Marketing Ltd. Documents at Companies House lists that company's sole director and shareholder as Dunstable-based businessman Jermaine Daley.

Mr Daley told the Standard he sold the company to Mr Forgah for £1 in December last year and knew nothing about the scam.

The Standard was unable to contact Mr Forgah. The scam is being investigated by Bedfordshire Police.

A spokeswoman for Bedfordshire Police said: "We have received reports that more than 80 victims have been defrauded out of hundreds of thousands of pounds in total after hospitality packages were offered to businesses for various high profile rugby events. Payment was requested by bank transfer, but the victims never received the tickets.

"We are investigating the web company which offered the packages. Our advice to stay safe online is always be suspicious if a website asks you to make a bank transfer instead of paying by card. "

Dan Hyde, a partner at law firm Pennington Manches, which is advising several of the victims said: "This type of fraud is pernicious and highly effective.

"The perfected fraudulent email can be copied and pasted or forwarded repeatedly.

"Company details and sales language give a veneer of authenticity and reassurance to the unsuspecting victim. Like many such scams it urges speed to avoid missing the cut price bargain by making early payment.

"We would ask anyone who has been a victim to get in touch urgently"

(1st March 2018)

(Action Fraud, dated 20th February 2018)

The National Fraud Intelligence Bureau (NFIB) has seen an increase in recent weeks in the volume of CEO Fraud reports whereby schools are the targeted victim. This has resulted in substantial financial losses for several schools that have fallen victim to this type of fraud.

A school is targeted by a fraudster who purports to be the Head Teacher / Principal. The fraudster contacts a member of staff with responsibility for authorising financial transfers and requests for a one off, often urgent, bank transfer to be made. The amounts requested have been between £8,000 and £10,000.

Contact is made by email and from a spoofed / similar email address to the one the Head Teacher / Principal would use.


- Ensure that you have robust processes in place to verify and corroborate all requests to change any supplier or payment details. Get in touch with the supplier (or internal colleague) directly, using contact details you know to be correct, to confirm that a request you have received is legitimate.

- All employees should be aware of these procedures and encouraged to challenge requests they think may be suspicious, particularly urgent sounding requests from senior employees.

- Sensitive information you post publicly, or dispose of incorrectly, can be used by fraudsters to perpetrate fraud against you. The more information they have about you, the more convincingly they can purport to be one of your legitimate suppliers or employees. Always shred confidential documents before throwing them away.

- Email addresses can be spoofed to appear as though an email is from someone you know. If an email is unexpected or unusual, then don't click on the links or open the attachments. Staff should not be allowed to check emails or use the internet with administrator accounts.

If you have been affected by this, or any other type of fraud, report it to Action Fraud by calling 0300 123 2040, or visiting

(1st March 2018)

(The Telegraph, dated 9th February 2018 author Telegraph Reporters)

Full article [Option 1]:

A wedding boutique was caught selling fake "hand-made" dresses when brides spotted the "made in China" labels, a court heard.

Melanie Bishop, 36, and her 60-year-old mother Patricia tricked 13 brides into thinking they were buying bespoke gowns.

A court heard the pair advertised hand-made bridal dresses costing up to £1,000 from a workshop in Wales.

Brides first found out they had been duped when they spotted "made in China" labels on their dresses and launched a campaign to get their cash back.

But Bishop quickly shut up shop, leaving more than 100 other brides worried they would be left without their dresses.

Both women now face possible jail sentences after pleading guilty to 18 counts of "engaging in unfair commercial practice" after brides complained to consumer watchdogs.

Before she was charged with fraud, Bishop spoke about the "hellish nightmare" that led to close her bridal boutique Anna Sara Bridal in Newport, South Wales.

One bride Nichola Pakau, 34, said: "It has been an awful experience. It has affected my home life and work life."

Another bride's mother, 55-year-old Kim Burroughs, said: "You expect everything to be perfect for your daughter's wedding. I didn't expect this."

The Bishop mother and daughter pleaded guilty at Cardiff Crown Court to 18 counts of engaging in unfair commercial practice between March 2015 and April 2016.

Melanie Bishop claimed her customers should have known their dresses from £700 to £1,000 were manufactured in China and said she was the victim of a campaign of "abuse and lies".

Speaking at the time the boutique was closed, she said: "It's not that we set out to deliberately mislead people, that's not it. When I said our dresses were all our own designs that was true.

"The only thing I could have done differently was be explicitly clear about the origins of the dresses, but so many shops outsource their materials and labour from China. It's not uncommon and I never hid it. I left the made in China labels in."

But an investigation by Newport Trading Standards ended with Bishop and her mother being charged with fraud. The court heard they accepted claiming they had designed and made the dresses themselves.

The pair pleaded guilty to failing to inform customers the wedding dresses were actually made in China, falsely stating they would be made in their local workshop.

Melanie and Patricia Bishop admitted their behaviour was likely to distort the behaviour of the average consumer.

Judge Patrick Curran QC told them he will not be the sentencing judge and warned them: "All appropriate sentencing options are open."

Both women, of Oakdale, near Blackwood, South Wales, were granted bail ahead of their sentencing in March.

(1st March 2018)

(Action Fraud, dated 5th February 2018)

Full article [Option 1]:

- City of London Police's Insurance Fraud Enforcement Department launches campaign to raise awareness of fraudsters selling fake car insurance and warn motorists to 'Steer Clear of Fraud'

- Over 850 reports of ghost broking have been reported to Action Fraud in last three years, with reported losses from individuals and organisations totalling £631,000

- Individual victims of ghost brokers lose on average £769

- Ghost brokers typically target men in their 20s, using social media

The City of London Police's Insurance Fraud Enforcement Department (IFED) has launched a national awareness campaign today (Monday 5 February 2018) to warn motorists about the dangers of buying fake car insurance from fraudsters, also known as 'ghost brokers', who are potentially leaving thousands of unsuspecting victims driving without insurance.

Extent of the problem

From November 2014 to October 2017, Action Fraud received more than 850 reports linked to ghost broking, with reported losses for both individuals and organisations totalling £631,000. On average, each individual victim lost £769 from this type of fraud.

Of these reports, 417 resulted in action being taken against the offenders by IFED following their investigations into ghost broking over the past three years, which included a man who set up 133 fake policies, a teenage ghost broker who was sentenced to jail and a man who made £59,000 from ghost broking.

However, it is thought that the true number of ghost broking victims may be much higher than this figure, as some motorists may be driving on the roads right now unaware that their policy is fraudulent. It is only when they are stopped by police or attempt to make a claim will they find out that they don't have genuine cover.

This leads police to believe that ghost broking is actually being under reported each year due to the way ghost brokers deceive motorists into thinking they have legitimate insurance, when in fact it's worthless.

What is ghost broking?

Ghost broking is the name given to a tactic used by fraudsters who sell fraudulent car insurance by a number of different methods. They typically carry out the fraud by one of three ways: they will either forge insurance documents, falsify the driver's details to bring the price down or take out a genuine policy, before cancelling it soon after and claiming the refund plus the victim's money.

It is a legal obligation to have valid car insurance and without it victims will experience the severe harm caused by ghost broking, including:

- Points on their driving licence
- Vehicle seizure and possible destruction of it
- A fixed penalty notice
- Costs to retrieve impounded vehicle
- Liable for claims costs if involved in an accident

This is on top of the money motorists will have lost buying the invalid car insurance and the money they will have to spend to then buy a legitimate insurance policy.

IFED analysis into the ghost broking reports reveals that men aged 20-29 are most likely to get targeted and that the most common method ghost brokers will use to make initial contact with people is through social media, particularly Facebook and Instagram. Other contact methods include adverts in newspapers and magazines, cold calls and being introduced, either directly or by friends, family members or work colleagues.

Stay safe when buying car insurance

In light of these worrying figures, IFED is encouraging drivers to be wary of heavily discounted prices on the internet or cheap prices they're offered directly for car insurance, as they may well be ghost brokers.

IFED is issuing the following advice and tips to help drivers avoid falling victim to ghost brokers:

• Trust your instincts - if an offer looks too good to be true, then it probably is.

• Ghost brokers often advertise on student websites or money-saving forums, university notice boards and marketplace websites. They may also try to sell insurance policies in pubs, clubs or bars, newsagents and car repair shops.

• Be wary of ghost brokers using only mobile phone or email as a way of contact. Ghost brokers have even been reported using messaging apps, including WhatsApp, Snapchat and Facebook. Fraudsters don't want to be traced after they've taken your money.

• If you are not sure about the broker, check on the Financial Conduct Authority or the British Insurance Brokers' Association website for a full list of all authorised insurance brokers.

• You can also contact the insurance company directly to verify the broker's details.

• You can check to see if your car is legitimately insured on the Motor Insurance Database website.

Detective Chief Inspector Andy Fyfe, Head of the City of London Police's Insurance Fraud Enforcement Department, said:

"Ghost brokers trick unsuspecting victims with offers of heavily discounted car insurance, leaving them with a policy that isn't worth the paper it's written on and open to the severe harm that comes with driving without valid insurance. Being able to drive is vital for a lot people, whether it be to get to work or pick up their children from school or nursery, so if they fall victim to a ghost broker it could not only impact on them financially but also seriously affect their day to day life and make things very difficult.

"As well as the personal harm experienced by victims, ghost brokers also cause financial harm to the insurance industry, driving up the cost of insurance premiums for all motorists.

"While an offer of cheap car insurance may seem tempting, falling victim to ghost broking will end up costing you far more in the long run - both in terms of money and your licence."

(1st March 2018)

(Mailonline / This is money, dated 1st February 2018 author Lee Boyce)

Full article [Option 1]:

Drivers should beware a text message scam which attempts to scare people into revealing personal information.

The message, which even appears to have the logo, reads: 'FINAL REQUEST: 'DVLA Swansea have been trying to contact you, Click below for more information.'

A This is Money reader contacted us to warn about a text message scam and the link in the message may trick people as it has as part of the URL, which in a snap moment may convince them to click on it.

Additionally, many will be worried that they may be in trouble with the organisation, which is indeed based in the Welsh city of Swansea.

However, the DVLA has previously warned that it doesn't send text messages with links to websites asking to confirm personal details or payment information.

The phony website may also include a range of nasties, including malware, a type of virus that lurks in your device to steal information, such as bank log-in details.

The reader, named April, says she would usually discard contact like this, but was almost tricked as she knew her car tax was due for renewal this week - and she has also signed up on the for its reminder service.

It is not clear whether this is a targeted attempt to dupe her with the knowledge that her car tax is due - or whether scammers are just using a scattergun approach.

Also in the URL is the words tax disc. Although abolished in 2014, many still associate vehicle excise duty, widely known as car tax, with the old paper disc.

The DVLA says that some members of the public have received e-mails, texts and telephone calls claiming to be from the agency.

Links to a website mocked up to look like a DVLA online service are sometimes included in the message, as highlighted in this case.

It adds: 'The Government, led by Cabinet Office's Government Digital Service, will continue to investigate reports of organisations which may be actively misleading users about their services or acting illegally, taking swift action when necessary.

'By using the online driving licence or vehicle tax transactions on GOV.UK you can be sure that you are dealing directly with DVLA.'

On social media website Twitter, This is Money found plenty more examples of the scam - with one claiming the domain is registered in Panama, while the DVLA says it is currently investigating:

Last summer, the DVLA revealed e-mails that been sent to people, which had a link to a 'secure web form' that's designed to collect personal information from unwitting recipients.

The correspondence targeting motorists says: 'We would like to notify you that you have an outstanding vehicle tax refund of £239.35 from an overpayment, request a refund.'

The email looks legitimate and includes the DVLA's existing logo and fonts - something that could dupe many motorists into sharing their personal data.

(1st March 2018)

(Action Fraud, dated 7th February 2018)

Fraudsters are attempting to entice victims who are looking for cheap flights abroad.

Victims have reported booking tickets via websites or a "popular" ticket broker, only to discover that after payment via bank transfer or electronic wire transfer, the tickets/booking references received are counterfeit. In some cases, all communications between the company or broker and the victim have been severed.

Fraudsters are targeting individuals who are seeking to travel to African nations and the Middle East, particularly those wishing to travel in time for popular public and religious holidays.

Prevention Advice:

- Pay safe: Be cautious if you're asked to pay directly into a private individual's bank account. Paying by direct bank transfer is like paying by cash - the money is very difficult to trace and is not refundable. Wherever possible, pay by credit card or a debit card.

- Conduct research on any company you're considering purchasing tickets from; for example, are there any negative reviews or forum posts by previous customers online? Don't just rely on one review - do a thorough online search to check the company's credentials.

- Check any company website thoroughly; does it look professional? Are there any spelling mistakes or irregularities? There should be a valid landline phone number and a full postal address so that the company can be contacted. Avoid using the site if there is only a PO Box address and mobile phone number, as it could be difficult to get in touch after you buy tickets. PO Box addresses and mobile phone numbers are easy to change and difficult to trace.

- Be aware that purchasing tickets from a third party, particularly when initial contact has been made via a social media platform can be incredibly risky.
If tickets to your intended destination appear cheaper than any other vendor, always consider this; if it looks too good to be true, it probably is!

- Look for the logo: Check whether the company is a member of a recognised trade body such as ABTA or ATOL. You can verify membership of ABTA online, at

If you have been affected by this, or any other type of fraud, report it to Action Fraud by calling
0300 123 2040, or visiting

(1st March 2018)



Some scams only appear to be reported in certain geographic areas, but that doesn't mean the scammers can't move onto another area. Or, crooks in your locality have their own " dodgy brainwave" !

(Global News, dated 24th January 2018 author Greg Davis)

Full article [Option 1]:

uaware comment : Yes, there is a Peterborough in California, USA !

The Peterborough Police Service is warning residents about the so-called "death threat" email scam now circulating in the Peterborough area.

The scam involves an email stating that sender has been hired by someone the email recipient knows to "remove you" and that the only way to save your life is to pay thousands of dollars in Bitcoin.

Police say the email sender may also indicate they've done research on the recipient and will make a "final offer" before retiring after being a hit man.

"He then states he will give the victim the name of the individual who paid for the hit if the victim sends him $2,000 in Bitcoin currency," said police spokesperson Lauren Gilchrist. "The sender will then give the victim all other evidence needed for police to prosecute the individual who paid for the hit. The sender tells the victim that they have three days to send the money."

Police say they've received complaints about the email.

"We urge residents to ignore and delete these emails," said Gilchrist.

They also advise to not respond to any unsolicited emails and to not send money, virtual currency or otherwise to someone you don't know or have never met. They also advise to never provide personal information for another person to use.

Police warn that the way in which money is sent via Bitcoin is completely anonymous and not traceable.

"If the victim does send the money, the police are not able to investigate beyond taking a report," stated Gilchrist.

(Andover Leader, dated 18th January 2018 author Grant Merrill)

Full article [Option 1]:

###uaware comment : Yes, there is an Andover in the Kansas, USA.

ANDOVER- A number of area banks have reported that their customers are being targeted by phishing scams. At least two financial institutions sent messages this week over social media that indicated that there were problems with unscrupulous people trying to gain money in an illegal manner.

Meritrust Credit Union reported that some of their customers were among those who were victims:

"Attention members: if you receive a suspicious text message appearing to be from Meritrust that asks for you to call with your debit card number, please be advised this may be a phishing attempt. Meritrust will never contact you in attempt to obtain sensitive information. We advise that you do not respond or provide any information, but instead contact us at 800.342.9278 immediately to confirm its validity."

Capitol Federal also said they had problems reported to them as well:

"Please be aware, there is a new text message phishing scam in the area. This specific phishing attempt sends a text message to mobile phone users indicating that unusual activity has occurred on their account. The phone number could appear to come from a local area code. Please do NOT call this number or provide any personal information. This is not a message from CapFed®. For more information on this scam and other phishing help, please visit:"

(Evening Telegraph, dated 19th January 2018 author Reporter)

Full article [Option 1]:

Police have issued a warning to the public following a vishing - voice phishing - scam that resulted in a man losing £29,000.

The incident involved scammers cold-calling a 50-year-old man from the Cupar area last Thursday.

They pretended to be from his bank using software that made it appear as if they were calling from an official number and claimed his account had been compromised.

The man was then convinced to transfer his money into another account for safekeeping, which resulted in the loss.

Officers have issued a warning to the public about the vishing scam and are investigating it through Operation Principle, Fife Division's response to acquisitive crime.

Detective Chief Inspector Scott Cunningham, the lead for Operation Principle, said: "These scammers claim to be from legitimate organisations and try to frighten or pressure people into revealing personal details or banking information.

"Never give such information or transfer money to an unexpected caller and, although anyone can fall victim to this, please warn elderly or vulnerable friends or relatives in particular to be wary this type of scam.

"If you receive such a call, advise the caller that you will contact the company on your own terms and hang up immediately.

"Find the organisation's phone number from its official website or a previous correspondence and call them back yourself, always on a different phone, to verify it."

(Birmingham Live, dated 5th January 2018 author Alex Keller)

Full article [Option 1]:

Staffordshire Police are warning people across the county to be on their guard against fraudsters intent on scamming residents out of their hard-earned cash.

Bogus cold callers pretending to be police officers have been targeting potential victims with the intention of obtaining personal or financial information - and money.

A spokesman for Staffordshire Police said: "Victims have received a phone call from a fraudster who tells them they are speaking to a police officer from Greater Manchester Police and that they need them to assist in an undercover investigation.

"Victims are requested to withdraw cash from their bank accounts which is then collected by a courier later that day."

Detectives have issued this advice:

- The police or your bank would never ask someone to aid an investigation by withdrawing or transferring money.

- Never give out or confirm personal and/or financial information to anyone over the phone.

- If you receive one of these calls, hang up immediately and - especially if the caller has stated they are coming to collect the money - call police on 101.

- You can also call Action Fraud on 0300 123 2040 or Crimestoppers on 0800 555111.

(Liverpool Echo, dated 4th January 2018 author Kate McMullin)

Full article [Option 1]:

Vulnerable people who are living alone are being targeted by fraudsters claiming to be from BT.

The police have received reports of two men knocking on doors of houses in the Merseyside area in an attempt to gain entry.

The men claim to be from BT and then tell the occupier that they need access to their property immediately to fix a phone line problem.

However police have warned that these two men do not represent BT and have no ID cards on them and appear to be targeting vulnerable people who are living alone.

Police have also said that the men are pushing cards through the doors of houses, stating the time that they will return.

A spokesman for said: "Please make your loved ones aware and remind them that they do not need to let strangers in to their house.

"People may claim to be from any number of utility companies or other organisations but the advice is always the same - ask for ID, and if in doubt, call the company which they claim to represent.

"Don't call any phone numbers they give you themselves.

"If you are unsure never let them in and always use a door chain if you have one.

"If you have someone trying to gain entry to your property, you can call us on 999, or report any other suspicious sightings on 101."

On its website BT has a list of tips for customers on 'common doorstep scams and how to deal with them'.

###The list reads:

-Always check a charity is genuine before making a donation. The same goes for the person claiming to be from the charity.

-Think about whether you want or need anything the visitor is offering.

-Make sure the visitor properly identities him/herself and the company they represent. Keep a note of these details to check out.

-Don't feel pressurised to sign up for a service or pay for goods straight away. Get more quotes for jobs that need doing and compare prices for goods that a salesperson claims to be a bargain.

-Do your homework before going ahead with improvements or repairs.

-Always get a quote made in writing, with a full breakdown of the costs including VAT before allowing any work to start.

-Be wary of people offering a one-time only price for agreeing to transactions on the spot.

-If you can pay for goods and services over £100 on a credit card, you'll get protection under Section 75 of the Consumer Credit Act, which makes the credit card provider equally liable with the salesman or tradesman.

-Resist paying for work upfront before it has been completed. Only pay once you are happy with a job or set a strict timetable of payments for longer jobs.

-You should install a peep hole to check who's at your door before opening it, plus a safety chain is also a good idea to ensure no one can force their way into your home.

(East Lothian Courier, dated 20th December 2017)

Full article [Option 1]:

EAST Lothian residents are being warned of a phone scam involving iTunes gift cards.

HM Revenue and Customs (HMRC) has issued a warning about a high-profile phone scam that is conning vulnerable and elderly people out of thousands of pounds.

The scammers are preying on victims by cold calling them and impersonating an HMRC member of staff.

They tell them that they owe large amounts of tax which they can only pay off through digital vouchers and gift cards, including those used for Apple's iTunes Store.

Victims are told to go to a local shop, buy these vouchers and then read out the redemption code to the scammer, who has kept them on the phone the whole time.

The conmen then sell on the codes or purchase high-value products, all at the victim's expense.

The scammers frequently use intimidation to get what they want, threatening to seize the victim's property or involve the police.

The use of vouchers is an attractive scam as they are easy to sell on and hard to trace once used.

HMRC said they would never request the settling of debt through such a method.

The scam continues to hit a large number of people. Figures from Action Fraud, the UK's national fraud reporting centre, show that between the beginning of 2016 and August this year there have been more than 1,500 reports of this scam, with the numbers increasing in recent months.

The vast majority of the victims are aged over 65 and suffered an average financial loss of £1,150 each.

HMRC says it is working closely with law enforcement agencies, Apple and campaign groups to make sure the public know how to spot the scam and who to report it to.

Angela MacDonald, HMRC's director general of customer services, said: "These scammers are very confident, convincing and utterly ruthless.

"We don't want to see anyone fall victim to this scam just before Christmas. That's why we're working closely with crime fighters to ensure taxpayers know how to avoid it.

"These scams often prey on vulnerable people. We urge people with elderly relatives to warn them about this scam and remind them that they should never trust anyone who phones them out of the blue and asks them to pay a tax bill.

"If you think you've been a victim you should contact Action Fraud immediately."

Gary Millner, chief executive of Tax Help for Older People, said: "Tax Help for Older People fully support HMRC in tackling this particularly wicked scam.

"We have taken too many calls from people who have fallen foul of it.

"The amounts of money lost are significant for some and the feelings of helplessness, violation and embarrassment are immense."


(27th February 2018)

(Action Fraud, dated 31st January 2018)

Action Fraud has recently experienced an increase in the number of calls to members of the public by fraudsters requesting payments for a "phantom" debt. The fraud involves being cold-called by someone purporting to be a debt collector, bailiff or other type of enforcement agent. The fraudster may claim to be working under instruction of a court, business or other body and suggest they are recovering funds for a non-existent debt.

The fraudsters are requesting payment, sometimes by bank transfer and if refused, they threaten to visit homes or workplaces in order to recover the supposed debt that is owed. In some cases, the victim is also threatened with arrest. From the reports Action Fraud has received, this type of fraud is presently occurring throughout the UK.

It is important to recognise that there are key differences between the various entities who seek to settle debts or outstanding fees in England and Wales. These differences range from the type of debt they will enforce to the legal powers they possess. To learn more, please take a look at some of the helpful information and links on the Step Change Debt Charity website :

Protect Yourself

- Make vigorous checks if you ever get a cold call. Bailiffs for example, should always be able to provide you with a case number and warrant number, along with their name and the court they are calling from; make a note of all details provided to you.

- If you receive a visit from a bailiff, they must always identify themselves as a Court Bailiff at the earliest possible opportunity. Ask to see their identity card which they must carry to prove who they are, this card shows their photograph and identity number. They will also carry the physical warrant showing the debt and endorsed with a court seal.

- If you work for a business and receive a call or visit, be sure to speak with your manager or business owner first. Never pay the debts yourself on behalf of the business you work for; some fraudsters have suggested employees make payment suggesting they can then be reimbursed by their employer when in reality the debt is non-existent.

- Exercise caution believing someone is genuine because you've found something on the internet; fraudsters could easily create fake online profiles to make you believe them.

- Double check with the court, company or public body they claim to work for to confirm whether the call is legitimate; if you use a landline make sure you hear the dialling tone prior to dialling as the caller could still be on the line and you could potentially speak to the fraudster(s) to confirm the non-existent debt. Also be sure to independently search for a telephone number to call; never use a number provided by the caller without carrying out your own research.

- Do not feel rushed or intimidated to make a decision based on a phone call. Take five and listen to your instincts.

- If you know you have a debt, keep in regular contact with your creditor and be sure to establish the debt type at the earliest opportunity if you are not aware. This will help you to understand who might be in contact with you regarding any repayments or arrears.

You can report suspicious calls like these to Action Fraud by visiting or by calling 0300 123 2040.

(27th February 2018)

(International Business Times, dated 26th January 2018 author Jason Murdock)

Full article [Option 1]:

HM Revenue and Customs (HMRC) says it has stopped thousands of taxpayers from receiving scam text messages in the past year, but security experts warn the public is still at risk.

The agency is working to raise awareness of potential fraud ahead of the self-assessment deadline of 31 January, a period when scammers will be out in force. Officials stressed that they will never contact customers who are due a tax refund by text message or by email.

Digital fraudsters posing as HMRC send text messages to unsuspecting members of the public and make false claims, such as suggesting they are due a tax rebate.

Messages will usually include links to websites which harvest personal information or spread malware.

Ultimately, this can lead to identity fraud and the theft of people's personal savings via further cyberattack.

Reports of this type of fraud have quickly increased in volume over the last few years, HMRC said. It noted that text message based scams are highly effective because they can appear to be legitimate. For example, texts can display 'HMRC' as the sender rather than a phone number.

HMRC began a pilot in April 2017 to combat these messages, using new technology to identify fraud texts with 'tags' that suggest it's from HMRC and stops them from being delivered.

Since the pilot began, there has been a 90% reduction in customer reports around the spoofing.

The initiative helped reduce reports of these scams from over 5,000 in March 2017, before the new programme was introduced, to less than 1,000 in December 2017. In the last 12 months, HMRC said that it successfully removed 16,000 malicious websites linked to phishing attacks.

"As email and website scams become less effective, fraudsters are increasingly turning to text messages to con taxpayers," said HMRC customer services director Angela MacDonald. "But as these numbers show, we won't rest until these criminals are out of avenues to exploit."

Working overtime

The department is working alongside the UK's National Cyber Security Centre (NCSC). Experts told IBTimes UK fraudsters will likely be working overtime as the tax deadline approaches.

"Scams and fraud always spike around large events such as holidays and tax season," said Lane Thames, senior security researcher at Tripwire. He added: "It's nice to see organisations such as HMRC implementing technologies to reduce the spread of scam-based messages.

"However, technology can never stop all malicious activities and messages. As such, individuals must, unfortunately, stay mindful and vigilant when using digital services.

"When in doubt, simply look up the organisation online or make a call to verify the claim (do not use the contact information that was delivered to you).

"A little bit of precaution can go a long way in preventing phone, email and text scams."

Mark James, specialist at security firm ESET, commented: "When it comes to tax returns or indeed any type of interaction with HMRC, the scammers have every ingredient they need to deliver an effective attack method with a higher-than-normal chance of success.

"The end user is presented with something they are expecting from an organisation that they need to respond too, along with the perceived scare factor of not answering or cooperating."

(27th February 2018)

(Which ?, dated 23rd January 2018 author Faye Lipson)

Full article [Option 1]:

A further 167,000 victims of the Equifax data breach will receive a warning from the firm, indicating the May 2017 hack may have left them at greater risk of fraud.

The latest wave comes after the firm previously wrote to 693,000 UK individuals thought to be most at risk - taking the total number of UK warning letters to over 860,000.

The credit reference agency says it has decided to write to thousands more victims whose landline telephone numbers were already published in public telephone directories but were accessed as part of last year's cyber-attack.

Which? has already highlighted confusion and alarm caused by the letters, which fail to explain who Equifax is or why it holds victims' data.

Equifax data breach: 15.2m Brits affected

In May this year, Equifax announced its data had been access by hackers in a cyber-attack. Some 15.2 million UK client records were compromised, and Equifax initially wrote to 690,000 UK consumers who are likely to have had sensitive details stolen.

These include email addresses, passwords, driving license numbers, phone numbers and partial credit card details.

This latest announcement reveals that a further 167,000 had their telephone numbers stolen in the attack.

The warning letters offer free identity-monitoring services aimed at spotting impostor applications for credit cards and bank accounts.

Why Equifax has victims' data

Equifax has confirmed that just 3% of the 693,000 worst-hit victims were its direct customers. Many of the victims may have never dealt with - or even heard of - the firm before.

How is this possible? As a credit reference agency, Equifax receives personal data from banks and financial institutions whenever someone applies for a bank account, mortgage or credit card.

Consent for this is usually included in the application terms and conditions, meaning Equifax may hold data on you even if you've never dealt with it directly.

It uses this data to generate your credit reports and score. Lenders then use these to decide how much of a risk you are before they approve your application.

As a result, Equifax's only direct customers are the tiny minority who have transacted with it by purchasing a credit report or identity-monitoring services.

How to verify your letter

If you receive a letter regarding the Equifax data breach, and you're not sure if it's genuine, call Equifax on 0800 587 1584 to confirm the letter is genuinely from them.

If the letter is telling you to call a number other than the one above, it may be a scam.

Should you accept the free identity monitoring services?

If your data has been breached, you may be at heightened risk of identity fraud. To combat this, Equifax is offering its worst-affected UK customers free services which monitor whether your identity has been compromised online.

It's also offering Cifas Protective Registration - a third-party service which prompts banks to conduct extra identity checks when they receive an application in your name.

If you are concerned about the security of Equifax's own products, you can opt to be enrolled in Cifas's service instead - however you will still have to give some personal information to Equifax so it can enrol you for free.

It is possible to enrol directly through Cifas, though this will attract a £20 charge (for two years' cover).

uaware comment

Things are so dodgy now with links, don't even trust the link I provide. Go direct to the "Which ?" website and look for this article. Check the contact details mentioned above, yourself !

(27th February 2018)

(Mirror, dated 24th January 2018 author Tricia Phillips)

Full article [Option 1]:

Jack Taylor was tricked by crooks into giving them access to his bank account and almost lost £5,000 from a clever - and very believable - scam.

Last year he had an issue with his wi-fi router and found a contact number for customer services on the Talk Talk website.

Their team rebooted his router from their end and the problem was solved.

All seemed good until a few weeks later when he received a phone call from someone he believed to be from the Talk Talk team he had spoken to previously.

The caller said his router was reportedly having problems and was running corrupt software.

Jack, 71, was assured they would be able to sort this out and prevent the corrupt software from causing any further damage, but they would need to gain access to his computer using TeamViewer - software that allows remote access to a user's computer.

Jack was quickly transferred from 'customer services' to a member of the fraud team before he'd had the chance to really think about what they were asking him to do.

He was then rushed into entering passcodes into his computer so the person on the phone could access and stop the corrupt software.

ack was told he would receive £200 compensation and was put through to the finance team to sort out the credit.

After giving the caller access to his bank account, the caller claimed they had sent the wrong amount of compensation as the account read £5,200 and they'd need to credit back the £5,000.

That's when alarm bells rang, and Jack had an opportunity to take a breath. He thought to himself, this doesn't sound quite right.

Luckily, each of the attempts by the criminals to withdraw the £5,000 were blocked by Jack's bank. But this didn't deter the fraudsters.

They kept calling and urging Jack to call his bank and let them know this was genuine. He realised this wasn't the real Talk Talk and called his bank to let them know what had happened.

Jack from Herefordshire says: "I just wanted to solve the issue as quickly as possible. The scam call was so quick and seemed legitimate given the recent problems with my router that I didn't have any time to think something was wrong.

"I had a lucky escape as the bank's security system was efficient and raised alarm bells which were going off quietly in my head.

"Many others aren't as lucky as I was."

Financial thieves are out in force with ever-changing scams and dodgy deals which can be difficult to spot.

In the first six months of 2017, a shocking £366.4million was lost to fraudsters and a further £101.2million was stolen through bank transfer scams.

3 Things to remember

1. A genuine bank or other financial organisation will NEVER contact you out of the blue to ask for your PIN or full password - and won't ask you to tap these into your phone keypad. They would never ask you to move money to another account for fraud reasons or send someone to your home to collect cash, PIN, cards or cheque books if you are a victim of fraud.

2. Don't be tricked into giving a crook access to your personal or financial details. NEVER automatically click on a link in an unexpected email or text.

3. Always question uninvited approaches in case it's a scam. Put the phone down. Contact a company direct, using their official telephone number or email.

(27th February 2018)

(Independent, dated 19th January 2018 autho Felicity Hannah)

Full article [Option 1]:

The question of who should bear the loss when a banking customer falls victim to a scam is a thorny one. After all, if a customer has been defrauded by a criminal then it seems unfair that they alone should suffer the entire loss. Yet it's also understandable that few banks want to be responsible for every victim's money. They can argue that those victims failed to take sufficient steps to protect themselves.

Yet this difficult issue appears to be being answered by banks in different ways and the result is that customers are left confused about whether their bank will have their back if they fall victim to fraud. A lack of clarity on the rules leaves them unsure about whether they can appeal if their bank simply says it will not reimburse them.

It can sometimes feel rather like a lottery, with money being returned or not depending on which bank a customer is with when they are targeted by scammers. That's a situation perfectly illustrated by pensioner Susan Moon.

When she fell victim to a sophisticated scam two of her accounts were emptied. One bank immediately reimbursed her. The other did not.

Perfect timing

The scammers struck at the perfect time. Susan and her husband had newly moved into their new home and had builders in when the thieves called. They had been travelling until the early hours the night before and had just a few hours' sleep and Susan was worried about her mother who was unwell.

In the midst of all that came a call from a genuine-sounding man who claimed to be from a BT call centre. Their internet had been compromised, he explained, and he needed to help them protect their accounts. Following his instructions, she and her husband installed software on their computer, entered their bank details and entered information that, without their knowledge, authorised the transfer of money from their accounts.

The scammers were relentlessly plausible, providing a number the couple could call to confirm they were legitimate, offering a code that would be quoted when a "genuine" BT employee called back and reassuring them at every stage that their accounts would soon be safe.

By the time Susan and her husband realised these helpful men were most likely fraudsters it was too late and her money was transferred away into a Metro Bank account.

She explained: "I share an account with my mother so I can help her manage her bills and so on. £3,200 was gone out of that Nationwide account. I just started to sob. Then I went back onto my computer and £3,600 was gone from my HSBC account.

"I just kept crying, we were both so traumatised."

Distressing dealings

Susan's experience shows how distressing fraud can be. However, she says her distress was compounded by the different way one of her banks then treated her.

"Every time I spoke to Nationwide it was like they were wrapping me up in a blanket and reassuring me. HSBC were just demanding 'What did you do?'"

"We had to pick my mum up and she had been ill and I just couldn't tell her. We felt so stupid! You think you're savvy but it was just so believable at the time."

After reporting the fraud on a Friday, Susan had a sleepless weekend. Then on Sunday, she decided to go for a walk to help clear her head.

"On the way back [Nationwide] called. He said, 'I'm not sure about HSBC but we are going to refund your money.' I could have kissed his feet because that was Mum's money. He said it's fine, he told me to stop blaming myself. He was wonderful and the money was there within two hours.

"The phone went an hour later and it was HSBC. She said, 'Because you pressed the button on your keypad, you are responsible for that money. We cannot give you the money back.'"

Susan told the HSBC employee that Nationwide had immediately refunded her but says she was told: "All banks do things differently."

Nationwide told us: "We assess liability on a case-by-case basis but, as a general guide, if a fraudster manages to transact on an account, and the customer did not knowingly authorise and consent to the transaction, we will give a refund."

An HSBC spokesperson said: "The circumstances of each scam dispute are reviewed on a case-by-case basis. As soon as we were made aware of the payment we contacted Metro Bank to make them aware, but it seems their customer had already withdrawn the money.

"We would encourage people to look at the finance industry's 'Take 5' campaign, which we fully support, which provides information on the techniques used by scammers, as well as giving important advice to customers on what they should do when receiving uninvited approaches and requests to share financial information."

Fortunately, for Susan at least, there was a happy ending. After calls from this publication, HSBC said it would credit her account with the full £3,600 "as a gesture of goodwill". Yet she remains shaken by fraud that left her sleepless and tearful, and says that some of that distress was caused by her experiences in dealing with bank employees.

Not clear-cut

It's easy to sympathise with Susan, who was targeted by thieves carrying out such a sophisticated scam, and to agree that both banks should have immediately paid up to spare her any additional distress. However, it's also easy to see that if banks have to accept total liability for fraud losses then we will all pay the price.

Nikki Worden is a partner at Osborne Clarke's financial institutions group, specialising in the regulation of financial services offered to consumers. She says there's a real danger that making banks liable for losses would drive up the cost of consumer banking, potentially ending fee-free banking or increasing other charges.

"I have sympathy for both sides," she says. "I think it's very easy to say 'this should be done' but it's a really complex problem. The more banks pay out then the higher the cost of banking.

"There are also potentially unintended consequences of making banks liable. Just look at the car insurance sector: people made claims for whiplash and it pushed up premiums for everyone."

Worden also worries that making banks liable would encourage criminals to see bank fraud as a "victimless crime", when in fact we would all shoulder the burden.

Pépin Aslett, deputy head of the commercial and chancery group at St John's Buildings, explains that the rules were recently tightened to protect customers from some losses. He says: "From 13 January 2018, the Payment Services Regulations 2017 (implementing the second EU Payment Services Directive) will require banks to refund unauthorised payments no later than the end of the next working day following notification to them. Customers should notify as soon as possible, but do have up to 13 months. The new regulations are a development of existing law."

Unfortunately for those who fall victim to fraud and authorise payments mistakenly or accidentally, there's less protection. Aslett adds: "Although there is a presumption that the customer is right, the new regulations dictate that the bank can refuse to refund the money, or can ask for it back, if they can show that the customer authorised the payment by their consent, the customer acted fraudulently, or it is shown they were grossly negligent in protecting their information."

(27th February 2018)

(Wales Online, dated 16th January 2018 author Will Hayward)

Full article [Option 1]:

Fraudsters are using fake texts from banks to "harvest" unsuspecting victims' personal banking details.

Anti-fraud organisation Action Fraud have received reports about con artists sending out a range of messages purporting to be from the bank NatWest.

The fraudsters are using specialist software which alters the sender ID on the message so that it appears as if it's come from NatWest, adding it to any existing message threads on the recipient's phone.

If you already bank with NatWest and had a legitimate message from them in the past this could easily catch you out. It seems to be targeting individuals regardless of whether they are customers of NatWest or not.

Victims who click on the link are taken to an exact replica of the NatWest website that asks for sensitive personal information including their full name, address, contact details, and pin and debit card numbers.

The con, known as smishing, is when criminals pretend a message is from your bank or another organisation you trust. They will usually tell you there has been fraud on your account and will ask you to deal with it by calling a number or visiting a fake website to update your personal details.

Some victims have also received calls purporting to be from NatWest after receiving these scam text messages. One woman reported receiving a fake text message like the ones above that urged her to "avoid account suspension", which she ignored.

Later on that day she received a call from a withheld number on her mobile phone from a fraudster posing as a member of the NatWest security team. The fraudster said she would be sent a text message with a six-digit security code and once she received it to immediately tell him what that code was.

The text came through instantly while she was still on the phone and she gave the fraudster the code. This was in fact a genuine NatWest message which contained a warning not to disclose the code.

The victim then got a further real text from NatWest to say a different mobile number to her own had been registered to her NatWest mobile banking app. After the victim immediately checked her app she found £130 had been removed via the "Get Cash" function.

NatWest are investigating the fraud.

According to an Action Fraud spokesman: "A genuine bank or organisation will never contact you in this way. Only give out your personal or financial details to use a service that you have given your consent to, that you trust, and that you are expecting to be contacted by.

(27th Febraury 2018)

(Cornwall Live, dated 5th January 2018 author Shannon Hards)

Full article [Option 1]:

Parents of privately educated pupils have been warned of fraudsters posing as school staff and intercepting payments.

According to Devon and Cornwall Police, fraudsters are placing themselves in the middle of transactions between parents and private schools.

The fraudster contacts the parents outlining details and payment instructions for the latest school fees.

Initial contact appears to primarily be made via email and often from the school's own compromised email system.

However the National Fraud Intelligence Bureau (NFIB) says it has also seen instances where the email address used is similar to that of the school (i.e. nn instead of an m).

The victim then makes the required payment into the bank account which is in the control of the fraudster. By the time the fraud has been identified, the funds have already been dissipated.

In several instances there has been a strong social engineering element at play within the email, with the fraudster suggesting a discount on the fees can be obtained if the parents pay early.


- Ensure all administration staff are aware of this fraud.

- Ensure staff are aware of protocols regarding not opening links or attachments from unexpected or suspicious emails in the event the email system may get compromised.

- Review password protocols and ensure those that are used are strong, as long as possible and contain a combination of letters as well as numbers and symbols.

- Review internal procedures regarding how the fee payments are requested and ensure these are relayed to the parents so they can easily identify suspicious requests.

- Ensure computer systems are secure and that antivirus software is up to date.

- To help combat "typo squatting" the school could consider registering similar domain names.

- Ensure required security updates to computer systems are completed.

- Consider using a payment gateway for any monies required to be received from parents.


- Always verify email payment changes in respect of payment fees with the school directly using established contact details you have on file, especially for ones which are not expected or for a different amount than expected.

- Always review requests to changes for payment requests. Check for inconsistencies or grammatical errors, such as a misspelled school name or a slightly different email address.

- Don't be afraid to verify details when being asked to make fee payments into a new bank account.

(27th February 2018)

(Penarth Times, dated 6th January 2018)

Full article [Option 1]:

A WARNING has gone out telling people to be on the lookout for the "most convincing phishing email" it has ever seen.

Scammers have made an exact replica of a real e-receipt from Debenhams and are sending it out in a scam where they ask for personal details in order to get money from people.

A spokesperson for Action Fraud, the UK's national fraud and cyber crime reporting centre said: "This Debenhams e-receipt is the most convincing phishing email we've seen and could be lurking in your inbox.

"More than 55 information reports have been sent to our National Fraud Intelligence Bureau (NFIB).

"We would advise people to not click on any links, delete it and report it to us "Debenhams are aware it's a fake and have had customers contact them directly about it.

"Their e-receipts are issued to people when they make a purchase in store and this is a carbon copy. So these are not only unusual, but could catch some people off guard.

"The giveaway is the fact they were sent from personal email addresses."

A Debenhams spokesperson added: "We are aware of this and we continually take steps to protect customers and support the work that organisations such as Action Fraud and Cyber Aware conduct to encourage customers to be vigilant and aware of the steps they can take to stay cyber secure."

This Debenhams e-receipt is the most convincing #phishing email we've seen and could be lurking in your inbox. Fraudsters have created an exact replica of a real e-receipt, but you'll notice they're sent from personal email addresses and not Debenhams. We've had 55+ reports!

If you received one of these emails, delete it straight away. Do not open any links. Report it to Action Fraud at

(27th February 2018)

(International Business Times, dated 10th January 2018 author Jason Murdock)

Full article [Option 1]:

Netflix users are being warned to avoid clicking on any suspicious email links after a phishing scam was uncovered, which security experts say is designed to steal credit card details.

Found by Australian cybersecurity firm MailGuard, and shared on Twitter by the New South Wales police, the fake emails use convincing social engineering tactics - including the official Netflix website layout - in an attempt to dupe recipients into entering financial details.

The email reads: "We attempted to authorise the Amex card you have no file but were unable to do so. We will automatically attempt to charge your card again within 24-48 hours. Update the expiry date and CVV as soon as possible so you can continue using it with your account."

An 'update payment' button in the email, if clicked, will lead to a phishing site with bogus Netflix branding. Any card details entered will be sent directly to the hackers.

After details are hijacked, the fake website even sends the victim to a real Netflix page to reduce suspicions.

"Netflix has become a favourite vehicle for email fraudsters," MailGuard's Emmanuel Marshall wrote in a blog post Wednesday (10 January).

"Its large customer base makes them a valuable target for brandjacking; cybercrime that exploits the trademarks of well-known companies to deceive victims.

"Phishing can be enormously costly and destructive, and new scams are appearing every day."

A Netflix spokesperson told in a statement: "We take the security of our members' accounts seriously and Netflix employs numerous proactive measures to detect fraudulent activity to keep the Netflix service and our members' accounts secure.

"Unfortunately, these scams are common on the internet and target popular brands such as Netflix and other companies with large customer bases to lure users into giving out personal information."

It remains unknown how many people have been targeted in the scam so far.

Luckily, there are ways to stay protected from such schemes, the official Netflix notes on a help page. Crucially, it tells users to never click suspicious messages claiming to be from the firm.

It states: "Never enter your login or financial details after following a link in an email or text message. If you're unsure if you're visiting our legitimate Netflix website, type directly into your web browser."

And if you clicked a suspicious link or provided any personal information to website posing as Netflix, the company suggests you do the following:

- Change your Netflix password to a new, unique one.
- Update your password on any other websites where you used the same email and password.
- Contact your bank if any payment information was entered, it may have been compromised.
- Forward the message to with the steps above.

(27th February 2018)

(Mirror, dated 17th January 2018 author James Andrews)

Full article [Option 1]:

Note : The actual article has screen shots of the fake emails and texts.

Fraudsters are sending out fake Argos text messages saying you have a package waiting - don't click on them.

The messages look like they've been sent from Argos, but are designed to trick you into clicking on the URL to find out what's waiting.

Members of the Mirror Money team have been sent the message, reading: "Dear shopper, There is (1) package waiting for you! Check here >>," followed by the URL to their scam site.

But there isn't a package waiting, you are directed to a site where they attempt to grab your details by pretending they're offering cheap iPhones.

It's especially dangerous, because if you have ordered anything from Argos, it will appear in a message thread along with genuine messages - perhaps from Christmas presents you bought from the shop.

Worse, once you click fraudsters might be able to collect personal information from your device by installing cookies on your phone that track you, or add browser extensions that can be used to show you advertisements.

How to protect yourself

Sadly, this isn't the only scam message doing the rounds.

"We are aware of fraudulent text messages claiming to be from high street retailers that can lead to fraudsters harvesting your personal banking information," a spokesperson from Action Fraud told Mirror Money.

"Fraudsters will send you a text message that asks you to reply with your personal or banking details, or to call or text a premium-rate number they have created to run up a large bill. This is called smishing. Contact like this is designed to convince you to hand over valuable personal details or your money.

"Don't assume anyone who's sent you a text message is who they say they are. If a text message asks you to make a payment, log in to an online account or offers you a deal, be cautious and report it to Action Fraud online or call 0300 123 2040."

Action Fraud has the following tips for staying safe from phone scams:

Protect yourself

- Don't assume anyone who's sent you an email or text message - or has called your phone or left you a voicemail message - is who they say they are.

- If a phone call or voicemail, email or text message asks you to make a payment, log in to an online account or offers you a deal, be cautious. Real banks never email you for passwords or any other sensitive information by clicking on a link and visiting a website. If you get a call from someone who claims to be from your bank, don't give away any personal details.

- Make sure your spam filter is on your emails. If you find a suspicious email, mark it as spam and delete it to keep out similar emails in future.

- If in doubt, check it's genuine by asking the company itself. Never call numbers or follow links provided in suspicious emails; find the official website or customer support number using a separate browser and search engine.

Spot the signs

- Their spelling, grammar, graphic design or image quality is poor quality. They may use odd 'spe11lings' or 'cApiTals' in the email subject to fool your spam filter.

- If they know your email address but not your name, it'll begin with something like 'To our valued customer', or 'Dear...' followed by your email address.

- The website or email address doesn't look right; authentic website addresses are usually short and don't use irrelevant words or phrases. Businesses and organisations don't use web-based addresses such as Gmail or Yahoo.

- Money's been taken from your account, or there are withdrawals or purchases on your bank statement that you don't remember making.

To report a fraud and cyber crime and receive a police crime reference number, call Action Fraud on 0300 123 2040 or use the website :

(27th Febraury 2018)


(BBC Trending, 22nd December 2017 author Jonathan Griffin)

Full article [Option 1]:

Instagram imposters are trying to trick users into following fake celebrity accounts and sharing confidential details, with promises of thousands of dollars worth of Christmas cash giveaways.

It seems too good to be true - and it is. Instagram accounts purporting to be from celebrities such as Oprah Winfrey, director Tyler Perry and boxer Floyd Mayweather are advertising Christmas cash giveaways.

The accounts urge users to "follow page" and "share with friends" in order to receive handouts as large as $5,000 (£3,700). But they are fake, and anyone counting on a big payout simply for following an account will be disappointed.

After following the fake accounts, users are encouraged to privately send personal information, including email addresses and financial details, to the account owners.

"Money distribution has been slower than expected," claimed one post from a recently-deactivated fake Oprah Winfrey account. "For a quicker distribution please send your CASH APP usernames to @OwnChistmas__ direct messages."

"Cash App" refers to a a money transfer application.

Some of the accounts even claim they have users' security in mind when they encourage the switch to private communication.

"DO NOT share your email address in the comments section due to possible identity theft. We will contact you via direct message," added another post from the now deactivated @OprahOwnsChristmasRealPage.

Thousands of Instagram users appear to be following the accounts, oblivious to the potential danger posed by the hoaxers.

"I really hope this works," wrote one Instagram user using the hashtag #OprahOwnChristmas.
"As a mother facing homelessness if there's even the smallest chance something good like this will happen, I'm taking it," she added, after being informed that the accounts were a hoax. "I don't care if it's fake. If it is oh well but if even for the smallest chance of it being real, I'm taking that chance."

"So my idol is giving out $5,000" wrote another user. "Ma'am $5000 will go a long way in building my business and securing my tomorrow. I pray I get it!"

The celebrities whose images are being used have made it clear that they have nothing to do with the scams.

"These are false social accounts," a spokesperson for Oprah Winfrey told BBC Trending. "We have notified the social media platforms who are working diligently to deactivate these accounts."

BBC Trending approached boxer Floyd Mayweather's team to ask if he had any connection in a similar scheme called the "MoneyMayweatherChristmasGiveaway".

"None whatsoever," responded a publicist for the former five-weight world champion.

While a number of the accounts have been removed, others using similar names now operate in their place using the same hashtags and claiming "we are back" and "it was hacked".

"We work aggressively to fight spam on Instagram," said a spokesperson for Instagram. "If people see these types of accounts, we advise them to report them using our in-app tools, so that we can immediately remove them."

(23rd December 2017)

(Market Watch, dated 18th December 2017)

Full article [Option 1]:

uaware comment : This is a US article, but now slightly Anglacised.

Scammers make a killing during the holiday season. While you spend your time thinking of ways to bring holiday joy to others, they spend their time thinking up ways to steal from you. The saddest part about this is that the ghosts of Christmases past keep visiting Christmas present.

With that, I give you this year's 12 scams of Christmas.

1. The gift card scam

While definitely a ghost of Christmas past, this still works so scammers still do it. It's pretty simple. The thief records the numbers displayed on a gift card, and then calls the company that issued it to find out if it has been activated, which occurs when the card is purchased. The problem here is one of timing. If you buy a gift card early in the shopping season, it's more exposed to fraud. That said, recipients of gift cards often take a while to use them.

Tip: If you are going to purchase a gift card, do it as close to Christmas Day as possible, and encourage the recipient to use it as soon as possible.

2. Sneak attacks on your credit

With the nonstop news of data breaches involving credit card numbers, many of us are walking around with compromised payment cards that can be used by a scammer, and there is no more perfect time of the year for them to try than Christmas. The usual warning signs of an account takeover, or a fraudulent charge, may be harder for financial institutions to spot, since Christmas gifts often don't conform to a cardholder's buying patterns.

Tip: Sign up for transaction alerts from your bank or credit card issuer that notify you any time there is activity on your accounts.

3. Fake charities

While it's not exactly the way it plays out in our nation's malls and shopping districts, Christmas is traditionally a time for contemplation and charitable giving-something captured very well in Charles Dickens's classic, "A Christmas Carol." So if you want to give during the holiday season, it's crucial to make sure the appeal is real.

Tip: Before responding to an online appeal, visit the website by typing in the organization's URL manually, or by using search to find the link. If you are still unsure, call. If you are still uncomfortable, go to the UK Charity Commission website.

4. Temporary holiday jobs

Holiday jobs are a good way to make some extra money, and there are a lot of them, but bear in mind there are myriad scammers out there who may offer fake jobs to harvest your very real personally identifiable information-the most valuable of which being your Social Security number.

Tip: Don't give your Social Security number to anyone unless you absolutely have to, and don't provide it before you confirm you're dealing with a representative of a real organization that has offered a job to you. Never send your information digitally unless you know the recipient uses proper security protocols. (You may not be using secure tech either, so try to be conservative about what you send digitally.)

5. Phishing, vishing and smishing

You might receive a phone call, a text or an email. It doesn't matter what the delivery system is, it's a fraud but it won't necessarily look like one. It could look like a sales promotion from a brand you like, or an offer on a deal that seems too good to be true, or even just "pretty good." Scam artists can be very nuanced. Be on the alert before you act on any offer.

Tips: Check to see the URL matches exactly, and that you never provide any personal information on any webpage unless the URL is secure and starts with "https." Email links should always be considered suspect.

6. True love

The holidays can be lonely, and catphishers know that. Love scams are the worst, as they prey on the emotions in the most exploitative ways disarming the heartstrings with an eye to loosening purse strings. The money lost can be considerable, and the upset unfathomable.

Tip: As corny as it seems, be careful with your heart and don't give it away to just anyone. If you feel like you're falling for someone and they somehow can never make an in-person appearance, don't send them money to do so. You can do better.

7. Hotel scams

You might fall victim to the restaurant flyer scam, the menu for a nonexistent eatery shoved under the door resulting in an order that gets you robbed, or it could be the front desk scam where you get a call after check-in asking for another credit card number because "the one you provided was rejected."

Tip: Assume the worst when in unfamiliar territory, and be on guard when traveling. Always distrust. Always verify.

8. Fake online shops

This is a tough one, but here's the deal…Bargain? Amazing prices on things that should cost a lot more than they are asking on a fake online shop is alluring, which is why people fall for them all the time. Pop up shops are cool, but they may not always be legit.

Tip: Look at the About Us page and call the designated contact number. If there is no number, think twice before making a purchase. Also pay attention to detail. Are there spelling errors in the copy? Bad-looking stock photos? Look for trouble.

9. E-cards

We all appreciate the sentiment behind an e-card, but that should not outweigh the risk of malware that can take a computer hostage or record every keystroke so that your most sensitive credentials for financial accounts can be stolen. E-cards are a popular form of fraud among scam artists, and you should be very cautious when you receive one.

Tip: Email, call or text the sender and ask if they sent an e-card. In this environment of constant attack, they will understand

10. E-voucher scams

This scam is built for people old enough to remember a physical, printed voucher, which, presented in person at a brick and mortar store, would get you a discount. They were basically a coupon. E-vouchers are fine if they come in the form of a number sequence, discount code or keyword, but anything else should be considered suspect.

Tip: Be on the lookout for grammar or spelling errors. Always type in the URL of the site for which you have an e-voucher, and enter the code or number there. If it comes by way of text or email and it involves a link, don't click through.

11. Fake shipping notifications

What could be worse than a message from your favorite e-tailer letting you know that the must-have item you ordered is out of stock or was sent to the wrong address. Another oldie but goodie among thieves is a notice informing you that the "Item has been delivered" when it hasn't been.

Tip: Never click any link associated with this type of communication. Always log onto the e-tailer site for more information, or pick up your phone and call.

12. Wish list scams

Online wish lists are a bad practice that should be discouraged. In theory, the online wish list creates a place where friends and relatives can find out what you want for Christmas, which many find preferable to guesswork. Beyond being horribly transactional, the practice opens the list-maker to phishing attacks, since scam artists will automatically know what interests you.

Tip: If you must post a wish list online, custom set the privacy on the post so that only particular people can see it, and don't include any personally identifiable information.

At Christmas it's always better to give the gift, than be the gift that keeps on giving to identity thieves.

If your personal information does fall into the hands of a scammer, be sure to monitor your credit for signs of identity theft.

(23rd December 2017)

(The Telegraph, dated 16th December 2017 author Amelia Murray)

Full article [Option 1]:

ank transfer fraud has been one of the most talked about financial issues this year.

Yet victims, such as reader Cally Ellison continue to lose life-changing sums because of weaknesses in the banking system.

Ms Ellison, 61, was developing a property in east London, with her business partner Julia Lee, when she received what looked like a genuine email from her building firm.

It requested a payment into an alternative Nationwide account because it claimed its bank was in the process of completing its "end-of-year account reconciliation".

Ms Ellison, who lives in London, made two separate transactions, one for £50,000 on Sept 14 last year, and another for £25,478 the next day. Days later the building company contacted Ms Ellison to say it had not been paid.

She immediately called her bank Barclays to report the scam. Just over £9,000 was recovered but more than £66,000 had already been transferred out of the Nationwide account.

Ms Ellison contacted Nationwide, the Metropolitan Police and the Mayor's Office for Policing and Crime headed by Sadiq Khan.

Three months later she received a call from Edmonton police force. Ms Ellison said an officer explained that the details of her case had "filtered down" from the Mayor's office and would be passed to police in Scotland because one of the fraudster's transactions had taken place in Aberdeen.

It was during this investigation that Ms Ellison said she was told by the police that Nationwide's "know your customer" checks - supposed to be conducted when an account is opened - were "substandard".

She said the police "weren't happy" and reported Nationwide to the regulator, the Financial Conduct Authority. Despite the allegation Nationwide refused to reimburse Ms Ellison the stolen funds.

The building society also refused to refund £8,700 to another scam victim, Balazs Kelemen, last month, despite damning police evidence that revealed that it had allowed a fraudster to open an account with a false Romanian ID card and a counterfeit British Gas utility bill.

The mutual insisted it made "required and reasonable" checks and was satisfied the paperwork appeared to be genuine. It denied negligence.

Arun Chauhan, director of Tenet Compliance & Litigation, a law firm providing advice on financial crime compliance, suggested that staff were not being trained well enough to identify ID documents and there was a lack of consistency across the industry when it came to account opening procedures.

Mr Chauhan said banks needed to tighten up their checks by asking for a greater number of documents or more time to gain "independent verification" before approving an application for an account.

He said that if the banks' checks failed, there should be a compensation scheme operated by the FCA which would be contributed to by all banks.

Nationwide said it "sympathised" with Ms Ellison, but denied an error had been made.

It said that the account was opened in accordance with the "legal and regulatory standards in place at the time".

Police Scotland said enquiries had concluded and the victim had been offered "appropriate advice".

Telegraph Money has waged a campaign to force those banks that provide services to criminals - the recipient banks, in cases of transfer scams - to take greater responsibility for their role in these crimes. And while there is much further to go, we have celebrated a number of successes with readers' losses being recouped.

Patterns have emerged in the cases we have brought to light that suggest consistent weaknesses in some banks' processes. Banks are required to carry out "customer due diligence" measures, for example, as part of their anti-money laundering procedures.

But in numerous cases reported by Telegraph Money, banks are still accepting fake IDs and other false documents as sufficient proof to open and operate accounts. Nor do banks operate consistent screens to detect questionable payments.

Transfer fraud data was collated and published for the first time in November this year by UK Finance, the industry body, which revealed that these scams are now the second biggest type of payment fraud after card fraud.

More than £100m was lost to these types of scam in the first half of this year in nearly 20,000 cases. Just £25m was recovered. Consumers lost an average of £3,000 and businesses £21,500.

The Payments Systems Regulator is considering a "reimbursement model", among a number of other remedies, which if introduced would apply from September 2018.

How can non-customers report fraudulent accounts?

Readers have asked how they might report a suspicious account to a bank when they are not a customer.

- Suspect Halifax accounts can be reported on 03457 22 55 25. Lloyds' number is 0800 917 7017.

- Barclays takes calls from customers and non-customers on 0345 050 4585.

- Santander's 24-hour hotline is 0800 9 123 123.

- TSB Reports can be made on 03459 758 758.

- HSBC said people should contact their own bank if they have concerns about HSBC accounts.

- RBS and NatWest do not have a way for non-customers to report accounts.

******** Also report scams to Action Fraud.

(23rd December 2017)

(Daily Record, dated 13th December 2017 author Graeme Murray)

Full article [Option 1]:

Police have warned the public to remain vigilant against telephone fraudsters after a 74-year-old woman was scammed out of £140,000.

Residents in Tayside, Angus and Perthshire have been targeted by callers pretending to be from their bank or from other business companies.

The "phishing" fraud ends with victims being encouraged to either transfer their money to another account or provide personal details to the fraudster allowing them to transfer the money.

A 74-year-old woman from Dundee, Tayside, lost £140,000 after being scammed by criminals claiming to be from the fraud department of her bank.

Police say attempts by the bank are under way to retrieve the money.

In another scam, a 75-year-old man from Montrose, Angus, was duped into transferring £74,000 into other accounts. On this occasion the bank managed to retrieve the funds.

And an elderly woman from Kinross, Perthshire, was called by someone claiming to be from BT. She was told her computer had been hacked and her bank details were required which she gave to the caller and lost £5,000.

A spokesman for Police Scotland said: "Police would advise residents to be alert to any phone call they receive from a person claiming to be from a bank, financial institution, business company either asking for money to be transferred or asking for a phone call to be made to the bank. Do not provide any of your details.

"If you do decide to call the bank, where possible call from a different phone line or mobile number. If in doubt, ask the caller to put a stop on your account and attend your branch in person."

(Wales Online, dated 13th December 2017 author Will Hayward)

Full article [Option 1]:

A new scam has seen a Welsh pensioner conned out of almost £15,000 by fraudsters posing as police officers.

Members of the public are being contacted, usually by phone, by fraudsters pretending to be from the police or in some cases the fraud team within their bank.

The criminals claim they are investigating a fraud at a local bank branch where staff are suspected of being complicit, including issuing fake bank notes.

They then ask their target to help with their operation.

As part of the scam the individual is asked to visit the branch and withdraw a substantial sum, often thousands of pounds, of the supposedly counterfeit cash to hand over to the fake police for "analysis".

he victim is assured that the money will be deposited back into their account after the operation is complete.

However, once the money is passed over the fraudster disappears with the cash.

The criminals instruct their victims not to discuss the case with anyone in the branch, giving them plausible explanations as to why they are withdrawing the money.

As a result, despite being questioned by the bank staff, the victims takes out the cash, convinced staff are part of a fraud.

One of the victims was a pensioner from Crickhowell who was unable to get all her money back.

Paul Callard, Financial Crime Team Manager for Dyfed-Powys Police, said: "This scam has targeted individuals in our force area and we've actually received a report from a female victim in her 70s from Crickhowell, who was conned out of almost £15,000.

"The victim was able to get the initial £5,000 back from the victims bank however has not been able to get the other £9,638.16 back. Scams like these have such a negative impact on victims.

"I would urge people to please act with caution if approached by these types of scamsters. If in doubt, hang up and ring police on 101."

Katy Worobec, Head of Fraud and Financial Crime Prevention, Cyber and Data Sharing at UK Finance said: "This is a particularly nasty scam as it plays on people's public-spirited nature to assist the police.

"We are receiving a growing number of reports of it occurring, with people often losing large amounts of money, so it's vital that everyone is aware.

"Remember, the police will never ask you to withdraw money and hand it over to them for safe-keeping."

How to avoid this scam:

-The police will never ask you to become part of an undercover investigation or for you to withdraw cash and hand it to them for safe-keeping.

-Be wary of any calls, texts or emails purporting to be from the police asking for your personal or financial details, or for you to transfer money.

-If you are approached, or feel something is suspicious, hang up the phone and don't reply. Then report it to Action Fraud and your bank on their advertised number.

Visit the Take Five to Stop Fraud website for more advice on how to stay safe from scams.


(23rd December 2017)

(Mirror, dated 13th December 2017 author Vicky Shaw)

Full article [Option 1]:

More than £9 million of potential fraud has been stopped in the first year of a scheme which protects victims when they visit a bank or building society branch, a finance industry body has said.

In the 12 months since a pilot launch, the banking protocol has prevented £9.1 million of fraud - with individual customers protected from losing sums ranging from £99 up to £212,000, according to trade association UK Finance.

The "rapid response" scheme enables bank staff to contact police if they suspect a customer is in the process of being scammed, with an immediate priority response to the branch.

As well as preventing fraud, the initiative ensures a consistent response to potential victims.

UK Finance said the scheme has led to 101 arrests being made nationally, with police having responded to 1,262 banking protocol calls.

The banking protocol was first launched in October last year with a pilot in London, before a national roll-out started in May.

It was developed as a partnership between the finance industry, police and Trading Standards. The Post Office is also part of the protocol.

The scheme is now in place in 43 police forces across the country, with all remaining forces across the UK committed to introducing it, UK Finance said.

Katy Worobec, managing director of economic crime at UK Finance, said: "Fraud can have a devastating effect on some of the most susceptible people in society and it's by working together with law enforcement, and others, that we can make a real difference when it matters most.

"The finance industry is determined to crack down on fraud and is taking action on all fronts - the protocol is an important weapon in our armoury."

Lord Harris, chairman of National Trading Standards, said: "The National Trading Standards' scams team has been integral to the implementation of the banking protocol and I am pleased to see that it is already having a real impact.

"This example of partnership working is key to tackling criminal activity in a world where criminals are constantly innovating and finding new ways to convince consumers of their legitimacy."

Commander David Clark, City of London Police, said: "I applaud the initial success of the scheme and support it going forwards."

(BBC News, dated 13th December 2017 authors Simon Gompertz and Kevin Peachey)

Full article [Option 1]:

Seventy-two-year-old Barry Fox is one of hundreds of people saved from scams after bank staff stopped him spending £10,000 on a fictitious Rolls-Royce.

The retired lorry driver went into his Barclays branch intending to withdraw the cash to pay for the luxury car he saw on an internet auction site.

Staff were concerned and used a new system to alert police to the case and, within 30 minutes, officers were there.

They made checks and alerted Mr Fox to the fact he was about to be scammed.

This was one of 1,262 calls made by bank staff to police or trading standards under the Banking Protocol system that should see an officer arrive to offer help within an hour.

UK Finance, which represents the major banks, said this had saved potential victims a combined total of £9.1m in its first year of operation. Individuals had been saved between £99 and £212,000 each.

Mr Fox had received some inheritance and decided to spend it on his dream car.

The seller told him that they would pick him up from a railway station and then travel to a countryside location to pick up the car. He would pay £10,000 in cash. Bank staff said it "didn't seem right".

The police officers alerted him to the fact that the car was registered hundreds of miles away. The details of the seller on eBay did not match the business which had the car, so there was no realistic possibility of buying it.

"I might have gone there with £10,000 in my pocket and been knocked over the head with a stick or something," said Mr Fox.

Mr Fox was simply advised not to take out the money in this case. Eventually he bought another Rolls-Royce being sold legitimately.

In other cases in the last 12 months, 101 arrests have been made after calls were made by concerned bank staff.

The system has been introduced gradually across the country since May and nearly all UK police forces are now signed up.

Katy Worobec, from UK Finance, said: "The finance industry is determined to crack down on fraud and is taking action on all fronts. The protocol is an important weapon in our armoury."

(23rd December 2017)

(Chicago Tribune, dated 11th December 2017 author Robert Channick)

Full article [Option 1]:

uaware comment :
This US article just shows the variance of this common scam

For consumers who turn over control of their computers to remote technicians online, the fix may already be in.

A growing number of remote tech support scams are popping up, in which users facing "crashed" computers give online access for repairs that do nothing more than drain their wallets, according to a study released Monday by the Better Business Bureau.

"We're getting a lot more calls on these types of scams," said Steve Bernas, president and CEO of the Better Business Bureau of Chicago and Northern Illinois. "But what's really alarming is most consumers don't realize they've been scammed."

For many users, the scams begin with pop-up warnings saying their computers have been infected by viruses or malware. The computers may lock up, issue piercing alarms or even mimic the dreaded "blue screen of death" that appears when a computer has crashed completely.

The pop-up messages, which often appear to come from reputable tech companies such as Microsoft, HP, Apple or Dell, offer help fixing the problem with a toll-free tech support number. In actuality, that's when the problem begins.

Consumers who call the number will be hooked up with technicians who offer to take remote control of the computers, scan for issues and repair them. The fee is generally around $500.

In most cases, the technician will repair nothing but may spend as much as an hour nosing around the computer, looking for sensitive information and inserting malware to continue to monitor the user's activity.

"If you did pay somebody recently $500 or so to dial in and fix your computer, it may have malware in it, so be very careful," Bernas said.

Illinois Attorney General Lisa Madigan also warned computer users to be wary.

"Do not respond to any communications claiming your computer has a problem - do not click on pop-up ads or email attachments and hang up immediately on calls; these are scams," Madigan said in a news release. "Please contact my office if you want to determine whether a call or message is a scam."

The Federal Trade Commission and the FBI received more than 41,000 remote tech scam complaints through the first nine months of 2017, resulting in more than $21 million in losses, according to the Better Business Bureau report.

That may represent just a fraction of the actual scams taking place, with less than 10 percent of victims reporting it, according to the FTC.

Victims run the demographic gamut, with millennials more likely to continue with a fraudulent tech scam offer than any other age group.

In addition to online recruitment, victims are lured into the scams through cold calls from technicians claiming to be from Comcast, Norton, Dell and other major companies. Scammers have also begun to use robocalls with fake caller IDs to sell the fraudulent remote computer repairs.

Beyond the initial fee, the tech support scammers may take advantage of remote computer access to view online bank accounts and other sensitive financial information to directly take money from the victims.

The tech scams are becoming more common, with two out of three internet users affected in the previous 12 months, according to a 2016 Microsoft survey.

A report by Stony Brook University found that more than 85 percent of the tech scammers were based in India, where many U.S. companies outsource for legitimate information technology support. Less than 10 percent of the scammers are based in the U.S.

Consumers who believe they have been scammed should report the incident to the Better Business Bureau and the FTC, change their passwords, and take their computers to legitimate bricks-and-mortar repair shops, if necessary, the report advises.

The report recommends keeping anti-virus software up to date and thoroughly researching tech support companies before giving them online access. And for those suddenly confronted with blaring and potentially fraudulent pop-up messages warning of a computer virus, there may be a very simple fix.

In most cases, the Better Business Bureau advises, the best way to clear the warnings is simply to close the browser or reboot the computer.

(23rd December 2017)

(Telegraph, dated 9th December 2017 author Amelia Murray)

Full article [Option 1]:

A high street bank used by an eBay fraudster to steal thousands of pounds has agreed to refund a scam victim the full amount as a "goodwill gesture".

HSBC refused to explain why it would be refunding £4,000 to Halim Soltani and his wife after they realised they had been defrauded but experts suggested it might have been because the bank realised the criminal's account should "never have existed".

Other banks used by fraudsters have refused refunds in similar circumstances, highlighting the inconsistent approach to fraud in the banking sector.

Last week Telegraph Money reported how two scam victims had been refused refunds from the criminals' banks, despite police reports showing that the accounts had been opened using false details.

Mr Soltani found a shepherds hut on eBay listed for £5,000. The seller agreed to reduce the price to £4,000 for a "quick sale" and a few days later Mr Soltani received an invoice sent in a spoofed email which looked as if it came from eBay and paid £4,000 by bank transfer.

The hut failed to show up and the seller stopped responding to messages. Mr Soltani said he realised that he had been duped when he saw the hut relisted on eBay under a different user name.

Ebay refused to refund him as he hadn't paid through the platform using PayPal.

Mr Soltani said: "It's ridiculous how we're protected through PayPal and when we use credit cards but not when we pay by bank transfer. This was still a crime - why aren't we protected?

Mr Soltani first contacted eBay, his bank, Santander, his local police and Action Fraud, the national cybercrime reporting service. When none of these organisations was able to help he wrote to this newspaper for advice before emailing the chief executive of HSBC.

He gave us the details of the fraudster's HSBC account - the account number, sort code and account holder's name - and we offered to cross-check them with a source who collates data on fraudulent accounts.

Our source had no record of the account but said the surname of the account holder, Andy Rybbar, had been associated with a number of accounts set up in September this year for the purpose of fraud and that he had alerted the Financial Conduct Authority (FCA), the City regulator.

Mr Soltani included this information in the email he sent to HSBC's boss on November 3. He referred to the notification to the FCA and asked why HSBC allowed the account to be set up and what checks and controls were used.

Less than a week later the bank agreed to reimburse the money although it refused to share any information about the fraudulent account because of its "data protection responsibilities". The money was refunded on November 8.

HSBC refused to explain to Telegraph Money why it had offered a refund in circumstances where other banks had not.

It said "each case is looked at individually" and in this case it had "considered all the facts and decided to refund as a goodwill gesture".

Richard Emery of fraud consultancy 4Keys International, who has appeared as an expert witness in fraud cases, said he believed that HSBC had decided to pay up because it might have discovered that it had made a mistake with the account involved.

He said: "I believe the bank made a gesture of goodwill because it recognised that the receiving account should not have existed. This is different from admitting that there are flaws with its general anti-money laundering processes."

Experts have advised victims to hold the "recipient bank" - the one used by the fraudster - to account.

Earlier this year David Clarke, a former detective chief superintendent and board member of the Fraud Advisory Panel, the leading anti-fraud charity, said in every case of bank transfer fraud "we need to ask if the bank could have prevented it".

"If the answer is yes, the banks should be viewed as having facilitated the crime," he said.

Boost for victms : MP backs Telegraph campaign

Telegraph Money was the first to highlight the significance of the "recipient bank" in cases of bank transfer fraud. This is the bank that runs the criminal's account, the one to which the victim is deceived into sending his or her money, as opposed to the victim's own bank.

TSB was the recipient bank in a case we reported in January.

This newspaper forced TSB to admit that it had allowed a criminal to open an account with fake credentials, enabling the theft of £3,400 from a reader, David Burton.

The bank refunded him the full amount plus interest and compensation three years after the scam took place.

However, victims are often turned away by the recipient bank when they try to report the crime or ask for information about the fraudster's account on the grounds that the bank has no duty of care to non-customers.

"Data protection" is often cited. As a result, success stories are rare, even when there is glaring evidence that banks' systems have failed.

But our campaign received a boost this week when MPs attacked banks for failing to tackle online fraud or to compensate victims when their processes for vetting new customers were found to be lax.

Maria Miller, MP for Basingstoke, secured a Westminster Hall debate on Tuesday on "fraudulent accounts in the banking sector", during which she demanded to know which organisations were holding banks to account when their systems failed, and acknowledged this newspaper's attempts to force recipient banks to take responsibility.

She also highlighted how the City regulator had the power to fine firms but would not look at "individual cases".

The Financial Ombudsman Service can usually look at problems only with a customer's own bank or with matters that directly concern the payment in question - not account opening processes.

Ms Miller called for a review of "banking responsibility" and an extension of consumer protection for those tricked by bank transfer fraud.

The public accounts committee, which looks at government spending, also criticised the banks' response to online fraud, which it said had "not been proportionate to the scale of the problem".

It said it was "not convinced" that fraud awareness campaigns, such as "Take Five", led by Financial Fraud Action UK, the industry body, were effective.

What the banks should do to fight fraud

Telegraph Money has consistently highlighted banks' failure to help fraud victims. These are five measures that we have called on banks to adopt:

- The victim's bank should contact the recipient bank within 30 minutes of the fraudulent bank transfer being reported

- Banks should question and halt unusual transactions

- They should check account holders' names in addition to account numbers when processing payments

- Banks that provide accounts to fraudsters should be required to demonstrate that proper checks were carried out

- All banks should offer easy-to-find ways for non-customers to report fraud 24 hours a day

(23rd December 2017)

(The Guardian, dated 9th December 2017 author Miles Brignall)

Full article [Option 1]:

When Alison Dean received a text from her bank, the Co-operative, asking whether she had just made a £999 purchase - asking her to call the bank if she hadn't - she did what many of us would have done, and dialled the number in the message.

After all, the text had clearly come from the bank - it was listed on her handset amid previously sent texts that the PhD student knew had come from the Co-op - and she was well used to getting such messages from the bank.

But the text message wasn't from the Co-op. Somehow, fraudsters had managed to insert the message into the run of authentic texts from the bank. When Dean rang the number, she was duped into handing over her personal details - and the crucial card-reader-generated code. That allowed the crooks to remove £5,400 from her account - and the Co-op says it will not be refunding her.

If that sounds bad, how about the case of Ben Bowman, who thought he might have to give up his university place after less than three weeks at Bristol, after being similarly conned? In his case he was rung up by fraudsters who knew all his details and previous transactions - to the extent he was convinced he was talking to his bank, Natwest.

Once they had duped the budding rapper into handing over his personal details, the crooks managed to take his first student loan payment of £1,713 and, incredibly, to successfully apply for a £20,000 loan in his name. Both duped students say they have no idea how the fraudsters got their mobile number, or how they knew that they were customers of those particular banks (see below).

Dean's case is particularly worrying as it exposes how easy it is for fraudsters to text customers "as the bank" by disguising the number the text is sent from.

It is also a reminder that consumers should not trust any information apparently to them sent by their bank via email or text. Account holders should only call their bank using the phone number on the back of their card, not the number on a text or email. Students seem particularly prone to this scam as they are often financially inexperienced.

Dean, who is studying biology, says: "As soon as I got the text I called the number and they answered as the Co-op's fraud department. I was on the phone to them for 24 minutes. Throughout the call I had no reason to believe I wasn't talking to Co-op staff. I gave them my card details and used my card reader over the phone. Looking back it seems rather stupid but it was all done so expertly. I genuinely thought I was talking to bank staff who were helping me deal with a fraud."

She says as soon as she realised that something was wrong she called the Co-op to report what had happened. By that time five transactions had been made from her online banking account. The Co-op cancelled two of them, but three had already gone through. It has since refused to refund her the £5,400 taken and has, she says, just washed its hands of the matter.

Ben Bowman's case is similar except that he was physically called on his mobile by someone claiming to be from Natwest's fraud department. The caller proceeded to list his previous transactions, and asked him to confirm the genuine ones. He was then asked if had bought a £140 handbag in Edinburgh.

"The caller knew I had bought a Domino's pizza two days ago and all my other purchases. I had never been called up by a fraud department but he sounded exactly as I would have expected. All the account details he quoted were right. I was 1000% convinced that the guy worked for Natwest and was genuine. He said he would send me a text which I should read back to him. I kept thanking him for helping me," says the politics and international studies student.

At the end of the call he says he was told that Natwest would shut down his online banking facility and that he should delete the mobile app. He just happened to go home for the weekend, where he received a letter from Natwest approving the £20,000 loan the bank had given the "penniless" student. A visit to his local branch exposed the scam - £500 had been taken each day for five days. Staff, he says, spent three minutes analysing the case and then declared he was responsible and would get no refund.

"They were quite happy to send me out of the branch knowing that I had absolutely no money in the world," he says.

Following the Guardian's intervention, Natwest has had a change of heart and has refunded Bowman the £2,500 he lost as a "one-off" gesture of goodwill.

"We know how distressing being a victim of fraud can be and would encourage customers to remain vigilant in response to unexpected phone calls from individuals acting as their bank and if requested to provide security details, hang up immediately and phone the bank on a trusted number," says a Natwest spokesman.

However, the ethical bank, the Co-op, has refused to refund its customer despite Money's intervention.

A Co-op spokesman said: "She responded to the fraudulent message and disclosed her full security details, which is something we explicitly advise customers not to do. As with all banks, we would never ask customers to disclose full security details, or use our two-factor authentication card reader to perform transactions over the phone. As she was in breach of our terms and conditions and means we are unable to refund her for the losses she incurred."

Meanwhile, Bowman says his online banking days are probably over. "It will be a pain but this episode says to me that it's just not worth the risk," he says. "The way the bank wanted to put it all on me, was just ridiculous and breaks all the safety promises they make when you start banking online."

Some names have been changed

How did the fraudsters get their details?

Could the two featured victims both have been caught up in hacking incidents that could have put their personal details in the hands of fraudsters?

Both victims had registered their debit cards with Uber. The company has admitted its customers' mobile phone, email and other personal details were hacked last year, but claimed no card details were compromised. Many shopping sites have poor online security, and there are probably other hacking incidents of which consumers are not even aware. Any one of these might have led to fraudsters obtaining crucial details about the students.

Fraudsters who know the first few digits of a debit card can usually work out which bank provided the card. If they also have the mobile phone number and customer's name they are in business, and can immediately target the customers in the ways seen above. These are not mass texts and emailing exercises; individuals are targeted so that the fraudster has someone ready to pick up the call to the "bank".

The real banks all use clients' mobile numbers as a way to contact them, but the systems are arguably insecure. It is easy for a fraudster to send texts as if they were the bank. In the past Money has highlighted how easy it is for fraudsters to take over a victim's mobile phone account entirely. If your phone suddenly stops working and your bank uses your mobile to contact you, be on guard for a possible fraud.

(23rd December 2017)

(Mirror, dated 8th December 2017 author Tricia Phillips)

Full article [Option 1]:

Two-thirds of online Christmas shoppers are putting themselves at risk of fraud over the festive season.

Research from National Trading Standards found people are being careless with at least one simple safety check, such as not looking for signs a website is secure and not doing their research on products or sellers before pressing the purchase button.

Shoppers said the reason for not doing vital checks is because they were in a rush and didn't have the time. Or they got carried away trying to bag the cheapest price.

But, one in five people hadn't a clue what they should look out for when shopping online.

Almost a third of people admitted to buying from social media sites or websites promoted by them.

Trading Standards says this is notoriously risky as crooks target their victims via social media. It said there is a mass of counterfeit and unsafe products, subscription traps and other scams lurking out there.

Lord Toby Harris, chair, National Trading Standards, said: As Christmas delivery deadlines draw closer it can be tempting to rush your online purchases, but I would urge people to take their time and do simple safety checks before pressing 'purchase'.

"These checks aren't infallible, but by taking the precautions that are available to us we can make it less likely that we will end up with something unsatisfactory - or dangerous - under the Christmas tree."

Check before your buy

- Search for reviews of products and sellers to try and find out if they seem genuine.

- Spelling or grammar mistakes on websites could mean it's not a professionally run business.

- Look for the 's' at the end of the http part of the web address, and for the padlock symbol in the task bar - this means the site is using an encrypted system that keeps your details more secure.

- Be wary of links to offers and promotions on social media they can take you to fake websites.

- Does the site have a landline you can call if there are any problems? Be wary of mobile phone only contact details.

- See if you can find out where the company's head office is based - and whether that fits with how the website presents itself.

- Don't be tempted by a bargain price that seems to good to be true - it probably is, especially if some of your other checks put doubts in you mind.

- Criminals will try and cash in on those sold out must-have Christmas toys. Either with poor quality imitations that could be dangerous to children or with scam links that take your cash and you won't get the goods.

- If you believe that any online, or face-to-face, seller is selling potentially dangerous goods, or something you've bought has made you suspicious, report it to Citizens Advice Consumer Helpline on 03454 040506.

(23rd December 2017)

(Time, dated 7th December 2017 author Megan Leonhardt)

Full article [Option 1]:

There are about eight hotel reservations made in the U.S. every second. But a growing number of people are being scammed when they go to book a room.

In fact, almost one in four American travelers reported booking on what they thought was a hotel website, only to find later it was another site, according to AHLA research released in April. That's up dramatically from the just 6% of travelers who reported being duped by a lookalike in 2015.

"Hotel booking scams are a major problem in the hospitality space today," says Mike Tanenbaum, who works on cybersecurity issues for insurance company Chubb.

Part of the issue is the wide range of booking options travelers now have for hotels-from booking directly to using a travel agent to making a reservation through an aggregation site. And even within the aggregation sites, there is a wide range, from the big names like Expedia,, and Priceline to lesser known sites like Reservation Counter and AMOMA.

So it pays to watch closely who you're booking with. "There are scam websites out there-small, fly-by-night affiliates looking to make a quick buck," says a spokesman for Reservation Counter.

Even legitimate sites can run into trouble if consumers are confused. Reservation Counter, for instance, says it made some cosmetic changes in recent months on the advice of a Google team, increasing the size of its logo and changing some of its ad links to make its own branding clearer. "It doesn't do any good to mislead or deceive consumers," the spokesman said. "You can't brand if you're confusing customers."

Even if you don't lose money on these scams, you may lose out on hotel loyalty points or other perks-and special requests for bed configurations or disability access may not find their way to the hotel, AHLA warns.

If you do think you've been scammed, contact your bank and credit card company immediately, Tanenbaum says. And the next time you're booking a hotel room, take these precautions to protect yourself.

Check the Booking Site's URL

When booking a hotel, check the website's URL carefully. Legitimate hotel sites generally will begin with the characters "https://"-with the "s" denoting a secure site-rather than just "http://," according to the AHLA. Tanenbaum also recommends that consumers look for the lock symbol in the upper left hand side of the search bar, a sign that denotes the site is secure.

If there's a website that does not have the locked symbol or an "https" in the web address, do not do business there, Tanenbaum warns: "I'd never put secure credentials [credit card information, a password, or any form of identification] into it."

Also avoid booking with websites whose URLs contain vague names that you don't recognize, such as "national reservation center," after the hotel's name, according to the AHLA. These sites are likely using the hotel name in the URL to make it seem that they are the official hotel website.

Know When You're Making a Nonrefundable Payment

Be wary of sites that charge for rooms in full, in advance-and be especially careful with sites that do all of this without your express authorization, the AHLA says. Most legitimate hotels will take your payment information and charge you when you arrive, or perhaps charge a deposit to hold the room. Some may also offer price breaks for payment in advance. But either way, at the time you are booking, the sites should clearly and transparently communicate when the payment is due.

No matter when you're making a payment, always use a credit card for a hotel booking. Credit cards generally offer more fraud protection than debit cards; you can usually work with the credit card company to recoup your money if there is a scam afoot.

"It's still better to use your credit card than your debit card," Tanenbaum says.

Ask Questions

If you have any doubts about the site you're using, call it directly, using any customer service number it provides, and ask to speak to the local staff. Ask questions that only legitimate front desk staff would be able to answer, the AHLA suggests-like recommendations for local restaurants and attractions. "The actual hotel should be able to provide this information, a third-party call center won't," the AHLA says.

Even if you don't reach out to the hotel while you're booking, it's worth contacting the property before you arrive. You can call or send a short email to the hotel confirming your reservation. This will help you avoid showing up to a completely booked hotel with no reservation on file.

(23rd December 2017)

(Action Fraud, dated 13th December 2017)

Individuals and businesses are being warned to watch out for cold calls and online contact from fraudsters who are offering victims the opportunity to apply for Government grants for an advance fee.

To make the grants look legitimate fraudsters have set up bogus companies and convincing looking websites that claim to be operating on behalf of the UK Government.

Fraudsters cold call businesses and individuals offering the grant and if they're interested direct them to fill out an online application form with their personal information.
Once the fraudsters have that information they'll contact back victims and congratulate them on being accepted onto the grant programme.

Pre-paid credit cards

Applicants are then asked to provide identification and are instructed to get a pre-paid credit card to deposit their own contribution to the fake Government grant scheme. Fraudsters will then contact victims on the phone or are emailed and asked for the details of their pre-paid credit card and copies of statements to in order for them to add the grant funds.

Of course the grant funds are never given by the fraudsters and the money that's been loaded by the victim onto the card is stolen.

If you receive one of these calls, hang up immediately and report it to us. We've already taken down one website fraudsters have been using to commit this fraud and are working with Companies House to combat this issue.

How to protect yourself:

Be wary of unsolicited callers implying that you can apply for grants. You should never have to pay to receive a government grant, and they definitely won't instruct you to obtain a pre-paid credit card. The government should have all the information they need if a genuine grant application was submitted, therefore any requests for personal or banking information either over the phone or online should be refused.

What to do if you're a victim:

- If you think your bank or personal details have been compromised or if you believe you have been defrauded contact your bank immediately.

- Stop all communication with the 'agency' but make a note of their details and report it to Action Fraud.

- If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting or by calling 0300 123 2040.

The information contained within this alert is based on information from gathered by the National Fraud Intelligence Bureau (NFIB). The purpose of this alert is to increase awareness of this type of fraud. The alert is aimed at members of the public, local police forces, businesses and governmental agencies.

(23rd December 2017)



(First for Women, dated 9th November 2017 author Jaclyn Anglis)

uaware comment : Yes I know this is a US article, but the scam is transportable globally !

Full article [Option 1]:

Heads up, Aldi shoppers: There's an Aldi coupon scam making the rounds on the internet, and it's important that you don't fall for the convincing fraud. The latest fake coupon, circulating on Facebook, includes a link to an illegitimate website and claims to give away $40 to anyone who completes the survey.

"Hey ALDI fans! Looks like another fake ALDI coupon is making its way around the internet," Aldi said in a Facebook post earlier this week. "We're sorry for any confusion, but we don't offer electronic coupons and they won't be accepted at our stores. We're currently working on fixing the situation, but we'd love your help. Feel free to share this post to help us spread the word."

(Birmingham Mail, dated 7th November 2017 author James Rodgers)

Full article [Option 1]:

The £250 vouchers doing the rounds on the widely-used messaging service are nothing but a scam, experts have warned.

Those regularly using WhatsApp to message friends and family are now being told to be vigilant.

Fraudsters are sending out fake Marks & Spencer, Tesco and Asda vouchers on WhatsApp.

Asda supermarket has issued confirmation, telling customers the vouchers are bogus.
(Country Living, dated 3rd November author Jessica Mattern)

Full article [Option 1]:

With the holiday season just around the corner, get ready for an influx of scams targeting holiday shoppers online. In fact, there's one circulating right now that's affecting IKEA fans overseas.

The new scheme is tricking WhatsApp users into turning over their personal information in exchange for a fake store coupon, according to the Gulf News Society. On the messaging app, users are seeing a fraudulent message that claims IKEA is celebrating its 75th birthday by giving away $500 vouchers

(London Evening Standard, dated 30th November 2017 author Justin Davenport)

Full article [Option 1]:

Londoners are falling victim to at least 3,500 cyber fraud attacks a month, police revealed today.

Scotland Yard warned that the scale of the problem could be far greater because such offences were "vastly under-reported".

The Met now says it wants to encourage stronger links with private sector volunteers to combat cyber crime.

Detective Chief Inspector Gary Miles, head of the Falcon cyber fraud unit, said one of the most prolific scams was online advertising fraud offering non-existent properties for sale or rent.

Others include romance frauds - tricking people into meeting their "perfect partner" through dating websites - and identity frauds, where criminals use victims' details from social media. Individuals and businesses also face phishing emails, ransomware attacks and more complex hacking raids.

Mr Miles said his detectives were investigating about 1,000 "volume fraud" offences and around 130 more complex cases. He added: "We are getting about 3,500 victim reports a month, but we think this is vastly under-reported."

Last month, a gang investigated by the unit was jailed for using the bank details of hundreds of students to carry out a £2 million mobile phone fraud.

Ringleader Jonathan Boorman, 32, of Bath, and six others, including five from London, set up fraudulent phone contracts with the personal details.

Detective Chief Superintendent Mick Gallagher, head of the Met's Organised Crime Command, today said the force already has "a lot of expertise that comes in through police volunteers".

He added: "We have people from the banking sector working alongside my officers to investigate economic crime and we want to replicate that with cyber investigations."

Mr Gallagher said the Met also wanted to recruit people straight from university to tackle the fraudsters. "Some criminal individuals have a high level of sophistication and are clearly very knowledgeable - our challenge is to raise our knowledge and skills above theirs to deal with them," he said.

He added: "We do work in a clandestine way within the dark web to make sure that Londoners stay safe."

Police are also aiming to raise awareness about how to avoid becoming a victim of cyber fraud. Mr Miles said: "We want to get people to think of their online security in the same way they think about their physical security.

"There are simple measures people can take, such as going to the Get Safe Online website and learning about how to improve passwords."

Online fraud is now the most common crime in the UK, with more than 5.5 million offences each year.

(1st December 2017)

(CBS New York, dated 12th November 2017)

Full article [Option 1]:

uaware comment : You never know, this may end up being a US fraud import !

Federal officials in New Jersey warned Sunday night that scammers claiming to be from the U.S. Marshals service are telling people they missed jury duty and must pay a fine.

The FBI Philadelphia and Newark divisions and the New Jersey district U.S. Marshals service said the callers pretend to be law enforcement or court officials.

The scammers say they are with the U.S. Marshals service, the local county sheriff's department, or another law enforcement agency. They accuse the call recipients of failing to appear for federal or local jury duty and warn that an arrest warrant has been issued.

The intended victim is told he or she must pay a fine and report to court. To settle the fine, the scammers instruct the person to buy a prepaid debit card and give them card information.

Recent reports indicate the scammers have been targeting New Jersey residents. Various recipients of the scam have been documented in other states, officials said.

The FBI and the U.S. Marshals Service advised people that they should:

- Always be suspicious of unsolicited calls;

- Never give money or personal information to someone with whom you do not have ties and did not initiate contact;

- Trust your instincts - if a caller pressures you or says things that do not sound right, hang up;

- If concerns remain about the caller's claims, verify the information with local law enforcement or court officials.

(1st December 2017)

(Birmingham Mail, dated 14th November 2017 author James Rodgers)

Full article [Option 1]:

Young adults' willingness to share personal information with others online could be putting them at greater risk of fraud, a report warns.

While older people are often seen as less tech-savvy, potentially putting them at greater risk of fraud, NatWest found that less cautious behaviour among those aged 18 to 24 years old in particular could be making them vulnerable.

NatWest, which commissioned think tank Policy Network to look into financial fraud trends, found more than 80% of young adults in this age group are willing to share their email address online with their friends, and as many as 29% are willing to share their mother's maiden name - a commonly used security question.

This contrasts with just 60% of over-55s willing to share their email address, and only 12% willing to share their mother's maiden name.

The report was launched at a fraud summit being held by NatWest.

David Lowe, NatWest's head of fraud prevention, said traditionally the view has been that older people are most at risk from financial fraud.

He said: "Whilst fraud is still prevalent in this age category, we are seeing an increasing trend in younger 'digital natives' falling victim to online fraud."

Matthew Laza, director at Policy Network, said: "We need to ensure that today's school children don't become another 'generation scammed'.

As more and more of life moves online this is a real danger for the future.

"Which is why we believe every UK school child should have completed a fraud and cyber security course by the time they leave school, so we can have a generation digitally ready."

Research for this report involved a review of available data on fraud and scams, analysis of YouGov survey data, and interviews with fraud experts.

(1st December 2017)

(Which?, dated 7th November 2017 author Stefanie Garber)

Full article [Option 1]:

Thousands of people and businesses have been tricked into transferring just over £100m to scammers in the past six months alone, new data shows. But proposals from the Payment Services Regulator (PSR) may offer more consumers a way to get their money back.

Which? has been campaigning for over a year to protect consumers from bank transfer scams. The PSR has now unveiled new measures to reimburse victims and prevent fraud, as well as data that for the first time reveals the full scope of the problem. This means that victims of bank transfer fraud - which has become the second biggest type of fraud (after card fraud) may soon have the chance to get their money back

£100m lost, just 25% recovered

Bank transfer fraud happens when a person is tricked into transferring money into a scammer's account - either buying something that don't exist, or being misled about the recipient's identity.

The PSR has today released figures that reveal the scale of the problem for the first time. In the past six months alone, over £100m was transferred to scammers by people in the UK, according to data from UK Finance.

Of this, around £25.2 million was recovered - meaning just £1 in every £4 lost to this type of fraud has been paid back to victims.

In the six month period, around 19,370 cases were recorded. On average, individuals lost around £3,027, while businesses lost £21,477.

Bank transfer fraud at a glance (Figures from UK Finance, November 2017)

- Amount transferred to scammers in past 6 months : £101.2 million
- Cases in the UK in the past six months : 19,370
- Average loss per person : £3,027
- Average loss per business : £21,500

Unlike credit or debit card frauds, people who are tricked by a bank transfer scam currently have no legal right to get the money back from their bank. If the money cannot be recovered from the recipient's account - and often, funds are immediately withdrawn or sent offshore - then you may have little recourse to get your money back.

PSR proposes reimbursement scheme

Which? launched a super-complaint to the PSR on 23 September 2016, calling for the regulator to investigate whether banks were doing enough to protect consumers from bank transfer scams.

The PSR today released its full report, and launched a consultation into a contingent reimbursement scheme.

Under the proposal, victims would be entitled to a refund from their bank in certain circumstances. Stakeholders, including consumer groups and banks, have been invited to respond within the next three months. If the scheme were implemented, the PSR expected it would be in place by September 2018.

Industry makes progress on prevention

The PSR also provided an update on the banking industry's progress towards better fraud prevention and protection for customers.

UK Finance has published a set of best practice standards, which its members have agreed to fully implement by the end of Q3 2018.

From 2018, banks will improve their information sharing, and financial crime data sharing. The Joint Fraud Taskforce, of which UK Finance is a part, is also developing a framework to allow stolen funds to be tracked across payment systems, frozen and then returned to victims.

The PSR also noted that the industry had made positive steps towards fraud prevention, including towards the development of a 'confirmation of payee' tool. This would raise an alert if the name entered as the payee in a transaction didn't match the account details. The tool is expected to start rolling out during 2018.

###Which? welcomes reimbursement plans

Since filing its super-complaint, Which? has called on the PSR and the banking industry to show progress on tackling transfer fraud.

Which? welcomed the PSR's latest proposals, but called for the banking industry to move quickly to protect consumers.

Which? CEO Peter Vicary-Smith said: 'A year on from our super-complaint, it's good to see the regulator coming down on the side of consumers. If this stops the huge amounts of money lost to bank transfer scams, it'll be a significant win.

'To make this a reality, the regulator must now ensure any reimbursement scheme properly compensates victims. Meanwhile, banks must move to quickly put in place better checks and protections to prevent these scams happening in the first place."

(1st December 2017)

(INC, dated 29th November 2017 author Joseph Steinberg)

Full article [Option 1]:

Criminals are exploiting the news that Uber suffered a serious data breach to inflict more harm on Uber customers. As if it the pilfering by hackers of the names, email addresses, and mobile-phone numbers of 57 million customers of the ride service as well as the driver's license numbers of 600,000 Uber drivers was not bad enough, criminals are now crafting sophisticated phishing emails that prey on the same group of people.

There are multiple variants of the scam -- and surely more to come.

Various realistic-looking phishing emails appear to come from Uber and apologize for the breach. Some request that the user reset his/her password so as to ensure that any passwords compromised in the breach cannot be used by criminals. This may appear to be sound advice - and it actually might be if it were not for the fact that the password reset link provided in the email directs clickers to a bogus Uber site run by criminals in order to collect passwords. Of course, the site asks you to enter your "old password" along with your desired new password.

Another variant of the phishing email contains a profound apology for the breach, and offers the customer a $50 credit towards rides on Lyft, Uber's main competitor in many markets. While anyone who spends a moment thinking about the offer should realize that it is likely bogus - why in the world would Uber be both providing its primary competitor with revenue and directing its already upset customers to that primary competitor - people have a tendency to act without thinking when offered "free money" which they think may no longer be available if they do not act quickly.

Other variants of the phishing scam already exist, and more will continue to appear in the upcoming weeks.

So, if you are an Uber customer -- or ever were an Uber customer -- stay vigilant and suspect that any emails that you receive either asking you to take action to protect your Uber account, or promising you compensation for the breach, are likely scams. Of course, it is a good idea to change your Uber password - but do so by using the app on your phone, not by clicking links in an email that was sent to you by someone of whose identity you simply cannot be certain.

(1st December 2017)

(Mirror, dated 14th November 2017 author James Andrews)

Full article [Option 1]:

A new warning has been issued about a convincing scam email pretending to be from TV Licensing.

Action Fraud has warned that it's had more than 200 reports of the new scam, adding that TV Licensing would never email to tell you you're due a refund.

Instead, the scammers are simply trying to get you to enter your bank account details.

The worrying thing is that there are actual refunds available for some Britons - with £37 back a real possibility - something scammers are trying to exploit.

t's a lie. There is no refund available and even if there was, TV Licensing simply doesn't email people telling them they are due refunds.

"A small number of our customers have received scam email messages saying they are due a refund. A link directs customers to a fake version of the official TV Licensing website which asks them to enter personal information and bank details," TV Licensing warned .

"If you receive a similar email message, please delete it. If you have already clicked the link, do not enter or submit any information. TV Licensing never sends refund information by email and is investigating the source of this fraud."

But while this email is fake, there are ways to pay less for a TV Licence.

As TV licences apply to addresses, not individuals, as long as someone qualifying for a discount lives at your address and the licence is in their name, the whole house benefits.

So who gets a discount? Well, older Britons don't need a TV licence.

That means when you reach the age of 75, you can apply for a free over 75 TV Licence . They last 3 years and will be sent out provided you give them your national insurance number. In fact, if you're 74, you can even apply for a short-term licence to cover up up until your 75th birthday.

Secondly, while it's not free, but anyone who's blind (severely sight impaired) can get half price TV licences . Again, this means the rest of the house is covered too.

If you're renting, you don't need a separate TV licence for your room if you have a relationship with the homeowner (and live in their main house) or a joint tenancy agreement - but do need one if you have a separate tenancy agreement for just your room.

There are also other times you might be able to get money back on the £145.50 - for example if you're a student you can get a £37 refund .

(1st December 2017)

(Mirror, dated 14th November 2017 author Emma Munbodh)

Full article [Option 1]:

Christmas shoppers are being warned to think twice before entering sensitive details online this season following a rise in the number of fraudulent Pandora websites selling counterfeit goods on the internet.

The online pages, which offer up to 70% reductions, are uncannily like the official online jewellery store, however, hand your details over and you could be left hundreds of pounds out of pocket, or at best, with a fake item.

This includes one page called pandorasukonline which has since disappeared online.

On Facebook, a customer reported that they'd ordered several charms at a total price of £235 from the website on 10 October 2017.

On later inspection, the shopper discovered they'd been billed £265 instead, to date, the items have still not arrived.

Facebook page Pandora Scam Sites first warned of the rogue website last month. It shared a list of several more sites to watch , which it alleged were all 'scams'.

Hundreds more have also since been shared on the official Pandora Facebook page (see below) - with customers being warned to check here if they are suspicious .

Head of Group Press. Martin Kjærsgaard Nielsen told Mirror Money: "At Pandora we are full aware that there are dark forces out there who seek to exploit and misuse our strong brand with counterfeit jewellery.

"This is obviously completely unacceptable and we are taking and will continue to take necessary measures to end this practice. We closely monitor the situation as it is important for us to protect our brand.

"Ultimately, it is a matter for authorities to enforce the legislation that protect our legal rights, which in turn will prevent consumers from ending up with fake and counterfeit jewellery."

*******The orginal article provides details of some BOGUS "Pandora" websites ********

Spot the signs - how to tell if a website is genuine

Action Fraud, the government's anti fraud body, has identified a number of preventative steps for customers shopping online this Christmas.

In a statement, detective inspector Chris Felton told Mirror Money: "As with any online shopping, we would urge people to research a seller before paying any money. Search for reviews from people who have previously purchased from the seller and check the item description carefully. If you are unsure, ask the seller questions.

"To protect your money until you've resolved any problems with the seller, always pay suing a recognised service; never pay by money transfers."

- If something seems too good to be true, it probably is. Don't be fooled into thinking you're getting a great deal.

- Get the trader to tell you if they provide an after-sales service, warranty or guarantee. Most rogue traders don't.

- Make sure you understand how the website's feedback function works. Feedback will give you useful information about recent transactions other buyers have made.

- Check the item's description carefully - ask the seller questions if you're not sure of something.

- Be aware of phishing emails that look like they come from the online auction or payment site you're registered with, asking you to update your account details or re-enter them because your account has been suspended.

- Check the URL in the web browser. A tactic often used by fraudsters is to change the address very slightly (if they're spoofing an eBay site, for instance, they may have an address such as '. . .' whereas the real site is '. . .')

- Read the terms and conditions carefully, including those relating to any dispute resolution procedures the site offers.

- Run the site through a search engine - often if a site is suspicious, there'll be people talking about it online.

As a buyer you should:

- Try to avoid paying by money transfers - they aren't secure.

- Be careful when using direct banking transactions to pay for goods. Make sure transactions are secure.

- Don't send confidential personal or financial information by email.

- Use an online payment option such as PayPal, which helps to protect you.

I've been caught out - what should I do?

- If the seller has misrepresented the goods you've bought or your goods have failed to arrive, report the incident to Action Fraud .

- If you have passed on your personal banking details or any sensitive information relating to money, inform your bank immediately.

- Keep all evidence of the offence, including goods and correspondence.

- If there is a business dispute over the nature of the transaction, contact the website involved. Or, you can alert Consumer Direct by phone on 08454 04 05 06.

What Pandora says

In a statement on the Pandora Facebook page, the firm states the following in relation to counterfeit goods:

"As soon as a brand becomes popular you will see counterfeits multiply. Copies and fake products are unfortunately a challenge for Pandora - just as it is for most other jewellery manufacturers. Jewellery is easy to copy because of its size and character, and that unfortunately also goes for the lettering, e.g. our marker's mark "ALE" or our trademark "Pandora", which otherwise show customers that the product is authentic.

"This means that you can easily find products that have this stamp, but which is most definitely not authentic Pandora. Rest assured that we do not tolerate such counterfeits and take appropriate action.

"PANDORA takes trademark infringement very seriously and we have a department dedicated to brand protection. Unfortunately, it is not always easy to shut down a website, and the process can take some time if the company hosting the website will not cooperate.

"We are also working with Facebook to find a solution to stop fake sites advertising. Many fake websites and Facebook pages are daily being closed down."

The statement adds that customers suspicious of any websites should send the address and Facebook URL to its Brand Protection team:

(1st December 2017)

(The Motley Fool, dated 15th November 2017 author Matthew Cochrane)

Full article [Option 1]:

uaware comment :
okay, I have done it again, I have provided a US article. My defence is that it explains the problem and possible prevention. Take heed !

While there are many advantages to living in a digital world, the connected life also has its drawbacks. One of the biggest disadvantages is that it gives fraudsters numerous opportunities to gain access to our personal identification. Last year alone, 15.4 million consumers were the victims of identity theft, a 17.5% increase from the previous year. With this information, thieves can open new accounts in our names, steal from our existing accounts, and use it as a veil of authenticity during the commission of scams.

Fraud and identity theft have become a fact of life in today's world. This year, when the Global Fraud Index was released, one statistic stood out more than any other: Account takeover fraud skyrocketed by more than 45% year over year in 2017's second quarter and cost merchants a whopping $3.3 billion in that three-month period. While exact figures are extremely difficult to come by, other studies confirm the overall trend. Javelin Strategy's 2017 Identity Fraud Study, released in February, reported account takeover incidents increased by 31% in 2016 with consumer losses reaching $2.3 billion, a 61% increase from the previous year.

As an economic-crimes detective, I see the financial pain and emotional stress this type of crime causes firsthand. And while this type of fraud has always been rampant, my own experience confirms the research results: This type of fraud isn't going away and only seems to be growing more common.

What is account takeover fraud?

Account takeover fraud occurs when criminals gain access to victims' bank or credit card accounts and then make unauthorized transactions on the account. While this encompasses credit card fraud, when someone uses your credit card number to make a purchase, more insidious versions of this crime go deeper. After all, consumers enjoy far-reaching protection against permanent monetary loss when they are victims of simple credit card fraud, but bad cases of account takeover fraud can involve far more.

I've seen cases where suspects gain access to a victim's banking account and promptly change the account holder's phone number, physical and email address, and online password. The legitimate account holders are effectively locked out of their own accounts, ensuring that they will no longer even receive texts or emails alerting them to the suspicious activity.

How account takeovers happen

Consumer information can be stolen in a variety of ways; some of the most common methods of stealing data include malware, phishing, and data breaches. Indeed, it seems hardly a month goes by without another data breach at a major corporation where millions of consumers' payment information was stored. Earlier this fall, the data breach at Equifax was nearly unprecedented in scope and breadth, affecting 143 million Americans.

Phishing and malware attacks are also on the rise. Symantec estimates that 54.3% of all email is spam and that there are nearly 1.6 million blocked Web attacks each day. In June, the company stated that phishing attacks increased to about one out of every 1,975 emails. With massive, high-profile data breaches making the news and phishing and malware attacks rising, the increase in account takeovers doesn't seem poised to slow down anytime soon.

What you can do to protect yourself

There is no silver bullet to stop fraud. With these types of attacks on the rise, it's almost inevitably just a matter of time before we're all victimized. We can, however, take definitive steps that will decrease our exposure to being targeted and mitigate the severity of the incidents when they take place.

1. Develop strong and unique passwords across all of your accounts. When most of us hear of a data breach that might directly affect us, we immediately fear the theft of our personal identification, including our name, address, date of birth, and Social Security number. What many of us fail to consider is whether we've used a password for that account that we used elsewhere.

Unless one is unusually savvy with memorizing odd word combinations or develops a highly sophisticated system, using unique, strong passwords (using letters, numbers, and symbols) across every single site where an account is kept is almost impossible. That's why I strongly suggest using software or websites that are designed to do this very thing. Doing so saves people the headache of performing this Herculean task on their own. Although most of these cost money, some will run their program across one device for free. A few things to look for when researching these services include two-factor authentication, automatic password capture, form-filling capabilities with multiple form-filling identities, and secure sharing.

2. Always pay with a credit card. Frank Abagnale Jr., the former conman turned security consultant made famous by the movie Catch Me If You Can, tells clients he removes 99.9% of all fraud risk by using credit cards. Why? Because consumers are limited to $50 of liability when credit card fraud is reported in a timely manner. That's far more legal protection than any other payment method offers. Likewise, consumers are in a position of strength because they're never without the money in their banking accounts; they're merely arguing over how much money they owe their credit card company.

3. Avoid writing personal checks whenever possible. Think about the most damaging information that could be leaked to potential thieves and fraudsters and then consider what's printed on the front of your personal checks: your name, address, banking institution, routing number, and bank account number. That's a treasure trove of information for anyone wishing to defraud you. For this reason, if at all possible, only write checks to trusted friends or family members. Otherwise, run to the ATM for a quick cash withdrawal if you can't pay with a credit card, or use a digital payment service such as PayPal or Venmo.

4. Monitor your accounts closely. Finally, make sure you keep tabs on all of your accounts -- checking, savings, brokerage, credit card -- and immediately report any suspicious activity. Regularly make sure your account contact information is up to date and correct. Even watch out for small charges that almost seem inconsequential at first. Many times, fraudsters will use the account for small transactions first to ensure the information they have is working.

Account-takeover fraud can be draining affairs -- both financially and emotionally. But people who take these steps stand to be affected much less if they're victimized.

(1st December 2017)

(BBC News, dated 3rd November 2017)

Full article :

The organisation at the frontline of UK consumer protection says it is seeing a pattern of "old scams, new tricks".

National Trading Standards (NTS) said that while online crime was a growing problem, time-honoured fraud methods would not disappear any time soon.

It said many people were still hounded by cold callers, scam mail and doorstep criminals.

Criminals were also using smart TVs and voice-activated home devices to steal data, its Consumer Harm Report warned.
'Challenging times'

NTS, which was set up by the government in 2012, said 2016-17 had been a record-breaking year, with 104 criminal convictions.

However, it said criminals were using new tactics to avoid detection, such as mail arriving via third-party countries and the use of blank envelopes, so that people had to open them to find out what they contained.

In its annual report, it listed the potential emerging threats to consumers over the coming year, including:

- Continued manipulation of online ticket retail sites by scammers and organised criminals

- The growth of social media as a selling platform, putting consumers at risk of intellectual property crime and product safety issues

- The risk posed by connected devices such as smart TVs and home assistants, which may leave consumers open to data theft

- Increasing sophistication of doorstep criminals who use websites, social media and fake reviews and are increasingly part of larger organised crime groups.

"An evolving criminal landscape does not mean the more traditional scams will disappear," it said.

"Instead, National Trading Standards is seeing a trend of criminals diversifying and adapting their current schemes, evidenced in mass marketing mail scams.

"Additionally, more scams are originating abroad, with criminals concealing the payments they're receiving from their victims through payment processing companies," it said.

But it said its actions had prevented nearly £127m in losses to consumers and businesses during the year.

Lord Toby Harris, who chairs the NTS, said: "Our teams are operating in an ever-evolving criminal environment. Consumer protection bodies are facing changing and challenging times."

He also praised the efforts of the public, who were "pivotal" in reporting crimes and supporting the NTS's work.

"So together, we continue to work to disrupt, investigate, prosecute and keep people safe."

(1st December 2017)

(Independent, dated 8th November 2017 author Aatif Sulleyman)

Full article [Option 1]:

Internet users are being targeted by a fake email claiming to have been sent by Amazon.

The scam message features the company's logo and even social platform icons, and has been carefully formulated to look as official as possible.

However, it's designed to trick you into giving out your personal details and visiting malicious websites.

The fake email, which was first spotted by Better Business Bureau, claims that Amazon can't confirm some of your personal details, such as your identity, payment information or address.

It asks you to update your information by clicking a link, which looks a lot like the gold-coloured buttons that feature on the Amazon website.

Despite its convincing appearance, you should not click it.

Doing so won't take you to Amazon, but to a third-party website that could try to steal your sensitive data by infecting your computer with malware.

Action Fraud has also noticed the scam, and is advising people to log in to the Amazon site directly, rather than risking your safety by engaging with the potentially dangerous emails.

"Amazon will never ask for personal information to be supplied by e-mail," the company says.

"Emails from Amazon will never request you to update payment information via a link. Instead, we would include instructions on how to verify your account information, including payment options, through the website."

Amazon says it would also never ask for your National Insurance number, your bank account information, credit card number, PIN number, or credit card security code, your mother's maiden name or other information to identify you, or your Amazon account password over email.

You can report a scam email to Amazon by following the instructions on the company's help page.

(1st December 2017)

(Which?, dated 4th November 2017 author Faye Lipson)

Full article [Option 1]:

UK victims of May's Equifax data breach have been left confused and panicked by a letter from the firm which says their personal information has been compromised - but doesn't say what Equifax is or why it holds their data.

Which? has heard from dozens of people who received the letter and were confused by it - with some fearing it to be a scam - because they have never heard of or directly dealt with Equifax before.

Equifax has now confirmed that only 27,000 of the nearly 700,000 people it has written to were its direct customers - and the rest may previously have had no inkling they were affected by the breach.

Equifax data breach: 15.2m Brits affected

In May this year, Equifax announced its data had been access by hackers in a cyber-attack. Some 15.2 million UK client records were compromised and more than 690,000 UK consumers are likely to have had sensitive details stolen.

These include email addresses, passwords, driving license numbers, phone numbers and partial credit card details.

Equifax is now writing to those worst-affected UK individuals to offer a choice of free ID-monitoring services.

Why does Equifax hold data for non-customers?

Equifax has confirmed that just 3% of the worst-hit victims were its direct customers.

How is this possible? As a credit reference agency, Equifax receives personal data from banks and financial institutions whenever someone applies for a bank account, mortgage or credit card. Consent for this is usually included in the application terms and conditions.

This means Equifax may hold data on you even if you've never dealt with it directly. Others will have transacted with Equifax by purchasing a credit report or identity monitoring services from it.

Victims express confusion, fear of further scams

Which? has seen evidence the letters are causing widespread confusion among the victims. One person who'd had their name, date of birth and telephone number compromised emailed us:

As far as I am aware I have never used this organisation, they now advise me to use their "free" services to help protect myself. If they are so incompetent in the first place to have been the subject of a cyberattack why should I trust any of the services they recommend.

Is this a scam on top of a scam?

In addition, the Which? Money helpline has fielded more than 25 calls so far this week from people concerned by the letter.

Technical expert and Trading Standards 'Scambassador' Scott McGready took to Twitter to blast the way Equifax has handled informing the public, branding it 'Like herding cats,' and insisting that 'more needs to be done'.

Which? asked Equifax to comment on the apparent confusion its letter had caused, but it declined to do so.

------------- See orginal article to view the Equifax letter --------------

How to verify your letter?

If you receive a letter regarding the Equifax data breach, and you're not sure if it's genuine, look up Equifax's number independently via a search engine or directory enquiries. Then give them a call to confirm the letter is genuinely from them.

Should I accept the free identity monitoring services?

If your data has been breached, you may be at heightened risk of identity fraud. To combat this, Equifax is offering its worst-affected UK customers free services which monitor how your identity is being used online - some of them run by Equifax itself, and one run by anti-fraud body Cifas.

If you are concerned about the security of Equifax's own products, you can opt to be enrolled in Cifas's Protective Registration scheme - however you will still have to give some personal information to Equifax so it can enrol you for free.

It is possible to enrol directly through Cifas, though this will attract a £20 charge (for two years' cover).

Which? tips for surviving a data breach

If you believe you've been a victim of a data breach, take the following steps to protect yourself:
- Contact your mortgage, current account and credit card providers to make them aware of the potential breach.

- Change your passwords on any online accounts holding sensitive information.

- Check your credit card statements and credit reports for unusual or unauthorised activity. Report any discrepancies to the provider immediately.

- Apply for protective registration from CIFAS - the Fraud Prevention Service. This will trigger additional checks any time someone tries to open a financial product in your name.

- Be extra-vigilant against phishing messages.

- Our (Which?) consumer rights guide explains how to spot a scam message.

(1st December 2017)

(Daily Mail / This is money, dated 7th November 2017 author Victoria Bischoff)

Full article [Option 1]:

Banks are working on plans to track down stolen money and return it to fraud victims within days.

They are setting up a new system that allows them find out where a payment has ended up - regardless of how many bank accounts the money has been moved through.

It means fraud victims will stand a far greater chance of getting back the cash they've lost.

Yesterday, new industry figures revealed for the first time the scale of bank transfer scams where con artists trick victims into handing over money.

In the first six months of this year 19,000 people were hit by this type of fraud, losing £101million. Just £25million, a quarter of the stolen money, was returned to customers.

Most victims are left permanently out of pocket because banks struggle to trace the stolen funds.

When a fraudster tricks someone into handing over cash, it is typically moved out of the receiving account and into another one within minutes.

From there it will be moved again and again through different accounts - known as mule accounts - with different banks.

It may be mixed with other money, some of which may be completely unrelated to crime, until it is almost impossible to work out where it originally came from.

The criminal will then withdraw the funds in cash, transfer the money overseas or use it to make a purchase.

At that point, your cash is usually gone for good - and banks won't offer a refund - which is why it is vital to track it down before it leaves the banking system.

A new digital tracing tool, which banks are calling the 'funds repatriation initiative', will make this possible.

Brian Dilley, group director of fraud & financial crime prevention at Lloyds Banking Group, says: 'The banking industry has been working together to develop a central system that enables us to trace and track the proceeds of fraud through the banking system.

'Money stolen by fraudsters often exits the banking system and is long gone before people know they've been conned, but an infrastructure allowing banks to identify money quicker as fraudsters try to move it down the line will make it harder for them to get away with stolen cash and help victims get their money back.'

At present, when a victim of fraud contacts their bank for help getting their money back the bank can only see the first account the money was moved into.

If the bank that received this money says it has already been moved out of the account there is little, if anything, they can do.

But under the new system the victim's bank will be able to enter the payment details into a central computer that will show almost instantaneously every account the money has moved through since it was stolen - and crucially, where it ended up.

Once they know what bank has the money they can call and ask for it to be frozen so fraudsters can't touch it again.

If the case is simple and does not involve foreign bank accounts, the money could be transferred back to the victim within days.

In more complicated scenarios the bank may need longer to investigate to ensure the money is going back to the right owner.

Experts say this new system could protect significant numbers of customers and prevent millions falling into fraudsters' hands.

As Money Mail has highlighted over the past two weeks, around £130million has been frozen in accounts opened by criminals.

Often, this money has been abandoned by fraudsters after banks have become suspicious and flagged the account for investigation.

In many cases banks are then unable to return the cash to the victim either because they can't trace where the money came from or are prevented from touching it by onerous rules and laws.

Money Mail is campaigning for a tweak to the law so this cash can be used to pay back fraud victims who've been left out of pocket.

If the original victims can't be found, banks should be allowed to use it as a compensation fund for other victims.

Barclays, HSBC, Santander, Nationwide and TSB have backed our campaign.

And over the past week Money Mail has convinced Lloyds bank to throw its full weight behind our proposals.

Initially, it had suggested the money might go towards general efforts to tackle fraud rather than as compensation.

But now it says: 'Lloyds fully supports Money Mail's campaign to change the law and unlock all the £130million in the frozen funds to compensate victims of fraud.'

If it was easier for banks to trace money through the system this money wouldn't amass in the first place.

Writing for Money Mail today, Stephen Jones, chief executive of banking trade body UK Finance, says: 'We need changes to the law to help stop the criminals in the first place, as well as helping victims get their money back.

'That is why the UK banking industry welcomes Money Mail's campaign.'

Banks have already begun piloting this new technology and are aiming to move into a second phase of testing early next year.

They say that realistically the new system will not be fully up and running for another two years.

There are also questions around who will fund the system, how people's data will be protected and if it will be mandatory for all banks and building societies to sign up.

There are also legal and data protection issues to consider.

For example, banks say that there needs to be protection in place in the event that they take money out of someone's account to return to a victim and the owner of that account turns out to be innocent.

For example, the criminal could have used the money to pay their rent. In this instance the bank can't just take back the money from the landlord, who may be completely unaware they have been paid in criminal money.

There will also need to be a framework in place to deal with disputes when things go wrong.

Despite being a giant leap forward, the new system will not protect all victims, as it cannot stop fraudsters taking money out of the banking system altogether.

Yesterday, the Payment Systems Regulator announced plans to force banks to reimburse people where firms 'have not met the required standards' in protecting customers.

It also wants to make it harder for criminals to set up bank accounts and is asking banks to share data so it's easier to spot scammers.

(1st December 2017)

(BBC News, dated 7th November 2017)

Full article :

People who have been conned into authorising their bank to pay a fraudster could find it easier to get compensation, under plans being put together by the regulator.

The Payment Systems Regulator is trying to devise a way to reimburse victims of authorised push payment (APP) scams.

In the first half of this year, 19,000 victims lost £100m to APP scams.

One such, Kate Blakeley, described the "sheer horror" of discovering the loss of almost £300,000 through such a scam.

Ms Blakeley, who was in the process of buying a house with her partner, described her experience. She thought she was transferring money to the right account, but it was in fact one controlled by a fraudster.

"Everything had gone very smoothly," she said. "Our conveyancing solicitor provided details by email of the bank accounts to make the money transfers on the day of completion.

"We transferred just under £300,000 on the day and within about three hours, we realised the money had gone missing.

"The moment of realising the money hadn't arrived as intended with the bank account we sent it to, or thought we'd sent it to, was just sheer horror."

Ms Blakeley did get all the money back eventually, but lost thousands in solicitors' fees. The matter is still subject to a legal dispute.

'No silver bullet'

The PSR has been investigating APP scams following a super-complaint by consumer body Which?.

The regulator said "good progress" was being made in a number of areas and it hoped a compensation system would be in place by September 2018.

As well as starting to record and understand the scale of APP scams, the PSR will also introduce new standards for banks to follow when a victim reports such a scam, which should improve victims' experience and banks' response times.

However, PSR managing director Hannah Nixon warned that not every scam could be prevented.

"There is no silver bullet for APP scams, and some people will still, unfortunately, lose out," she said.

"That's why we've continued to look for a solution that could reimburse those who are scammed, and today we begin consulting on an option that we think could work."

She added that account holders also needed to take "an appropriate level of care" in protecting themselves.

How to protect youself against "push" fraud

When you transfer money from your bank account, you are asked to enter three pieces of information: the name of the payee, their account number, and the sort code. However, only the last two are cross-checked by the bank. So putting in the correct name is no guarantee that person will get the money.

Financial Fraud Action UK offers the following advice:

- Never disclose security details, such as your PIN or full banking password
- Don't assume an email, text or phone call is authentic
- Don't be rushed - a genuine organisation won't mind waiting
- Listen to your instincts - you know if something doesn't feel right
- Stay in control - don't panic and make a decision you'll regret

'Significant win'

The Financial Conduct Authority (FCA) has reviewed the way banks handle APP scams.

It found banks' procedures were inconsistent, their existing fraud detection systems could not easily detect APP scams, and they did not collect enough data.

However, the FCA considers the industry initiatives underway will help to tackle these issues.

Peter Vicary-Smith, chief executive of Which?, said: "It's good to see the regulator coming down on the side of consumers. If this stops the huge amounts of money lost to bank transfer scams, it'll be a significant win.

"To make this a reality, the regulator must now ensure any reimbursement scheme properly compensates victims. Meanwhile, banks must move to quickly put in place better checks and protections to prevent these scams happening in the first place."

(1st December 2017)

(The Telegraph - Money, dated 4th November 2017 author Amelia Murray)

Full article [Option 1]:

Experts have condemned the banking industry for its inconsistent approach in dealing with victims of "transfer fraud" - which is now one of the fastest-growing forms of financial crime.

The fraud usually involves email interception or some form of trickery, whereby the victim unknowingly sends money to a criminal's account. In many cases - but not all - where the recipient is proved to be a criminal, the bank that operated their account makes good the victim's loss.

Telegraph Money reported how David Burton and Derek Mackenzie were reimbursed by TSB after falling victim to eBay fraud, on the grounds that the bank allowed fraudsters to open accounts with false information (see box below).

Now, in a remarkably similar case, Nationwide has refused to pay back victim Balazs Kelemen the £8,700 he transferred into a fraudster's account operated by the building society. Mr Kelemen believed he was buying a BMW.

A police report later confirmed that a false Romanian ID card and counterfeit British Gas utility bill in the name of Constantin Chescu was used to open the Nationwide FlexAccount on Jan 10.

The criminal was apprehended and in May charged with "fraud in relation to opening accounts, using false identity documents and money-laundering, in relation to receiving victim's monies and subsequently withdrawing the funds". He was sentenced to 12 months in prison in July.

Mr Kelemen, 33, made two payments totalling £8,700 on Jan 23 and 24 to a firm called BC Motors, which turned out to be a fake website. He was one of 32 people who reported the company to the police.

When the car failed to materialise, Mr Kelemen, who lives in Southampton, realised the ruse.

But by the time he called his bank HSBC on Jan 31, the money had already been drained from the Nationwide account. Mr Kelemen also reported the crime to Action Fraud, the UK's cybercrime and fraud reporting service. Despite the conviction, Nationwide refused to accept responsibility for the fraudulent account. It insisted it was not negligent.

However, Richard Emery of fraud consultancy 4Keys International and an expert witness, argued that if the mutual had done its due diligence "properly" it would have spotted the documents were fake and the account would not have existed.

He said: "I don't accept the argument that the documents 'looked all right'. Nationwide has a moral obligation to refund the customer. Essentially its processes failed." A spokesman from UK Finance, representing banks, admitted fraudulent information could be "extremely difficult to detect".

Telegraph Money has long campaigned for the banks operating criminals' accounts to take greater responsibility for other, innocent users of banking services.

The Payment Systems Regulator, which oversees transactions, is issuing a report on Nov 7 on this issue. Last week Barclays became the first British bank to introduce pop-up windows that warn customers they may have been targeted by fraudsters when they make online payments that appear to be "suspicious or out of character".

And on Thursday Lloyds announced a new measure that would see its customers being prompted to answer additional security questions before setting up new online payments.

It was different with TSB: the bank acknowledged its role - and paid up

Earlier this year two fraud victims, David Burton and Derek Mackenzie, were refunded by TSB on the grounds that the accounts they transferred money into were opened with false information.

Mr Burton paid £3,400 to a fraudster on eBay for a non-existent motorhome in 2014. When it failed to turn up he contacted his own bank, Barclays, but the money had already been cleared from the TSB account.

Mr Burton also reported the crime to Action Fraud, which passed it on to the police for investigation.

A report from Bloxwich police revealed that fake details were used to open the account.

Following pressure from Telegraph Money, TSB admitted that the opening of the account did not meet its "strict anti-fraud requirements and ID checks". It refunded the £3,400 along with £250 compensation.

Mr Mackenzie got his money back from TSB on similar grounds after he transferred £7,858 to its criminal customer for a cherry picker he saw on eBay. A data disclosure from Devon and Cornwall Police revealed that the fraudster was able to bypass TSB's systems using a "made up" National Insurance number.

TSB agreed to reimburse Mr Mackenzie the full amount, along with £300 and interest.

(1st December 2017)

(The Guardian, dated 27th November 2017 author Vikram Dodd)

Full article [Option 1]:

Record numbers of young people are letting their bank accounts be used by criminals engaged in terrorism and other serious offences, it has been claimed.

The past year saw a 105% increase in cases of "money muling" for those aged 21 years or under, to 6,484 cases, where seemingly innocent bank accounts are used to launder criminal proceeds.

Simon Dukes, chief executive of Cifas, the UK's fraud prevention service, said: "The criminals behind money mules often use the cash to fund major crime, like terrorism and people-trafficking. We want to educate young people about how serious this fraud is in the hope that they will think twice before getting involved."

Cifas says there were 8,652 cases of bank accounts belonging to 18- to 24-year-olds being misused in the first nine months of this year, a 75% increase in the last 12 months. That is double the number in 2013 when there were 4,315 cases.

Experts say one fraud asks people to reply to job adverts or social media posts that promise big sums of money way in excess of the work that will be needed.

Katy Worobec, head of fraud and financial crime prevention, at UK finance, which represents banking and financial companies, said: "Money muling is money laundering and criminals are using young people as mules in increasing numbers. We know that students are particularly vulnerable as they are often short of cash.

"When you're caught, your bank account will be closed, making it difficult to access cash and credit. You could even face up to 14 years in jail. We're urging people not to give their bank account details to anyone unless they know and trust them. If an offer of easy money sounds too good to be true, it probably is."

(1st December 2017)

(FT Adviser, dated 4th September 2017 author Maria Espadinha)

Full article [Option 1]:

uaware note : Article forwarded via National Trading Standards alert 44

A number of suspected scam websites have been referred to The Pensions Regulator (TPR) over the suspicion they are being dressed up as legitimate investment vehicles.

The Pensions Regulator is warning rogue pension websites are carrying anti-scam messages to try to trick consumers into thinking they are legitimate entities.

This warning comes after the government announced it was introducing a cold calling ban, which will also include texts and email.

The new legislation will also include tighter rules to prevent the opening of fraudulent pension schemes and restrictions to prevent transfers into scam schemes.

According to experts, some of the new rules might be introduced as soon as this week in the second Finance Bill of the year.

The Pensions Regulator is currently leading the multi-agency Project Bloom taskforce, which was set up to tackle pension scams.

It includes the Department for Work & Pensions, HM Treasury, the Financial Conduct Authority, HM Revenue & Customs, the Serious Fraud Office, City of London Police, the National Fraud Intelligence Bureau, The Pensions Advisory Service and the National Crime Agency.

Some of the rogue websites are even carrying the Bloom campaign's anti-scam material without TPR's consent, the regulator said.

Some even imply they are regulated by carrying warning messages designed to prevent people falling victim to scams, such as making reference to the tax implications over accessing your pension before the age of 55 and the danger of cold-callers.

According to Lesley Titcomb, chief executive at TPR, "these sites are wolves in sheep's clothing, lying in wait for unsuspecting victims by portraying themselves as being beyond reproach".

She said: "The truth is that this next generation of scam sites poses a real threat to people's financial futures and should be avoided."

According to government figures, almost £5m was obtained by pension scammers in the first five months of 2017.

It is estimated that £43m has also been unlawfully obtained by scammers since April 2014, with those targeted having lost an average of nearly £15,000.

The regulator is working closely with government, enforcement agencies and key financial service bodies to bring scammers to justice and, through its Scorpion campaign, to help the public protect themselves from scams, Ms Titcomb added.

Malcolm McLean, senior consultant at Barnett Waddingham, said scammers "are pretty clever people" and savers "need to very wary".

He said: "It is very clear that the original messages [on scams] are applicable here - if someone contacts you out of the blue, without any approach from you in the first place, then you should be extremely suspicious and in most cases, do not deal with them at all."

Even after the ban on cold calling in implemented, saver need to continue to be cautious, Mr McLean said.

"The ban on cold calling is only going so far, the calls will still be coming in, it is just that it will be against the law to do that," he added.

Where the regulator finds such rogue websites, it will demand they immediately cease using material that TPR owns and will investigate with other agencies whether further action, such as legal proceedings, should be launched.

The regulator is also updating its own portal with more information on these rogue websites.

(1st December 2017)

(Cornwall Live, dated 22nd September 2017 author Graeme Wilkinson)

Full article [Option 1]:

uaware note : Article forwarded via National Trading Standards alert 45

People are being urged not to fall for this latest telephone scam, which is ingeniously simple and preys on our respect for authority and curiosity.

Alarm bells should ring as the scam begins with an improbable recorded-message from a man stating to be from HM Customs and Excise.

The call alerts the householder that the Government agency is poised to take legal action and then invites the listener to press a key to speak to the case manager. And there is the trick - if the householder presses a button, the call connects to a premium line from which the scammers make money.

The call alerts the householder that the Government agency is poised to take legal action and then invites the listener to press a key to speak to the case manager. And there is the trick - if the householder presses a button, the call connects to a premium line from which the scammers make money.

"This is a scam, if you also get this call don't press 1. It can cost you a lot of money. Just hang up. If you have call identify, it comes up as International."

Always remember - If any agency is going to take legal action against you, they will do so by post.

(1st December 2017)

(The Guardian, dated 10th November 2017 author Eleanor Ainge Roy)

Full article [Option 1]:

Thousands of online scammers around the globe are being fooled by artificial intelligence bots posing as New Zealanders and created by the country's internet watchdog to protect it from "phishing" scams.

Chatbots that use distinct New Zealand slang such as "aye" have been deployed by Netsafe in a bid to engage scammers in protracted email exchanges that waste their time, gather intelligence and lure them away from actual victims.

Cyber crime costs New Zealanders around NZ$250m annually. Computer programmers at Netsafe spent more than a year designing the bots as part of their Re:scam initiative, which went live on Wednesday.

Within 24 hours 6,000 scam emails had been sent to the Re:scam email address and there were 1000 active conversations taking place between scammers and chatbots.

So far, the longest exchange between a scammer and a chatbot pretending to be a New Zealander was 20 emails long.

The bots use humour, grammatical errors and local slang to make their "personas" believable, said Netsafe CEO Martin Cocker. As the programme engages in more fake conversations with scammers overseas, its vocabulary, intelligence and personality traits will grow.

Cocker says if the scammers aren't astute or paying attention, the exchanges could go on for a "very very long time".

"We are really concerned about the growth of predatory email phishing, while victims remain essentially powerless," said Cocker.

"Everyone is susceptible to online phishing schemes and no matter how tech savvy you are, scammers are becoming increasingly sophisticated. Re:scam will adapt as the scammers adapt their techniques, collecting data that will help us to keep up and protect more people across New Zealand."

Cocker said Netsafe had designed a bot that was as convincing and long-winded as possible, asking scammers a seemingly never-ending series of benign questions.

"Dear Illuminati, what a wonderful surprise," wrote a Re:scam chatbot responding to a scammer offering $5m.

"I'd love to join your secret club. Do you do a bingo night?"

"There is not bingo night," replied the scammer.

"Please complete attached form with bank details for your recieve full payments of 5 million."

"Terrific!" replied the Re:scam chatbot.

"But to avoid detection I am going to send my bank details through one number at a time. Ready? 4..."

"That is not nessasary," replied the scammer.

"7" said the bot.

Cocker says the bot works particularly well because New Zealand isn't targeted by any home-grown scammers - only those targeting the country from overseas.

"The bot does a pretty good job of impersonating how many New Zealanders would engage with scammers, it is fairly well-developed in terms of its phrasing and language and approach, so it is quite realistic," said Cocker.

Netsafe website :

(The Independent, dated 9th November 2017 author Aatif Sulleyman)

Full article [Option 1]:

An artificially intelligent bot that inundates email scammers with a never-ending stream of questions has been created.

Re:scam is designed to waste the time of the people behind email scams, and annoy them until they give up.

It's been developed by Netsafe, which says it's time regular web users "fought back".

At the time of writing, Re:scam has sent over 16,000 emails to scammers which, according to Netsafe's calculations, have collectively wasted more than 25 days of scammers' time.

"I adopt one of my many personalities to continue the conversations of any would-be victim," the bot, which also describes itself as "super-interested" and "a bit naive", says.

"I waste their time with a never-ending series of questions and anecdotes so that they have less time to pursue real people. Just like you, I mqke typos, and jokes that no one appreciates.

"They won't know when they're scamming, or getting scammed out of their own time. It's bad for business."

According to Netsafe, $12 billion is lost globally each year because of phishing scams.

The organisation is inviting anyone who thinks they've been targeted by a scam email to forward it to Re:scam, which will verify if it is a scam or not.

It will then use its own email address to target any scammers it manages to detect.

"Deleting a scam email protects you, but forwarding to protects others," says Re:scam. "It's also kinda funny."

The chat bot "service", for bogus mail to :


(1st December 2017)

(Mail on Sunday / This is Money, dated 12th November 2017 author Laura Shannon)

Full article [Option 1]:

A new era of banking will be ushered in from January next year - and security experts say it could put people at greater risk of scams and identity theft.

Under new 'open banking' rules, Britain's biggest banks will be forced to share customer data with companies that demand it.

Providers of other 'payment accounts', such as credit cards and some savings accounts, will have to do the same under separate European Union legislation.

This is part of the Second Payment Services Directive, PSD2.

Some banks have already sent letters to customers warning that 'third parties' can access their personal data from January, and that account terms and conditions are being changed to reflect this.

Third parties could include price comparison websites, start-ups specialising in financial technology or rival banks.

Data can only be shared with a customer's explicit consent, which they might give if slick new online companies offer to help them budget and save more effectively.They can be reassured as the data will only be shared with third parties governed by regulator the Financial Conduct Authority.

But as the walls around banking are torn down, customers will need to put their guard up.

Security experts say cyber-criminals will seek fresh opportunities under open banking.

Hackers will turn their attention to smaller firms managing sensitive information and which have less robust security than banks. And new internet scams will surface at a time when data loss, theft and misuse is rife.

Stuart Poole-Robb, chief executive of internet security company KCS Group and a former MI6 intelligence officer, says: 'Because open banking means more data shared, this problem is going to get worse.

'It creates more points of failure. Either the bank is hacked and your data is compromised - or you approve it being passed to a new start-up, which is hacked and your data is compromised.'

Companies will be held accountable if data is lost or misused and banks have to pay refunds if customers dispute a payment. The technology behind open banking - Application Programming Interfaces (APIs) - is considered secure and makes data sharing possible. But no business is immune to hacking or scams.

Poole-Robb says: 'Banks and financial technology firms cannot protect you against something they do not know about.

'It is all very well having firewalls and encryption against known threats, but all organisations are susceptible to social engineering and unwittingly giving attackers footholds.'

If scammers use stolen data to dupe victims into handing over further sensitive information, those people are unlikely to get their money back. Individuals are also responsible for checking a website or app is legitimate. If it is a scam website, they lose protection from regulators. If it is genuine, customers have right to redress.

Customers also retain control over what information is shared, if any. Some might only agree to a third party accessing data as a one-off. Whatever they decide, banks will have to double-check with customers first.

Providers have strong incentives to look after data, beyond protecting their brand reputation, as data protection laws become stricter from May next year.

They could be forced to pay penalties of up to €20 million (£18 million) - or 4 per cent of turnover for any sloppy practices that breach rules.

Online payments will also be subject to more rigorous checks under EU law, but these guidelines will not appear until later next year.



Consumers will need to be vigilant about a new wave of 'phishing' fraud. This is where cyber-crooks use confidence tricks to reel in people's account passwords.

For example, they might imitate a high street bank in an email and suggest there are security concerns with a customer's account.

Victims are persuaded to click on a link and verify their identity by entering account log-in details.

Criminals can use those details to access a person's account and drain it of funds.

Banks will not refund customers who are thought to have been careless with passwords.

Nor will they help if a victim has been tricked into authorising a payment to a fraudster believing it to be the account of a genuine person or business.

New figures show this type of scam has cost more than 19,000 people £100 million in the first six months of 2017 alone. Tony Neate, of GetSafeOnline, a website offering advice and support to consumers, says: 'Security has been looked at seriously with regard to open banking but it is always a concern.

'This is something we are going to have to look out for because there are new opportunities for criminals to apply old tricks.

'Never give away your user name and password.'

Identity theft

Hackers stealing data could also sell it to fraudsters, who use it to steal a customer's identity.

Only a few details - such as name, address and date of birth - need to fall into the wrong hands to create a ripple effect of problems.

Fraudsters use the information to take out loans and credit cards in that person's name.

Victims then see unusual transactions on their accounts, receive bills for goods they did not buy and are refused financial deals such as credit cards and loans despite previously having a good credit rating.

Clearing up a trail of problems caused by identity theft is not an easy task and can cause administrative headaches for years.


A campaign called 'Take Five' encourages the public to be vigilant about scams. It is run by Financial Fraud Action UK - which represents banks and financial companies.

Criminals play on fear and create a sense of urgency in their stories to make victims act without thinking.

Typically, they claim customers' money is at risk and advise quick action is needed to safeguard funds.

The campaign reminds people to always take a step back and think about what is being asked of them. Actions such as clicking on a link, requests to move money to a 'safe account' and demands for personal information should all sound alarm bells.

Find out more at You can also learn more about a wide range of scams at and


Open banking and the Second Payment Services Directive are the twin laws bringing change.

Banks and building societies will have to share data with third parties - if customers give permission.

Consumers might choose to share their current account history if it means saving money or budgeting more effectively. The nine largest current account providers ordered to take part in open banking are: Allied Irish Bank Group, Bank of Ireland, Barclays, Danske, HSBC, Lloyds Banking Group, Nationwide Building Society, RBS and Santander.

Comparison websites like MoneySuperMarket and GoCompare are likely to be the ones asking for access to data, as well as small start-ups specialising in financial technology.

For example Yolt, owned by ING Bank, is a money management app giving customers a view of all their accounts and credit cards in one place. It has just added digital challenger Starling Bank - a mobile-only current account provider - to its list of partners.

HSBC and its subsidiary online bank First Direct are already testing out new apps that give customers a broad view of all accounts - even from rivals.


Customers can see multiple accounts in one place using just one phone app.

Within that same app customers might be able to compare deals across the whole of the market based on their personal history of income and spending.

Customers could then switch products and transfer money while borrowers should quickly find providers prepared to lend to them.

Imran Gulamhuseinwala, of the Open Banking Implementation Entity, in charge of delivering the initiative, says: 'Open Banking has potential to change retail banking forever. We will for the first time put customers in control of their data, privacy and finances.'

Debit and credit cards could also be made redundant in online shopping as part of law changes which let shoppers pay a retailer directly from their bank account.

Tech savvy customers are likely to be winners from the reforms - while the digitally shy face having to adapt or risk being left behind. Losers might also be those excluded from the best deals if the technology assesses them to be an unprofitable bet.


Drastic action is needed to challenge the complacency of banks.

That was the conclusion of a report published last year by regulator the Competition and Markets Authority.

Few current accounts are switched - less than 2 per cent a year. Such apathy means many customers get a poor deal.

Overdraft users could benefit most from easier switching - saving £180 a year each if nudged towards cheaper accounts.


- Do nothing if 'open banking' worries you. David Firth, of credit reference agency Callcredit, says: 'No one can be forced to use open banking. You will need to opt in.' Companies will require permission to access your data.

- Consider switching before the reforms take hold. Comparison website GoCompare's 'midata' tool can already find you a better account based on account history.

- Check out challenger banks such as M&S Bank, Metro, Virgin Money, Tesco Bank and Handelsbanken or new online providers Atom, Starling and Monzo.

- Use the free automatic Current Account Switch Service, which safeguards the process.

- Be scam-aware. Never surrender log-in and password details. Find extra guidance from or

- Report any concerns about data misuse to watchdog the Information Commissioner's Office at

- Make sure companies are regulated by checking the register

(1st December 2017)

(Action Fraud, dated 13th November 2017)

The National Fraud Intelligence Bureau (NFIB) has identified a number of reports where job seekers are being targeted by fraudsters trying to obtain personal and banking details from them, or requesting money to secure accommodation.

Individuals registering with job seeking websites or searching for jobs on The Student Room website are being contacted by bogus recruitment companies/businesses asking them to complete application and interview forms which request personal details and banking details, as well as copies of identity documents.

In some instances the applicant is invited along for interview, either in person or over the phone, to make the process look as legitimate as possible. This is impacting on students and graduates looking for work both in the UK and overseas. Some job seekers, as well as divulging personal details, have paid money to the fraudsters in order to secure a bogus rental property alongside the job offer.

How to protect yourself:

- Check emails and documents from the recruiter for poor spelling and grammar - this is often a sign that fraudsters are at work.

- If visa fees are mentioned, ask the embassy representing the country where you believe you will be working how to obtain a visa and how much it costs. Check that the answers the potential employer or recruiter gave you are the same - if they're not, it may be a sign of fraud.

- Carry out thorough research to confirm that the organisation offering you the job actually exists. If it does exist, contact the organisation directly using contact details obtained through your own research or their website to confirm the job offer is genuine.

What to do if you're a victim:

- If you think your bank details have been compromised or if you believe you have been defrauded contact your bank immediately.

- Stop all communication with the 'agency' but make a note of their details and report it to Action Fraud.

- Warn the operators of the job website you used that their site is being used by fraudsters.

- If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting or by calling 0300 123 2040.

(1st December 2017)

(Mirror, dated 13th November 2017 author Dave Burke)

Full article [Option 1]:

Scammers claiming to be illegal immigrants with winning lottery tickets have conned elderly victims out of thousands of pounds in an alarming plot.

Criminals have repeatedly preyed on elderly people by convincing them to hand over cash and jewellery after asking for their help, detectives revealed.

Some have lost up to £5,000 after being targeted, and police have appealed for people to be on the lookout for the heartless scam.

The conmen approach their victims pretending to have won huge sums on the National Lottery, but claim they cannot claim their prize because they are not in the UK legally.

The fraudsters ask victims to claim the prize money on their behalf, in exchange for a share of the spoils.

In some cases, an accomplice pretends to be interested, in order to convince the victim that it is genuine.

Victims are persuaded to hand over valuables as 'insurance' - only to learn that the lottery wins are complete fiction.

Officers from Hertfordshire, where at least five cases have been reported, are investigating.

A force spokeswoman told Mirror Online that victims are approached face-to-face.

She said detectives in neighbouring Bedfordshire have been made aware of the trick, but it is not known if it has been attempted elsewhere in the country.

Detective Constable Kirsty Rusbridge said: "This is the first time we have seen this method being used in Hertfordshire and we want to get the message out to people to help prevent them from falling prey to these callous fraudsters.

"It has been reported that the offender often has an accomplice who poses as a member of the public, keen to take up the offer.

"If you are approached in similar circumstances, please don't hand over any cash or belongings and contact police straight away."

"Please also share this advice with neighbours, friends and relatives so we can spread the word as far as possible."

(1st December 2017)

(The Telegraph, dated 8th November 2017 author Katie Morley)

Full article [Option 1]:

Scam victims who fail to take "reasonable care" to protect themselves against criminals will not get their money back under a formal compensation scheme being designed by watchdogs.

From next year, an anti-fraud revolution will see consumers who have been conned into transferring money to fraudsters reimbursed by their bank - but only if they can prove that they did not act recklessly.

Victims who have lost life-changing amounts could be denied a single penny of compensation if they did not conduct "common sense" checks, such as spotting bogus email addresses or account details and names that do not correspond.

The plans are being drawn up by the Payment Systems Regulator (PSR) to curb a growing fraud epidemic in which criminals posing as legitimate organisations are extracting £200million from 40,000 victims every year.

Consumer groups said bank customers who fall for scams should not be blamed and called for banks to take the responsibility.

The fraud usually involves email interception or some form of trickery, whereby the victim unknowingly sends money to a criminal's account, meaning they are often unaware of the scam until it is too late.

Gareth Shaw, the Which? Money Expert, said: "These scams have become so complex and believable that many consumers couldn't be expected to spot them. Banks should consider introducing additional checks - such as delayed payments or third party signatures - with extra focus on protecting vulnerable customers."

James Daley, director at Fairer Finance, a consumer group, said: "The test should be how far did the bank go to stop the scam, not how far did the consumer go.

"It is perfectly possible for banks to install enough checks to fully put an end to this and the test should be how far have they gone - not how far have consumers gone. Losing their life savings is far too high a penalty for customers who have been negligent and this should not happen."

At present, just one in four victims are reimbursed, but this figure is set to rise considerably. The action follows a "super-complaint" by Which? over concerns people were being conned out of huge sums of money with no hope of compensation.

The PSR said it was considering changing the law to allow criminal funds frozen in bank accounts to be used to compensate victims.

The Telegraph has previously called for regulators to act to stop consumers being tricked as we have heard from dozens of consumers swindled by tricksters posing as solicitors, investment professionals, government departments and salesmen.

In one shocking case, a woman lost £130,000 in a sophisticated solicitor scam and reported it to First Direct, her bank, only to be told the fraud team had finished for the night.

Bank transfer fraud - How you can be targeted

Consumers have to be on guard every time they are asked to make a bank transfer as fraudsters grow evermore sophisticated and target their victims in a number of ways.

Conveyancing fraud:

Property buyers and sellers are at risk of losing life-changing sums should they become victims of "conveyancing fraud".

Criminals are able to hack into online systems and intercept emails between clients and solicitors just before completion.

They replace the details of the account where the payment is due with their own so the unsuspecting victims often pay hundreds of thousands of pounds into the fraudster's account. In the numerous cases reported by Telegraph Money this money is never reimbursed.

Rental fraud:

Potential tenants are tricked into transferring an upfront fee by bank transfer to a fake landlord or rental firm ahead of a property viewing. The fraudster then disappears.

Overpayment fraud:

Landlords have also been targeted by fraudsters. One bed and breakfast owner was sent a bank draft by a "customer" which amounted to more than the cost of the room. She transferred the excess £1,400 back to the fraudster. She later discovered the bank draft was fraudulent. Her bank refused to reimburse her.

Online marketplace fraud:

Countless readers have reported paying fake sellers on eBay, Gumtree, Amazon for items that fail to arrive.

Some of the largest losses are related to vehicle purchases where the fraudster asks for an upfront payment by bank transfer and promises to deliver the car on an agreed day. Victims only realise the ruse when the car does not show up and the seller disappears.

Those who buy vehicles on eBay are not eligible for its Money Back Guarantee which applies to most items paid for through the platform using PayPal. Motors should be viewed in person before the money is handed over directly to the seller.

Telegraph Money readers have also reported similar scams on Airbnb, the accommodation booking site. Fraudsters posing as hosts trick users into making bank transfers outside of the site for properties that don't exist.

Airbnb said hosts and guests are protected by making payments through its site.

BANK TRANSFER FRAUD - THE NUMBERS January - June 2017 (Source : UK Finance)

n = Personal (n) = non-personal

Total Cases : 17,064 (2,306)
Total Victims : 16,993 (2,244)
Total Lost : £51.7m (£49.5m)
Total returned to victim : £9.8m (£15.4m)

(1st December 2017)

(International Business Times, dated 6th November 2017 author Jason Murdock)

Full article [Option 1]:

Dozens of social media users have spoken out in frustration after receiving scam messages on WhatsApp and Facebook that claim to offer free £250 vouchers for UK supermarkets.

In every instance, a suspicious link will lead victims to an external website asking for the recipient's personal details. If entered, the information would be sent to the digital fraudsters. To date, it has been spotted posing as retailers including Asda, Tesco and Marks & Spencer.

Based on numerous screenshots posted by those who have received the scam messages, there are a number of variations currently in circulation.

Some are text-based and others are disguised as a customer survey. One asks the victim to share the text with 20 friends to claim the non-existent money.

Experts advise that recipients delete the texts.

"Hello, Asda is giving away £250 free voucher to celebrate 68th anniversary, go here to get it. Enjoy and thanks me later!" one version reads, alongside a link to the phishing website.

UK internet watchdog Action Fraud confirmed Asda was not the only retailer to be used as a lure.

"WhatsApp supermarket voucher scams are back! So far we've seen M&S, Tesco & Asda variations! Don't click the link or forward to friends," it tweeted Monday (6 November).

Meanwhile, social media was buzzing with complaints about the messages.

"Getting lots of scam messages about Asda/Tesco vouchers through different contacts on #whatsapp - just a warning! #ScamAlert" tweeted Leah Smith. "The Asda scam on WhatsApp is doing my head in ... please stop," vented another Twitter user called Samantha Cutts.

Responding to one direct complaint on Twitter, the Asda service team wrote: "Unfortunately this was not sent by ourselves and I would advise you to ignore and delete this message."

It's not the first time Action Fraud has spotted such a scam. In October last year a similar scheme was in circulation, posing as WhatsApp links to voucher deals for Sainsbury's and Topshop.

"Once you click on the malicious link fraudsters also collect personal information from your device by installing cookies on your phone that track you, or add browser extensions that can be used to show you advertisements," it wrote in a blog post at the time.

To report a fraud and cybercrime and receive a police crime reference number, call Action Fraud on 0300 123 2040 or use its online fraud reporting tool.

(1st December 2017)


(Metro, dated 28th October 2017 author Tanveer Mann)

Full article [Option 1]:

If you receive an email that looks like it's a speeding ticket from police, do not open it.

It's a scam and could cause you to lose a lot of money.

The bogus email is circulating to motorists in an attempt to extort money from them by claiming they were caught speeding.

The letter, titled Notice of Intended Prosecution and featuring a logo, reads: 'In accordance with Section One of the Road Traffic Offenders Act 1988 we hereby inform you that it is intended to take proceedings against the driver of motor vehicle.

Greater Manchester Police has now warned people to be aware of the speeding scam and urged people not to open the email as it is clearly a fake email.

Police in Bedfordshire, Hertfordshire and Cambridgeshire have also advised motorists to be alert to the scam and how to spot the signs.

A spokesman for Hertfordshire Constabulary said: 'A legitimate Notice of Intended Prosecution would never display the GOV.UK logo.

'The Road Traffic Act 1988 states that the notice must be served 14 days after the alleged offence in the form of a physical letter sent via first class post.

A NIP sent from Bedfordshire Police, Cambridgeshire Constabulary or Hertfordshire Constabulary would always display the CTC unit's logo and contact details.'

(1st November 2017)

(BBC News, dated 27th October)

Full article [Option 1]:

A third of charity fraud cases in England and Wales are suspected to involve staff, trustees or volunteers, the charity watchdog has claimed.

The Charity Commission report said organisations should stay alert to "insider fraud", and make sure that "mutual trust" is not abused.

The commission said crimes committed could be opportunistic or due to a lack of charity oversight.

The organisation also issued an appeal on insider fraud incidents.

The statistics relate to instances of fraud between April 2015 and March 2016.

Director of investigations Michelle Russell said charities were trusting as they were "committed to making a difference in society".

But she added: "Unfortunately, for a range of reasons, that mutual trust can be abused. The reality is insider fraud does happen in charities.

"Ultimately, whether it happens in a small charity with no employees or a multi-million pound household name, fraud diverts money away from those the charity is helping and who need it."

The warning to charitable organisations comes as the boss of a defunct Welsh charity was jailed for five years for embezzling £1.3m to fund his lavish lifestyle.

Robert Davies, 50, who worked for Swansea-based Cyrenians Cymru admitted fraud by abuse of position and was sentenced at Cardiff Crown Court in July.

He spent £100,000 on boats, £26,000 on airfares and £80,000 staying at The Savoy Hotel in London.

The charity, which tackled homelessness in Swansea, south west Wales, collapsed in 2015.

Mr Davies's offences were committed between 2008 and 2014.

The Charity Commission has urged donors to be vigilant and watch out for sudden lifestyle changes in its volunteers and staff.

It added that strange behaviour or unexplained cash withdrawals could be a sign of insider fraud.

Ms Russell added: "Our aim is to help charities increase their own resilience to this kind of abuse and protect donors' valued funds as well as protect public trust and confidence in charities."

(1st November 2017)

(Fraud Advisory Panel notification, dated 26th October 2017)

Charities do vital work. They need our donations. But charities and their supporters are also targets for criminals. Fraudsters eagerly exploit our trust and compassion to steal donations and undermine the important work that charities do.

As part of National Charity Fraud Awareness Week the Fraud Advisory Panel has joined forces with police, regulators and other stakeholders to issue simple fraud prevention advice for anyone wanting to donate on the doorstep, on the street or online, helping donors make sure their money really does reach those who need it.

David Kirk, Chairman of the Fraud Advisory Panel said: "The vast majority of fundraising activities are legitimate but fraudsters are expert at hijacking our kindness and diverting our charitable donations into their pockets. Cruelly, they are especially active during a crisis or tragedy. But making sure our donations really do reach the causes we care about is easier than most people realise. For example:

- Ignore unsolicited emails, texts or social media messages/posts from charities you've never heard of or have no association with.

- Protect your personal information - never reveal passwords or PINs.

- Watch out for tell-tale signs like spelling or grammar mistakes in the literature, photocopied IDs and unsealed collection buckets.

- Don't feel under pressure - take your time to make a considered, informed decision."

The Fraud Advisory Panel, Get Safe Online and GoFundMe have also simultaneously released five tips for donating safely through crowdfunding sites.

Kirk explains that it is vital we don't simply stop giving: "Charities need our support more than ever in these difficult times. But we can all keep donating and make life a lot harder for the charity fraudster by taking the straightforward precautions listed in this new guide."

Fraud advisory panel website :

(1st November 2017)

(The Telegraph, dated 23rd October 2017 author Katie Morley)

Full article [Option 1]:

Young people are losing three times as much money to online scams as their parents' generation because they are more easily tricked by "family and friends" fraud, a study has found.

A survey of fraud victims by Get Safe Online found under 25s typically lose £613 per scam, compared to over 55s who hand over £214 on average.

This is because they are more likely to fall for so-called "phishing" scams where criminals hack into people's social media accounts and purport to be them to persuade their friends and family to transfer them money.

Scammers lure in victims by tricking them into believing that their loved ones are in dire financial trouble, or that they are seriously ill abroad and need money for treatment.

More than one in ten 18-24 year olds have fallen victim to phishing scams, compared to just one in 20 55+ year olds, according to Get Safe Online.

Older victims were more likely to fall for scams in which criminals pretend to be household name companies, it found.

Overall, half of all Brits have been targeted, with eight per cent of the UK population falling victim to the cybercriminals, but Millennials are now more likely than pensioners to be targeted by fraudsters for the first time.

In August analysis of millions of credit files by credit checking firm, Experian, found people in their mid to late 20s had overtaken over 60s as the most likely age group to fall victim to fraud.

It comes after many years of elderly people being the biggest target. Tony Neate, CEO of Get Safe Online; "Younger people have grown up with smart phones and tablets as well as social media which means they are always online in some way or another.

Naturally, that means there are much more opportunities for scammers to target them.

"Secondly, young people are so comfortable with technology and using new devices or platforms. On the one hand this is great, the UK needs a digitally savvy population but on the other hand, it can make younger people more complacent to risk - they just don't believe that they could be caught out by a cyber crime. The assumption is that it's only older people are the only victims of online scams.

"Lastly, there is also an outdated idea that a scam email isn't targeted or sophisticated. For example, the ones that come from rich kings who have been forced into hiding and want to use our bank accounts to hide their millions in, with a handsome fee offered as a thank you. Although these types of emails are still doing the rounds, cyber criminals have become way more sophisticated in their approach."

(1st November 2017)

(The Telegraph, dated 18th October 2017 author Sophie Christie)

Full article [Option 1]:

Note : The orignal article contains photographic examples of scams emails and nine email addresses to avoid.

HM Revenue & Customs has published example images of fake emails and text messages on its website in the hope that it will show people how convincing bogus messages can be.

While various fraud prevention bodies have published a plethora of images of fake messages claiming to be from the taxman, it is thought to the first time HMRC has published its own illustrations.

As well as showing some of the fake tax rebate messages people have reported receiving, HMRC publicised a number of convincing email addresses commonly used to distribute scam emails, including and

HMRC said: "We'll never send notifications of a tax rebate or refund by email, or ask you to disclose personal or payment information by email. Don't visit the website within the email or disclose any personal or payment information."

'Phishing' emails

This is an example of an HMRC related "phishing" email scam and associated phishing website designed to trick people into handing over their card details or other financial information.

Phishing refers to emails sent out that contain either links or attachments that take you to a website that looks like your bank's, or installs malware on your computer system. A report by Verizon into data breach investigations has shown that nearly one in four (23pc) people open phishing emails.

HMRC said it has also been alerted to a phishing campaign advising customers they need to "download a PDF attachment" in order to receive a tax refund. This attachment contains a link to a phishing site requesting personal or financial information, and recipients should neither respond to the email or download the attachment.

Text messages

While the taxman may occasionally issue text messages, it will never request personal or financial information.

"If you receive a text message claiming to be from HMRC offering a 'tax refund' in exchange for personal or financial details you should not respond, and don't open any links contained within the message," it said.

Social media scams

Scams are no longer confined to text messages and emails, with social media platforms an increasingly popular way for criminals trying to fool people into handing over valuable information.

On Twitter, for example, crooks have been known to send direct messages to unsuspecting users offering a tax refund, even though HMRC would never offer a tax rebate or request information via a social media channel.

Export clearance process emails

Emails which claim that goods have been withheld by customs and require a payment before release are known as "419 scams".

They typically ask recipients to provide their personal and financial information, or to make an upfront payment, in exchange for fictitious items, including prize money, seized goods or packages, and inheritance payments.

In addition to scam emails, texts and social media messages, HMRC warned of bogus callers that leave recorded messages claiming to be from HMRC.

These callers may encourage victims to provide bank account or personal information in exchange for "tax advice" or a pretend refund, or they may say that HMRC is filing a lawsuit against them and that they must make immediate payment or police will be sent to their home.

Elderly and vulnerable people are most likely to be victims of this specific scam, HMRC said.

(1st November 2017)

(Action Fraud, originally June 2017)

- Fraudsters are contacting the elderly and vulnerable claiming to be from HM Revenue & Customs.

- Victims are being told they have arrest warrants, outstanding debts or unpaid taxes in their name.

- The fraudsters are asking victims to purchase iTunes gift cards as payment.

- There are a variety of methods being used including calls, texts and voicemails.

Action Fraud is warning people once again of scammers contacting victims claiming to be from HM Revenue & Customs (HMRC) that trick people into paying bogus debts and taxes using iTunes gift cards.

Victims are being contacted in a variety of methods by fraudsters claiming to be from HMRC and are being told they owe an outstanding debt. In most cases they ask for payment in iTunes gift card voucher codes.
Fraudsters like iTunes gift cards to collect money from victims because they can be easily redeemed and easily sold on. The scammers don't need the physical card to redeem the value and instead get victims to read out the serial code on the back over the phone.

Methods fraudsters use:

- Spoofed calls: Fraudsters cold call victims using a spoofed number and convince them that they owe unpaid tax to HMRC.

- Voicemails: Fraudsters leave victims automated voicemails saying that they owe HMRC unpaid taxes. When victims call back on the number provided, they are told that there is a warrant out in their name and if they don't pay, the police will arrest them

- Text messages: They may also use text messages that ask victims to urgently call back on the number provided. When victims call back, they are told that there is a case being built against them for an outstanding debt and they must pay immediately.

One 87 year old victim recently told the BBC he was phoned by fraudsters who claimed to be from HMRC stating there was an arrest warrant out in his name. They told him it would be cancelled if he bought £500 in iTunes gift cards at Tesco.

The man bought the cards and gave them the serial numbers. But when they asked for a further £1,300 in vouchers, he became suspicious and hung up.

How to protect yourself:

- HMRC will never use texts to tell you about a tax rebate or penalty or ever ask for payment in this way.

- Telephone numbers and text messages can easily be spoofed. You should never trust the number you see on your telephones display.

- If you receive a suspicious cold call, end it immediately.

(1st November 2017)

(The Guardian, dated 21st October 2017 author Miles Brignall)

Full article [Option 1]:

It is the worst case of email intercept fraud that Money has ever featured. An Essex couple have lost £120,000 after sending the money to what they thought was their solicitor's bank account, but which instead went to an account in Kent that was systematically emptied of £20,000 in cash every day for the next six days.

Peter and Alice Scott (not their real names), who live near Chelmsford, say they are "simply staggered" at the lack of response by the banks and the police after they unwittingly became the latest victims of email hacking fraudsters who have been targeting solicitors across the UK.

The couple's story will serve as a warning to anyone about to send a large sum of money to a solicitor. It also exposes systemic flaws in the banking system that make it easy for fraudsters to operate unchecked and banks' indifference to customers who have lost life-changing sums of money.

The extraordinary story started in late August when Peter telephoned his family's long-used firm of solicitors, Steed & Steed, based in Braintree, Essex. He rang because he was due to pay his grandmother's inheritance tax bill to HM Revenue & Customs and needed the law firm's bank details. Later that morning, an email duly arrived with the firm's account and sort code detailed in a Word file attachment. This was the first contact he had had with anyone at the law firm, he says.

Three days later, Peter went to the Braintree branch of Lloyds bank where he instructed staff to make a Chaps electronic payment for £120,000 to Steed & Steed, handing over the account details he had been sent in the email and his debit card. Eight hours later he received a text message from Lloyds to say the funds had been transferred to the receiving account.

"When I got home I emailed Steed & Steed to confirm I had made the payment and later received a reply from it confirming the funds had been received. A week later my wife asked me why we had not yet received a receipt from the solicitor so I called the firm and, to my shock, I was told it had not received the funds. At first I thought it was an error and went straight to the Lloyds branch," he says.

Within a few hours the true horror of what had happened emerged. The email from Steed & Steed had been hacked and what Peter had been sent was the fraudster's account details, to which he had sent the £120,000.

Through his contacts he was able to establish that the account the money had been sent to was a NatWest business account in the name of Graceak Ltd. He was also able to establish that all of his £120,000 had gone from that account, as £20,000 had been withdrawn over six days. The company has since been dissolved, according to Companies House.

"The Lloyds bank manager called the fraud team and later apologised for what had happened," Peter says. "I felt it was a bit of an 'Oh well, I'm really sorry, but there's nothing we can do'. He advised me to call Action Fraud and the police. I left the branch feeling physically sick."

Since then he says he has been staggered at the lack of interest in the theft of what is a considerable amount of money.

"We feel let down by everyone involved. We have heard nothing from the police or Action Fraud even though we have the name and address of the woman who ran the company account to which my money was paid. Action Fraud told me there was no guarantee that the police would even look at my case, and if they did it may take up to eight weeks to start their investigation. I could not believe my ears."

Peter says Lloyds, which took eight hours to make the payment, did not carry out any checks to ensure the name of the firm to which the payment was to be made matched the account numbers, even though staff would have been aware that fraud in this area is rife. Lloyds did not appear to notice that it was paying Steed & Steed £120,000 in a NatWest account in Kent. He says he has since learned that the Steed & Steed account was held at that very branch in Braintree. The bank has declined all liability and told the couple they must to go to the Financial Ombudsman Service (FOS). They have been forced to borrow the £120,000 to make the original HMRC payment.

When staff at FOS look at this case, which could take months, they are likely to examine Lloyds' liability to the couple. UK Payments, the body that oversees banking payments, pointed us to the regulations that govern this area. These state that a bank has to "have made clear to their customer how a Chaps payment will be processed" and that the bank "will make a payment solely on the basis of a unique identifier and will not execute it on the basis of the intended recipient's name".

Meanwhile, the security or otherwise of Steed & Steed's email system is also likely to be investigated. In December 2016, regulatory body the Solicitors Regulation Authority warned that email hacks of conveyancing transactions had become the most common cybercrime in the legal sector. Firms are duty bound to inform the SRA if a client's money is lost in this way.

Steed & Steed declined to tell Money what steps it had in place to prevent email fraud. It said it would be "inappropriate for us to provide any comment due to reasons of confidentiality and the fact that this matter is under police investigation".

Lloyds similarly said it would not be commenting while the FOS investigation is ongoing.

NatWest said it had tried to help recover the couple's funds but that none had remained when Lloyds advised it of this case.

Richard Emery, an independent bank security expert who has helped previous victims featured in Money, has offered to look at the case. Money will be passing on his details to the Scotts.

Banking flaw that puts consumers at risk

The Scotts' story is a timely reminder to never trust an email containing bank or other payment request details and to always phone the person you want to pay to check the information before you send a significant sum.

In recent years Money has featured many cases of email interception fraud and the sums lost have been eye-watering. In January, Howard Mollett lost £67,000 after hackers gained access to his solicitor's email account. As a result, he sent his house purchase deposit to an account used by fraudsters. Last year, a north London couple lost £25,000 after conmen intercepted emails between them and their builder. They thought they had sent him a deposit allowing him to buy materials. Instead, the money was lost.

In each case the fraudsters exploited a little-known but significant flaw in the banking system - the name on a bank account does not have to match an online or Chaps payment request.

A person can put Mickey Mouse in a transfer mandate and the money will be paid to the account with that sort code and account number, irrespective of whether the name matches or not. Campaigners have described this flaw as a "fraudster's dream". Despite the fact that bank fraud is out of control, the Financial Conduct Authority, which oversees banks, has shown little interest in forcing them to match payment requests to account names. Experts say such a move would halt most of these frauds overnight.

Over a year ago, the consumer body Which? lodged a "supercomplaint" with financial regulators demanding banks do more to protect customers tricked into transferring money. So far no concrete measurers have emerged and consumers' losses grow every week.

(1st November 2017)

(Action Fraud, dated 21st October 2017)

The National Fraud Intelligence Bureau (NFIB) and Action Fraud have recently noticed that Fraudsters have been setting up fake adverts on social media (including Facebook, Instagram and WhatsApp) and job browsing websites to dupe people into believing they are recruiting for prospective models.
Once victims show interest in the job, the fraudsters contact potential victims on the false promise of a modelling career and subsequently advise the victims to come in for a test shoot.

The fraud can then potentially be carried out in two ways;
Firstly, the fraudsters can pressurise the victims in sending an upfront fee to book a slot for the test shoot. Once they have received the upfront fee, the victim will never hear from the fraudsters again.

The second possible method is that the fraudsters will take the advance fee that the victim sends for a photo shoot and arrange a photo shoot with the victim. After the photo shoot, the fraudsters will contact the victim after a few days and convince them that their shoot was successful and offer them a job as a model. The victim will then be asked to sign a contract and pay another upfront fee, usually to secure the modelling contract.

Fraudsters are also creating fake adverts for supposed modelling opportunities for children which do not exist. Fraudsters will inform parents or guardians that a potential career in modelling awaits their child. This tactic convinces the parent or guardian to sign up their child and send an advance fee.

The suspects will also convince the victim that in order to become a model, they will need to have a portfolio. The fraudsters will recommend a number of packages and stress that if a package is not paid for in advance, the process of becoming a model cannot continue.

Over a two year period (September 2015 - August 2017), an average of 28 reports of advance fee modelling frauds have been received per month by the NFIB. In August 2017, 49 Action Fraud reports of this fraud type were received and may continue to rise. The total loss in August 2017 alone was over £71,000.

Tips for staying safe:

- Carry out your own research prior to paying any type of advance or upfront fee.

- Be wary if you are asked to pay for a portfolio, as many legitimate agencies will cover that cost.

- Don't give your bank account details or sensitive information to anyone without carrying out your own research on the relevant agency.

- If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting or by calling 0300 123 2040.

(1st November 2017)

(Which, dated 21st October 2017 author Faye Lipson)

Full article [Option 1]:

Fraudsters are able to send 'spoofed' bank texts with incredible ease, a Which? Money investigation has found - with many landing in previously legitimate message threads due to a quirk of smartphone technology.

Text spoofing scams - where fraudulent messages bear the name of a bank or other genuine business - are increasingly prominent. A spate of high-profile cases in recent years has seen bank customers tricked out of £1,000s.

The texts are particularly effective at duping customers because of the way smartphones group messages which claim to come from the same source.

So if you already have genuine texts from Barclays on your phone, and a fraudster sends a message using the short name 'Barclays,' your phone will include it under the legitimate ones, making it harder to spot the deception.

Victims of such scams are often devastated to learn they won't get their money back, as by providing their online banking information to the impostor, they are said to have authorised the payment. In May this year, Action Fraud warned about the latest round of text message scams duping people with credit cards.

We set out to infiltrate a message thread and prove how easy it is for fraudsters to abuse the technology.

Impersonating banks

Banks and credit card firms sometimes text you to let you know about new products or offers, or to check whether you've carried out a particular transaction.

To make sure these texts come from a company name rather than a number, organisations use text 'gateways', which allow them to send thousands or even millions of messages at a time using a computer, for less than a penny a text.

Most texts sent this way are legitimate, and the providers of those services do attempt to check use is lawful. Unfortunately, fraudsters are making good use of this technology, too.

How we managed to scam by text message

We teamed up with ethical hacker and Trading Standards 'scambassador' Scott McGready. Mr McGready has set up his own spoofing gateway, which he uses to educate the public about the risk of scams.

We wrote a message mimicking a typical fraudulent text: it claimed to be from a major bank, building society or card firm, stated that the recipient's account had been suspended and asked them to click on a link to unlock it.

The link we included was benign and led to a blank webpage - but in a real scam it could contain software that harms your phone, or lead you to a convincing mock-up of your bank's online login page, which tricks you into giving away your details.

The texts were sent in the names of more than a dozen financial firms and all of them arrived on our test phones, with some appearing in existing threads.

Independently of our work with an ethical hacker, we were also able to send a fraudulent text with the short name of a high street bank by using a number-spoofing website, which advertises itself as being a way to prank your friends. This also arrived in a legitimate message thread.

Many of these sites are freely available on the web.

Thousands lost from 'spoofed' bank messages

The true scale of the problem isn't known as none of the bodies involved in preventing this type of crime collect data specifically on text spoofing.

However, the Financial Ombudsman Service (FOS) has heard several complaints related to this in recent months, including the case of 'Mrs P,' who 'received a text message asking whether certain payments from her account were genuine. The text had been 'spoofed' to show it as coming from Santander.

'She called the number [contained within the text] as she did not recognise the payments given.' Mrs P was then duped into telling the fraudsters her passcode, which they used to access her accounts and transfer £18,000 to another bank.

Sadly for Mrs P, the FOS ruled that Santander need not refund her as it hadn't been responsible for the fraud.

The story closely mirrors that of one Which? member, who we have chosen not to name to protect her privacy. Earlier this year, she too received a text purporting to be a security check from her bank.

She rang the number within the message and was tricked into generating and handing over a one-time passcode which allowed fraudsters to ransack her account. In total £20,000 was taken and her request for the bank to refund it is now being considered by the FOS.

Can spoofing be stopped?

In February 2016 a new taskforce was announced to tackle fraud, encompassing the government, the police, and the legal and banking sectors. One of its main aims is tackling 'systematic vulnerabilities' and 'weak links' in processes, which fraudsters can exploit.

Eighteen months on, Which? wants to know what action it will urgently take to safeguard consumers from scams.

As it stands, banks say they can't prevent scammers using technology to impersonate them, as they don't control the gateways through which spoofed texts are sent - while Mobile UK (which represents mobile networks) says it's 'not possible to distinguish spoofed from genuine texts ex ante [before they're delivered].'

However, Scott McGready believes he's devised a possible solution, which verifies banking texts at the receiving end and would 'mark genuine messages as such and, more importantly in my opinion, mark spoof and fake messages as illegitimate - or just not display them at all.'

Whether this solution, or something like it, will eventually be adopted by the financial services industry, remains to be seen.

How to protect yourself from text message scams

- Never assume a text from a company is genuine. Even if it's in a previously legitimate thread, it could still be a scam.

- Don't click on any links or call any numbers contained within a text message - look up the organisation's details independently and contact it to verify the message.

- A genuine bank will never contact you asking for your Pin, full password, or to move money to a safe account.

- Avoid giving out your number on publicly available websites or social media profiles.

- Don't respond to or text 'STOP' to a message if you're not sure it's genuine; if it's a scam, doing so could confirm to the fraudster(s) that your line is 'live'.

- Spam and suspicious texts can be reported to your network by forwarding them to 7726 and to the regulator by filling in a form at

If you're conned out of money or tricked into giving away your personal details, contact your bank immediately and report it to Action Fraud at

- If you're scammed, you may not get your money back - the rules on this are complex.

Visit for more, and help us to force action on scams at You can also share your thoughts on whether the fight against fraud is happening fast enough.

(1st November 2017)

(London Evening Standard, dated 18th October 2017 author Chris Baynes)

Full article [Option 1]:

A conman posing as defence secretary Michael Fallon tried to dupe Sir Richard Branson out of $5 million (£3.8m) by faking a kidnapping, the Virgin boss has revealed.

The businessman said he spoke to a man who "sounded exactly like Sir Michael" who claimed a British diplomat was being held hostage by terrorists.

Writing on his blog, Sir Richard said his assistant received a message on what appeared to be official notepaper with a request to call the defence secretary.

The 67-year-old said: "He told me that British laws prevented the Government from paying out ransoms, which he normally completely concurred with. But he said on this occasion there was a particular, very sensitive, reason why they had to get this diplomat back.

"So they were extremely confidentially asking a syndicate of British businesspersons to step in.

"I was asked to contribute 5 million dollars of the ransom money, which he assured me the British Government would find a way of paying back."

Sir Richard said he was "sympathetic" to the request, but wanted to carry out checks.

After he rang Downing Street and asked to be put through to Sir Michael's office, he realised the truth.

He wrote: "His secretary assured me that Sir Michael hadn't spoken to me and that nobody had been kidnapped. It was clearly a scam. I told them what had happened and we passed the matter over to the police."

The tycoon also wrote of a similar incident where a fraudster impersonated him and was able to con $2 million (£1.5m) of money destined to help victims of Hurricane Irma in the British Virgin Islands.

He wrote: "They told me that they had received an email from somebody claiming they were my assistant, to arrange a call with me.

"When the call happened the conman did an extremely accurate impression of me and spun a big lie about urgently needing a loan while I was trying to mobilise aid in the BVI.

"They claimed I couldn't get hold of my bank in the UK because I didn't have any communications going to Europe and I'd only just managed to make a satellite call to the businessman in America. The business person, incredibly graciously, gave 2 million, which promptly disappeared."

He added: "People used to raid banks and trains for smaller amounts - it's frightening to think how easy it is becoming to pull off these crimes for larger amounts."

(1st November 2017)

(Wales Online, dated 20th October 2017 author Caitlin O'Sullivan)

Full article [Option 1]:

'Frighteningly convincing' scammers have been phoning Carmarthen businesses, pretending to be bailiffs.

Emma Lewis, of Emma Phillips Bridal Studio, was almost scammed for nearly £3,000 when the false bailiffs rang her business threatening court action.

She took to Facebook to try and warn others about the convincing scammers, in a post that has been shared over 320 times.

She posted: "He phoned to say there was a claim against us going back to 2014, and we owed nearly £3k to 'The Business Directory'.

"He said he was in Worcester Court and that if we didn't pay the money, High Court bailiffs would be at the shop within 72 hours.

"However if we paid into this "account" everything would be 'on hold' for a while."

She was in New York at the time with her husband Eurig, and after almost half an hour on the phone she was about to transfer the money when the fraudster began to slip up.

Emma said: "A few things didn't add up. He said we'd been emailed, and we hadn't, and he called me Emma Phillips and my name is Lewis.

"Eurig rang the court direct while I was on the phone; no sign of the claim against us, the reference he gave didn't match anything."

Other Carmarthen businesses have also been phoned by these scammers, including Bethaney's Hair Salon, which commented on the post: "We had a similar call from people a few months ago, just claiming to be HMRC for a fake debt of over £4k!

"They said bailiffs would be at our door within an hour if I didn't pay it.

"Luckily, the Police and HMRC were both phoned while I was talking to the guy on the other phone and it had turned out they'd done it to another salon in Llanelli the week before!"

Emma Phillips appealed for caution: "Please, please be careful. If it wasn't for Eurig checking, I'd have paid the money!"

In reality bailiffs do not operate in this way, as county court judgments can only be enforced by either the county court bailiffs, or a certificated enforcement agent working on behalf of a high court enforcement officer.

Certificated enforcement agents never ring up first. They send out an official notice called a notice of enforcement, usually by first class post. At this point they are allowed to charge £90.

They can only charge further fees by attending, so it is in their interest to attend, or they do not make much money.

A spokeswoman for Dyfed-Powys Police offered some advice: "This is a classic example of Vishing, or Voice Fishing.

"Voice phishing is the criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward.

"Remember - transferring money directly to another person's account is similar to handing money over to someone on the street, banks can offer little protection if you authorise a transaction.

"Always treat calls that come out of the blue as suspicious, especially if the caller's request will involve you making a payment.

"If you are unsure of who you're talking to, take their name, hang up and call them back, but not on the number they provide.

"Call the office they state they have come from on a publicly available number, such as a switchboard, and ask to be put through. That way, you know who you are talking to.

"Never pay money on a card or by bank transfer without first getting paperwork.

"Ask yourself; 'Why are they ringing you when the bailiff is only 20 minutes away?' The attendance is how they make their money.

"If someone does turn up, then check their identification, and call the Police to verify it if necessary."

The scammers may give a warrant number and claim not to have a case number.

The warrant number can only be checked on the court's own system, and is not generally used.

County executive board member for public protection, Councillor Philip Hughes, said: "If people are unaware of any court hearings or pending court actions then any person purporting to represent the court whilst requesting money should be viewed with suspicion.

"The court service and any legitimate bailiff will make several attempts to contact you prior to any hearing or award.

"We would urge people to conduct their own checks. Phone the organisation up, but remember not to use the telephone number supplied by these individuals either verbally or on paper.

"An internet search should reveal their official website and contact details or they can contact the authority.

(1st November 2017)

(The Telegraph, dated 19th October 2017 author Telegraph Reporters)

Full article [Option 1]:

A new 555 emergency hotline may be set up for bank fraud victims under plans to tackle the growing number of crimes.

The emergency number specifically for bank fraud has been suggested in order to crack down on rising scams and alert banks to illegal money transfers.

The idea is reportedly being discussed by ministers, police and financial officials. Current advice states that victims should contact Action Fraud rather than 999 as police rarely investigate individual instances of bank fraud.

More than 900,000 cases of fraud were recorded in the first half of 2017 alone, equating to more than 5,000 a day.

The idea for a hotline was put forward at a meeting of the Joint Fraud Taskforce in September attended by Home Secretary Amber Rudd and senior staff from a number of UK banks.

Minutes published by the Home Office reveal that Brian Dilley, of Lloyds Banking Group, told the meeting about an "early stage idea" of having a single number - such as 555 - for the reporting of scams and fraud.

Currently victims of fraud are advised to call Action Fraud on 0300 123 2040. Details about how any hotline would operate are not clear as the suggestion is in its infancy.

The minutes say: "Brian Dilley (BD)... commented on the issue of communicating to customers who have been told not to trust unsolicited contact from their bank.

"BD outlined an early stage idea... for a central reporting telephone number e.g. 555 that victims of fraud/scams could contact.

"At its simplest the number could be a triaging facility directing victims to the appropriate agency and at its most ambitious it could sit in front of enhanced data sharing/analytics which would take in all reporting and provide standardised reporting and a collective intelligence picture across fraud and money laundering."

James Freedman, fraud ambassador for City of London Police, told the Daily Mail: "The problem is that people may liken the number to 999 and expect an emergency response. In reality fraud can take time to investigate.

"However, it is vital to encourage more people to report scams, even in instances where they have got their money back or not fallen for them at all, as this is the only way the body of information available to the police will grow."

A Home Office spokeswoman said: "Through the Joint Task Force we are in discussions with banks and UK Finance over a number of initiatives to enable the public to better protect themselves more effectively from fraud."

Cyber crime - most common UK online offences (Source : Office for National Statistics)

These are the ten most common cyber-crimes in the UK, with number of cases reported in the year to June 2016

1. Bank account fraud - 2,356,000

Criminals trick their way to get account details. For example: "Phishing" emails contain links or attachments that either take you to a website that looks like your bank's, or install malware on your system. A 2015 report by Verizon into data breach investigations has shown that 23pc of people open phishing emails.

2. Non-investment fraud - 1,028,000

AKA Ponzi schemes. Examples include penny stocks, pension liberation, and investment in commodities, such as wine or art, that later prove worthless

3. Computer virus - 1,340,000

Unauthorised software damages or takes control of your machine. For example: "Ransomware" encrypts your files and pictures then demands a payment to restore your access to it

4. Hacking - 681,000

Criminals exploit security weaknesses to illegally access other machines or networks. They steal sensitive data or subvert machines for their own purposes, such as sending spam or launching other cyber attacks

5. Advance fee fraud - 117,000

The victim is promised access to a great deal of money in return for a smaller upfront payment. For example, the classic "Nigerian Prince" email scam

6. Other fraud - 116,000

One example is "solicitor scams", where a solicitor's website is hacked, then clients asked to divert large payments into the criminals' bank accounts.

7. Harassment and stalking - 18,826

Threats, abuse and online bullying - what's commonly been termed "trolling" on social media

8. Obscene publications - 6,292

Pornography that meets the definition of the Obscene Publications Act, thus generally involving some form of physical abuse

9. Child sexual offences - 4,184

Assault, grooming, indecent communication, coercing a child to witness a sex act. These crimes may be being under-reported

10. Blackmail - 2,028

This includes threats to publish intimate photographs online

(1st November 2017)

(The Telegraph, dated 7th October 2017 author Sam Meadows)

Full article [Option 1]:

Property buyers who sought to sidestep stamp duty - in some cases by using apparently legitimate schemes - now face having to pay the original duty and in certain instances fines and costs on top.

The marketing of so-called "avoidance schemes" surged in the wake of successive stamp duty increases, particularly after the 3 percentage point surcharge that has applied to second property purchases from April 2016.

Many schemes sought to establish their legitimacy by quoting opinions of lawyers - but in many cases the processes had not been tested in court. Other schemes were plainly fraudulent and destined to fail.

But the backdrop of stamp duty bills running into tens of thousands of pounds, and widespread confusion around the surcharge rules, meant these schemes were tempting to many.

Telegraph Money first warned in July 2016 of the dubious legal basis regarding these manoeuvres, some of which promised to cut the duty by up to 100pc - for a fee.

Now a number of cases are coming through where HM Revenue & Customs has caught up with property buyers and is demanding payment - and in some instances is adding 100pc to the bill as a penalty.
'We should have paid £37,000 - we'll end up paying £91,000'

One Telegraph Money reader, a hospital doctor, bought a house in Cambridgeshire in 2014. Self-professedly "ignorant" about how stamp duty worked, in the course of researching the transaction she came across a company named CDP Corporate, which was promoting a tantalising avoidance scheme.

The stamp duty bill on the property, costing around £1m, should have been £37,000. The use of the scheme would cut this to just £5,000 and save £32,000, she was promised.

The deal went through using a conveyancer recommended by CDP Corporate. She paid £16,000 in fees for using the scheme. In all, once the purchase went through, the buyer believed she had saved £16,000.

Yet six months after the transaction she received a letter from HMRC saying it was investigating the legality of the scheme. She heard nothing more - until last month.

Out of the blue HMRC sent her a bill for £75,000. This was made up of the original duty plus a raft of penalties. She and her husband attempted to contact CDP Corporate but found it had been dissolved.

But the husband told Telegraph Money: "My wife is a doctor. She doesn't have the time to think about these things, so it has come as a massive shock. Her mistake was not taking a second opinion, but she thought she was dealing with trustworthy professionals, and just did what they asked."

He added: "For people with no financial training or experience this is a serious trap."

When Telegraph Money approached him this week he said he believed the scheme had been designed by a solicitor based on the advice of a QC. But he admitted that the "advice" was later discovered to be a forgery.

He said the solicitor in question had fabricated the opinion of a prominent barrister, and that CDP Corporate - which he presented as merely marketing the scheme for a fee - was forced out of business as a result. He said that he had no knowledge of the forgery while recommending the scheme to people.

Mr Connolly is currently a director of a separate company named CDP Tax & Wealth, trading under the name Fiducia Wealth & Tax. Its website claims to be able to save a buyer of a £1m second home £43,328 in stamp duty. Mr Connolly insisted the strategies deployed by Fiducia Wealth & Tax were entirely legal. He said: "Touch wood, our barristers and accountants are as good as it gets."

Inventive Tax Strategies, Professional Advice Bureau, Sterling Tax Strategies and Bell Strategies had promised to refund customers' fees if their tax-busting strategies failed, but were unable to do so.

Two insurance policies taken out with a company based in Belize also failed to pay out. In a further twist, court papers show the companies made applications to HMRC for VAT refunds in order to pay their creditors - leading the taxman to make payments totalling more than £3m. HMRC later realised its mistake and blocked further requests for a sum of £2.1m.

ITS Action Group now represents a number of the four companies' customers, who have been made creditors by the administrators.

A spokesman for HMRC said: "Most avoidance schemes simply do not work, and the people who get involved can end up paying more than they were trying to avoid in their misguided attempts to save money."

He added that a "scheme reference number" - a reference for HMRC - does not mean it has been cleared by the taxman. Schemes must always be disclosed.

Paul Emery, a partner at PwC, the accountancy firm, said new rules requiring anyone using a scheme to mitigate tax to disclose details to HMRC were curtailing these sorts of cases, noting: "HMRC is also using Land Registry data and matching this up with tax returns."

He added: "It can be difficult to discern legitimate planning from something the courts are likely to find against. If it does sound too good to be true, get a second opinion from a professional."

The Fiducia mentioned here is in no way connected with Colchester-based Fiducia Wealth Management

(1st November 2017)

(Huffington Post, dated 3rd October 2017 author Christopher Elliott)

Full article [Option 1]:

Harvey. Irma. Maria.

In a hyperactive hurricane season, the mere mention of these storms evokes fear, dread - and regret.
But this year feels a little different, maybe because of the proliferation of rip-offs that followed these disasters, from repair fraud to relief scams. And these swindles continue in Texas, Florida, Puerto Rico - and perhaps even in your own neighborhood.

"There are the normal scams that occur after a hurricane that have become tried and true," says Daniel Stermer, the mayor of Weston, Fla., and a former prosecutor who handled price gouging claims and other fraud-related crimes. "They include debris cleanup, storm shutter removal, tree trimming, home repairs, and other things that homeowners need immediately and do not have a frame of reference on whether the price they are being quoted is reasonable or truly price gouging and a scam."

Since this year's storms have been so intense, the scammers are reaching new victims, particularly when it comes to hurricane-related charities. To get the full picture, you have to look at what happened, consider what might happen, and talk to hurricane scam experts. And it quickly becomes clear that even though the storms are past, the worst is not over.

Bottom line: You can fall for a swindle without being in a state, or even a country, affected by a hurricane. And this year's wave of hurricane scams, like the storms themselves, have been remarkable:

Fake charity scams

"Beware of fake charity websites set up to take advantage of those looking to donate for a recent disaster," warns Michael Lai, CEO of, a ratings site. After every major disaster, fake websites spring up that take advantage of people who want to help, he says. "For example, after the Haiti earthquake, there were fake Haiti earthquake relief sites. It was simply astounding."

What to do? Look up your charity on a site :

For the USA :Charity Navigator or GuideStar to ensure it's legit.
For the UK : Charity Commission

Never send charity money through a wire transfer, Western Union or MoneyGram. A reputable nonprofit never requests money by wire transfer, says Lai. "If you can, use a credit card or PayPal which will offer fraud protection." Never give out personal information, such as your social security number, or home address to someone calling to ask for a donation.

(1st November 2017)

(London Evening Standard, dated 9th October 2017 author Patrick Grafton-Green)

Full article [Option 1]:

A serial fraudster who was caught trying to flee the country after phoning an investigating police officer to threaten him and his family has been jailed.

Jonathan Richman, 52, of no fixed abode, was sentenced to a total of two years in prison at Isleworth Crown Court on Friday after fleecing travel companies and holidaymakers for years.
He pleaded guilty to fraud and money laundering offences totalling more than £80,000.

Between 2011 and 2015, Richman posed as a travel agent under the name Jamie Malcolm dealing in last-minute holidays at low prices.
But without his clients' knowledge, Richman paid for the holidays using fraudulent credit card details, as they paid money into bank accounts he controlled.

Travel companies were left thousands of pounds out of pocket when credit card companies later spotted the fraudulent payments and recovered the money.

And in some cases, where the fraud was spotted quickly, Richman's customers had their holidays cancelled, and were left unable to get their money back from him.

The Met launched an investigation in September 2013 when two people returning from a holiday in Thailand were arrested by officers at Heathrow Airport.

It quickly became apparent they were victims of Richman's fraud, police said.

A breakthrough in finding out Richman's true identity or whereabouts came in October 2014 when Richman called the Heathrow CID office and made threats against one of the investigating officers and his family, telling him to "leave [him] alone".

Detectives traced the mobile phone numbers used to make the calls, and were then able to link the numbers to Richman. He was arrested in February 2015 in Brighton.
In total, officers identified around 16 victims - including companies or people - who had fallen foul of Richman's scams.

He was convicted of fraud and malicious communications offences in March 2015 and sentenced to a total of four years' in prison.

After Richman was released on licence from prison in August 2016, he breached his licence and was on the run from police. He was eventually arrested at Gatwick Airport on August 28, trying to board a flight to Morocco.

He was charged on August 29 with the additional offences, and pleaded guilty at Isleworth Crown Court on September 27 to three counts of fraud, money laundering and the possession of fraudulent documents and articles for use in fraud.

Detective Sergeant Dave Bullamore, from the Met's Aviation Policing Command, said: "Richman was carrying out these frauds effectively as a full time occupation.

"He went to great lengths to try and conceal his true identity, right from renting a flat under a false name to setting up fake bank accounts.

"But his arrogance proved to be his downfall when he called the detectives to threaten and warn them off from investigating him.

"We were finally able to match his face to his true identity and arrest him, and despite his attempts to go on the run and evade justice, he is now facing further time behind bars."

(1st November 2017)



If the scam is not in the UK at the moment, it probably will be in the future !

(Bloomberg Business Week, dated 12th September 2017 author Jennifer Surane)

Full article [Option 1]:

On a warm day in May, agents from the FBI and the U.S. Postal Inspection Service descended on a leafy neighborhood in South Carolina and raided the home of a DJ suspected of using fake identities to obtain 558 credit cards from Capital One Financial Corp.

Inside, investigators found a pair of handwritten ledgers listing names alongside purported Social Security numbers, birth dates, and addresses-tracking some of the identities he allegedly had cultivated since the end of 2013. Prosecutors estimate Whitlock tapped at least $340,000 using the credit cards.

Such scenes are part of a newly defined front in the war against credit card fraud. Known as synthetic identity theft, the scam relies on creating identities rather than stealing existing ones.

(The Dallas Morning News, dated 8th September 2017 author Kevin Krause)

Full article [Option 1]:

When employees get an email from their CEO asking them to do something, chances are they will do it - fairly quickly and with no questions asked.

Amechi Colvis Amuegbunam counted on it. And he was right.

Employees wired company money to where Amuegbunam told them - most often foreign banks. He pulled it off by cleverly creating email accounts that made it appear as if he were a company executive, authorities said.

A federal judge sentenced him last week to 46 months in federal prison for duping more than 10 victims out of about $3.7 million.

(Irish Examiner, dated 7th September 2017)

Full article [Option 1]:

Householders have been warned to remain vigilant as cybercriminals aim to steal from bank accounts via another wave of fraudulent emails claiming to come from Irish Water, writes Joe Leogue of the Irish Examiner.

Internet security firm ESET Ireland has warned computer users are receiving an email titled "Update your account details" which is doctored to resemble a communication from Irish Water.

The email is a phishing scam designed to steal credit card information and Irish Water login information.

"Clicking on the link leads to a forged log-in page, where the victim first hands over their Irish Water log-in details, and is then asked to enter all the details of their credit or debit card as well and confirm it," ESET warned. "After providing the cybercriminals with all the required info, the user gets bounced back to the actual Irish Water website," it said.

(Fox News, dated 1st September 2017 author James Rogers)

Full article [Option 1]:

MacEwan University in Edmonton, Alberta has confirmed that it lost 11.8 million Canadian dollars (US $9.5 million) after falling victim to a phishing attack.

In a statement released Thursday, the university said that a series of fraudulent emails convinced staff to change electronic banking information for one of the institution's major vendors. As a result of the fraud, $9.5 million was transferred to an account that staff believed belonged to the vendor.

(Tech Republic, dated 1st September 2017 author Alison DeNisco)

Full article [Option 1]:

With every large news event of natural disaster comes a barrage of scam emails and websites, with cybercriminals attempting to take advantage of interest in the situation. Hurricane Harvey, which damaged or destroyed more than 44,000 homes in Houston, TX, has sadly set off a spate of hackers attempting to profit from the disaster.

"Natural disasters are open season for cyber criminals intent on making a buck using time-tested and fraudulent means," said Steve Durbin, managing director of the Information Security Forum. "Email infection, fake websites, and traditional phishing attacks are all to be expected."

(1st October 2017)

(International Business Times, dated 20th September 2017 author Jason Murdock)

Full article [Option 1]:

A "corrupt banking insider" working for Barclays, along with four other men, have admitted laundering at least £16m ($21m) for a gang of international cybercriminals.

Between 2013 and 2016, the group used roughly 400 bank accounts in a conspiracy that involved receiving stolen money into one account and then dispersing it into smaller sums across multiple other accounts, the National Crime Agency (NCA) said Tuesday (19 September).

The process, investigators found, would be repeated several times - to disguise the source of the money - before being sent back to cybercriminals.

The hackers were reportedly traced back to a location in Eastern Europe, which has not been revealed.

Nilesh Sheth, 53, a personal banking manager at Barclays, opened a large number of so-called "mule accounts" using fake IDs and address documents.

And he was not alone, the NCA quickly concluded.

Iurie Mereacre, a 37-year-old Moldovan national, ran the money laundering service from his home in London, along with three associates, brothers Iurie Bivol (36) and Serghei Bivol (31) along with Ryingota Gincota (28).

"Sheth abused his position of trust at the bank to knowingly open sham accounts for the network, providing a vital service which enabled them to launder £16 million worth of stolen cash," said Mike Hulett, head of operations at the NCA's cybercrime unit.

The "step-by-step" guide

Prior to their arrests, on 3 November 2016, the laundering group was seen meeting with Sheth on numerous occasions at his bank, and in public places including restaurants and car parks.

On the day of the arrests, NCA officers recovered multiple mobile phones, financial ledgers and 70 mule packs from Mereacre's flat.

The mule packs contained ID and banking documents, bank cards and security information that enabled the group to obtain access to the accounts.

In a move that was surely pivotal to the investigation, officers also seized a hand-written "step-by-step guide to money laundering", which contained instructions on how to move money to accounts at various banks and notes on which accounts had been blocked by bank security.

In a search of Sheth's home in Redwoods Close, Buckhurst Hill, officers recovered over £16,000 in cash and nine mobile phones hidden around his house, including under the kitchen sink.

A number of the phones, the NCA discovered, had been used to communicate with Mereacre and contained text messages sent between the pair, organising meetings and payment.

On Thursday 15 June 2017, at the Old Bailey, Mereacre, Sheth and both Bivol brothers pleaded guilty to roles in the conspiracy.

Gincota opted to take the case to trial but later pleaded guilty to fraud offences on 19 September, authorities said.

A Barclays spokesperson said: "This is a rare occasion where an individual deliberately exploited our systems. We have worked with and supported the NCA with this investigation and welcome the outcome of proceedings.

"Barclays will always support law enforcement in identifying criminal activity and bringing prosecutions."

"Abused his position"

Rose-Marie Franton, from the Crown Prosecution Service's (CPS) International Justice and Organised Crime Division, said: "These men deliberately and persistently set about transferring millions of pounds of stolen money out of the UK to Eastern Europe.

"Working closely with NCA investigators, the CPS presented a strong case with the result that today all the defendants have admitted their guilt.

"The evidence we gathered showed how Nilesh Sheth abused his position as a bank employee for personal gain by facilitating the laundering the criminal proceeds of an organised crime group both within the UK and across borders."

The NCA could not elaborate on the identity of the foreign cybercriminal gang.

Back in 2008, the Northampton Chronicle and Echo reported that Mereacre was linked to an "international card cloning and skimming scam" that was using more than 100 bank accounts and pin numbers were used to net approximately £105,000 in illegal profit.

At the time, the regional newspaper reported he was caught by a Tesco security guard.

(1st October 2017)

(International Business Times, dated 20th September 2017 author AJ Dellinger)

Full article [Option 1]:

A new, widespread ransomware attack has started spreading through emails with malicious attachments-including some disguised to look like they came from multi-level marketing nutrition company Herbalife-is hitting millions of inboxes around the world.

The campaign was first spotted by cybersecurity firm Barracuda Labs on Tuesday, at which point the attack had been delivered about 20 million times over the course of a 24 hour period. Since then, the campaign has continued at rate of about two million attacks per hour.

The attack has been impressively prolific since it launched earlier this week. Barracuda has identified at least 8,000 different versions of the virus script so far, suggesting the attackers are randomizing parts of the attack in order to avoid detection from anti-virus tools.

While the origins of the attack are still unknown, Barracuda did note that the largest volume of the emails appeared to come from Vietnam, with other significant sources of the attack including India, Columbia, Turkey and Greece.

According to Barracuda, the payload files delivered by the malicious emails and the domains used to host the secondary payloads downloaded onto a victim's computer have also changed multiple times since the start of the attack.

Potential victims may see any number of variants of the attack, though a common version of the malicious email has contained branding from Herbalife, a popular nutritional supplement and personal care product provider.

The email claims to contain an attachment that is an invoice for an order placed through the company. If a person downloads and opens the file, it will launch the ransomware installer hidden in the document.

Other variants of the email that have appeared claim to be a delivery of a "copier" file or contain a paragraph of legalese that make it appear as though the email is some sort of official or legitimate document.

The messages often come from a spoofed domain, making it appear as though it is from a person within the same organization as the target or from another trusted source-an increasingly popular technique for tricking people into clicking on malicious links, though one that could be avoided with the proper protocols like DMARC implemented by organizations.

While the campaign is currently targeting organizations and businesses, it isn't believed to be from a state-sponsored actor and the motivations appear to be primarily financial, as is often the case with widespread ransomware attacks.

While victims may be tempted to pay the ransom when their computer is infected and their files are made inaccessible by the attack, they are advised not to do so. This is generally the best practice but applies to this attack in particular, as Barracuda noted that victims who pay will not have their files unlocked.

"Barracuda researchers have confirmed that this attack is using a Locky variant with a single identifier. The identifier allows the attacker to identify the victim so that when the victim pays the ransom, the attacker can send that victim the decryptor," the researchers explained in a blog post. "In this attack, all victims get the same identifier, which means that victims who pay the ransom will not get a decryptor because it will be impossible for the criminal to identify them."

Barracuda also noted the campaign is checking the language files on a victim's computer, suggesting it may may lead to an international version of the attack in the future.

(1st October 2017)

(Mirror, dated 13th September 2017 author Emma Munbodh)

Full article [Option 1]:

Clever fraudsters are posing as anti-scam officers to trick victims into handing over details for 'refunds', it has emerged.

In a warning on Wednesday, Action Fraud - the government's security arm - said it was aware of a series of letters currently in circulation that are claiming to be from the National Fraud Intelligence Bureau (NFIB).

The letters - which are being sent out to victims of fraud - are offering them the chance to have their money returned.

To receive the refunds, it asks them to send their personal details to a South African bank. However, it uses the NFIB branding and the name of the City of London Police's Commissioner, Ian Dyson, to appear credible.

The NFIB is part of Action Fraud, it sits within the City of London Police which is the national policing lead for fraud.

In a statement it said: "The fraudsters are sending these letters so that they are able to gather bank details and defraud people who have already fallen victim to fraud."

However to protect themselves, customers are being warned to take the following steps:

- Be prepared: If you've been a victim in the past, challenge any letters from people you don't know or companies you've never contacted. Clarify any letters directly with the relevant organisation.

- If you're asked to pay, or give your bank account details, end all contact.

- Ask questions: Ask them how they found out that you had been a victim. Any report of fraud is protected by law and can't be shared with anyone else outside of law enforcement agencies.

City of London Police's Detective Chief Inspector Andy Fyfe said: "This fraudulent letter is clearly not something that the National Fraud Intelligence Bureau would send to the public. It takes advantage of peoples' trust in order to steal money from those who have already fallen victim.

"By using recognised organisations, including the National Fraud Intelligence Bureau's branding and the City of London Police's reputation, the fraudsters are attempting to appear credible.

"If you are unsure about a letter you have received from the National Fraud Intelligence Bureau, please contact Action Fraud directly before giving away any of your personal details."

If you have been affected by this, or any other scam, report it to Action Fraud by calling 0300 123 2040, or visiting .

(1st October 2017)

(The Register, dated 6th September 2017 author Kat Hall)

Full article [Option 1]:

BT customers in the UK have been targeted by scammers in India - with one person reporting they were defrauded for thousands of pounds this week.

The issue appears to have been going on for more than a year. Some customers said the fraudsters knew their personal details.

One reader got in touch to report that his father-in-law has been having problems with his BT broadband, which he contacted the company about.

This week he got a call from someone asking for him by name, talking about his broadband problems. This individual claimed he had malware on his computer and said he need to access his machine via a third-party client.

"Within the hour he had over £1,000 in two payments from his bank account. Fortunately Lloyds stepped in on the second larger payment and stopped it progressing," said his son-in-law, who asked not to be named.

A BT customer forum thread entitled Possible Scam has hundreds of comments dating back from last year.

One recently wrote they had already been in touch with BT about their broadband prior to receiving a call from an Indian man stating that he was calling from BT.

"He asked me to confirm the postcode and address which he gave to me over the phone and then my date of birth. At that point I said no and he hung up. Clearly a scam call and weirdly, never had to call BT until the last few weeks and all of a sudden a call."

Another said the same thing happened to him, adding that the caller was very plausible until they wanted remote access to his PC hard drive.

"She even knew my address, phone number and both mine and my husbands name... so had access to some of our details."

Fraud appears to be a growing problem across the sector. Last month TalkTalk was hit with a £100,000 fine after the data of the records of 21,000 people were exposed to fraudsters in an Indian call centre.

A BT spokesman said: "BT takes the security of its customers' accounts very seriously. We proactively warn our customers to be on their guard against scams. Fraudsters use various methods to 'glean' your personal or financial details with the ultimate aim of stealing from you. This can include trying to use your BT bill and account number."

He advised customers should never share their BT account number with anyone and always shred bills. "Be wary of calls or emails you're not expecting. Even if someone quotes your BT account number, you shouldn't trust them with your personal information."

He said: "We'll never ask customers for personal information out of the blue and we'll never call from an 'unknown' number. If we're getting in touch about your bill, it will usually be from either 0800 328 9393 or 0800 028 5085."

(1st October 2017)


(Actuarial Post, dated July 2017)

Full article [Option 1]:

At the start of Citizens Advice's 'Scams Awareness Month', Kate Smith, head of pensions at Aegon, highlights the need for consumers to be on their guard to spot and prevent scams:

"Not only are they master manipulators, scammers are constantly evolving ways to trick victims. The sad fact is that in today's world, people's savings are under threat from potential fraudsters. However, while incredibly serious, this isn't something that should keep people awake at night. Following some simple steps can ensure that people protect themselves.

"Scammers are becoming increasingly sophisticated in the ways they target people's money, including pension savings. Being aware of what to look out for can not only protect your money, but save you a lot of stress as well. While initially tempting, companies promising high returns from unusual unregulated investments, or offering early access to pension savings, more often than not, turn out to be scams. It can be all too easy to be taken in by scammers, but being on your guard is your first, and best, line of defence.

"It's not only individuals who need to guard against the threat of scammers though, we stand a much stronger chance of beating them by being collectively vigilant. No controls are infallible, so pension providers and schemes, along with advisers, need to be alert and update controls as scams evolve.

"Thwarting scammers at every opportunity is key and strengthening regulation can certainly dent scammers' success rates. The promise of high returns by persuading individuals to move pensions overseas, when the individual has no intention of living abroad, was previously one of the scammers' favourite tactics. Today, it has almost disappeared off the radar, thanks to government regulation. The introduction of an immediate 25% tax charge proved a simple and effective way to clamp down on this type of fraudulent activity, resulting in an almost immediate decline in this type of scam.

"In a similar vein, we were relying on a new Pension Bill to address issues highlighted by the pension industry to give savers greater protection. Unfortunately, the Queen's Speech was disturbingly quiet on any legislation to ban pension cold-calling or give schemes and providers greater powers to block suspicious transfers.

"Pension scams won't just go away without some serious action. Limiting the right to a statutory transfer could potentially safeguard millions of pounds from scammers. The government must keep this on its agenda, speak up and take the issue seriously.

Top Tips to avoid scammers

1. Try not to engage in conversation with Cold Callers. The safest thing to do is to hang up.
2. Think about installing call blocker technology on your phone.
3. Never give out personal information, including your bank details.
4. Always check the Financial Conduct Authority (FCA) online register if you doubt a company.
5. Check the FCA ScamSmart warning list for known investment scams.
6. Use the Pension Advisory Online tool to Identify a pension scam if you are worried about information given or action you've taken
7. Never feel pressurised into making a quick decision, and read any documents carefully before you sign on the dotted line.
8. Always do the research. As always, if in doubt, use a regulated adviser. You can find one of these using the 'unbiased adviser' website.
9. Report any concerns to your pension provider, adviser, or Action Fraud by calling 0300 123 2040 or online at

(28th September 2017)

(Which ?, dated 9th August 2017 author Melissa Massey)

Full Article [Option 1]:

As many as nine in ten people said they are receiving at least one dodgy email a month that's evaded their spam filters, new Which? research on email scams has found.

Our research also found that more than half of people are getting as many as five scam emails a month in their inbox, with many claiming to be from trusted services and legitimate brands.

The research highlights how common the problem of bogus phishing emails is. And, with many appearing to be from what look like reputable sources, they can all too often trick people into losing money or giving away personal information.

Positively, almost all of respondents were able to spot at least one tell-tale sign in a scam email, but only around two in five look out for any links to dodgy websites included in the email or look to see if the branding is any different than usual.

The research showed that while overall only 3% of people lost money to a scam email, on average women ended up parting with more than double the amount of money as their male counterparts. Women lost £2,186 on average, while men lost £975 on average. If you've lost money to a scam your next steps will depend on how you were parted from your cash.

Impersonating trusted brands

Fake emails impersonating PayPal top the list of the most common phishing scams, with 56% of respondents saying they had received an email claiming to be from the payments company.

Trusted services and brands impersonated by scammers include PayPal, banks, HMRC and Apple (including iTunes). Nearly a third of respondents also reported that they'd received emails from a stranger asking for money.

Where some scam emails received claimed to be from :

PayPal : 56%
A Bank : 49%
HMRC : 40%
Stranger asking : 31%
Apple (+itune) : 26%
eBay : 20%
A Supermarket : 18%
An email provider : 13%
Microsoft : 13%

(Answers from 1,575 respondents)

Bogus phishing emails all too common

And, while most people are likely to delete dodgy emails and some mark them as spam, almost one in four of today's centennials (18-21 year olds) did nothing with the scam email they received - a much higher proportion than the national average of just 4%.

Alex Neill, Managing Director of Home Products and Services at Which? said: 'Bogus phishing emails that look like they are from reputable sources are all too common and can trick people into giving away personal information, and in some cases losing money.

'Our research shows it's often the youngest consumers that are most at risk of opening these emails and that they are also less likely to do something about a scam email. Our top tips guide on how to spot an email scam is available for free on our website to help consumers stay ahead of the scammers' tactics and reduce the risk of them becoming a victim of fraud.'

Stay vigilant and take action to tackle fraud

Which? is warning consumers to be vigilant and take action, to reduce the risk of them becoming a victim of fraud. To help consumers stay safe online, Which? has produced a free online guide full of tips to help people spot an email scam here.

Which? is calling on the Government to set out an ambitious agenda to tackle fraud, publish an update on the progress of the Joint Fraud Taskforce and outline what action it will urgently take to safeguard consumers from scams.

This research was carried out by Populus on behalf of Which?. They contacted 2,114 adults via an online poll in June 2017. The data is weighted to be nationally representative of the UK.

(28th September 2017)

(The Independent, dated 22nd August 2017 author Aatif Sulleyman)

Full article [Option 1]:

Criminals are stealing people's money by taking control of their phone numbers behind their backs, a new report says.

They're managing to persuade agents at mobile networks to transfer control of targets' phone numbers to their own devices.

The technique isn't brand new, but is growing increasingly popular, according to the New York Times.

It reports that identity thieves often call agents multiple times, to request the transfer of a particular phone number, with "sob stories" about made-up emergencies commonly used.

Even if their request for the number is turned down repeatedly, their hope is that they'll eventually get to speak to an agent that falls for the scam.

Once they succeed, they can break into any accounts that use the number as a security backup, by resetting the passwords.

This can give them access to valuable information, such as bank account details, and also enable them to blackmail their intended target, by threatening to leak personal information.

However, the New York Times says criminals have started targeting investors in digital currencies - such as bitcoin - and venture capitalists, often finding them through social media.

This is largely because digital currency transactions are irreversible, leaving victims completely helpless.

Earlier this year, a security researcher discovered a "gaping hole" in Facebook that lets anyone easily break into an account.

The problem stems from the fact that Facebook allows you to link multiple phone numbers to your account, and doesn't force you to remove old ones once you've stopped using them.

Therefore, anyone who inherits your old number could easily reset your password and lock you out of your own account.

(28th September 2017)

(This is Money, dated 25th August 2017 author Rachel Straus)

Full article [Option 1]:

Cases of insurance identity fraud have shot up this year, from just 20 between January and June 2016 to 2,070 over the same period this year.

The rise means it's the fastest-growing type of identity theft in the UK, at a time when it is reaching 'epidemic' levels.

Identity theft is when fraudsters get hold of the data of their victims, such as their names, dates of birth and addresses, through a variety of routes including stolen mail, the dark web, hacking or exploiting information on social media.

The fraudsters then use this information to take out products in their victims' names, for example opening bank accounts and applying for credit cards, loans, shopping online - and now, insurance.

nsurance identity fraud is when a criminal uses these methods to take out an insurance product in someone else's name.

Nick Mothershaw, director of identity and fraud solutions at Experian, explains why someone would want to do this.

He says that this type of fraud is often called 'ghost broking', and involves 'taking out a policy using a good address that gets a low premium, doctoring it, and selling on to an unsuspecting buyer looking for a better premium'.

The victim of insurance identity theft might not find out about the crime until they receive some kind of correspondence from an insurance provider with whom they do not have a policy, asking for payment or alerting them to an issue.

Similarly, the victim who unwittingly buys the doctored insurance cover may not find out that they do not have a valid policy until it's too late and they try to make a claim.

Other types of insurance fraud can involve people not telling the truth to get a better premium or people making false or exaggerated claims, says Nick.

To check whether your insurance product is legitimate, the Association of British Insurers says you can check that it is listed on the Motor Insurers' Bureau's Motor Insurance Database, which records policy details of all vehicles in the UK.

It also says to beware of insurance policies sold via social networking websites, pubs clubs and bars, newsagents and motor repair shops.

The Insurance Fraud Bureau ( ) runs Cheatline with Crimestoppers to report insurance fraud.

Identity fraud cases overall rose by another five per cent in the last year, with nearly 500 cases a day - with the majority of scams taking place online, according to fraud prevention body Cifas.

Simon Dukes, Cifas chief executive, said: 'We have seen identity fraud attempts increase year-on-year, now reaching epidemic levels.

'These frauds are taking place almost exclusively online. The vast amounts of personal data that is available either online or through data breaches is only making it easier for the fraudster.

'Criminals are relentlessly targeting consumers and businesses and we must all be alert to the threat and do more to protect personal information.

'For smaller and medium-sized businesses in particular, they must focus on educating staff on good cyber security behaviours and raise awareness of the social engineering techniques employed by fraudsters. Relying solely on new fraud prevention technology is not enough.'

(28th September 2017)

(Hertfordshire Police Neighbourhood Watch, dated 28th August 2017)

We have received a number of reports recently where Hertfordshire residents have lost items or money after they believed they had sold items online to purchasers using PayPal. The two most common scams were:

Buyer asks for items to be sent to an alternative address

The buyer sends money via PayPal but asks for item to be sent to a different address, such as their "work address" or a "gift address". The victim receives the payment and sends the item to the new address. The buyer then claims they did not receive the item and requests a refund. Because the seller sent the item to a different address, they are not covered by PayPal's seller protection, so the buyer receives their refund and the seller ends up with neither the items nor the money.

Fake PayPal confirmation email

The buyer tells the seller that they will pay using PayPal. The seller then receives an email (that looks to be identical to a normal PayPal email) confirming payment has been received. The seller then sends the item. However, the PayPal confirmation email was fraudulent and the payment was never made.

Protect Your Money

- Don't accept an email as proof of payment, always check your account to ensure monies have been received. Log in to your account via your app or browser, never via an emailed link.

- Please bear in mind when selling items via PayPal, the User Agreement contains the following: "A key eligibility requirement of the Seller Protection Programme is that, for tangible items, the seller must post the item to the address which appears on the transaction details page."

- To view the PayPal User Agreement, visit and click on "Legal" in the bottom right hand corner of the page.

(28th September 2017)

(International Business Times, dated 25th August 2017 author James Billington)

Full article [Option 1]:

When something looks too good to be true, it usually is. That's why easyJet has issued a warning about a free ticket internet scam fooling Facebook users into thinking they've won complimentary trips away.

Hackers are luring users into clicking on potentially harmful malware by posting on what looks like a genuine easyJet Facebook account with a competition celebrating the low-cost airline's 22nd anniversary. The fake advert claimed "easyJet is gifting 2 free tickets to everyone!" along with a picture of a boarding pass and the offer of two tickets per users if they took part in a survey.

Victims who click on the link were redirected to a fake page where it urged users to "hurry up" due to a limited number of tickets left. The survey asks for personal information and to also share the offer on Facebook in order to redeem the prize, thus gaining access to their profile.

This information could then be sold on or used for further phishing attacks.

"These stolen credentials can be resold or traded on underground forums and sites. Also, these scams can be further weaponised to drop ransomware or other more advanced styles of malware if the attackers so choose. The ease of further weaponising a simple campaign like this is concerning in and of itself," said Tim Helming, Director, Product Management at DomainTools.

The scammers were able to make the scheme look as genuine as possible by also including comments from fake customers who said they had won.

"I won the tickets...thank you easyJet," said one, while another claimed "it was busy at the easyJet counter today. It seems that so many people have won these tickets".

The false website was also set up with an address similar to that of the genuine easyJet site but not affiliated at all, further duping victims into thinking it was real.

This practise is known as typo squatting and here, the easyjetlover[.]us web address was used and repeats an identical scam that appeared on Facebook the week before claiming to be offering free RyanAir tickets, as well as an Aldi scam offering shoppers a free £65 coupon.

Helming reveals that on further investigation DomainTools found that the same person behind this campaign is connected to 113 other domains that are disguised as brands including British Airways, Ryanair and Pizza Hut.

EasyJet has acknowledged the scam, confirming it is fake and not a real giveaway and that "genuine competitions of this nature will only be hosted on easyJet's official Facebook page".

It warns customers to stay clear and encourages users to flag any malicious posts of this nature to the company.

The security experts at DomainTools advise users to stay safe by looking out for tell-tale signs such as typos on the website or coupon, as well as domains that have '.com-[text]'. A good way to ensure you're not being redirected somewhere you shouldn't is by hovering your mouse over the URL to see where the link will take you.

(28th September 2017)

JULY 2017

(The Register, dated 20th Jul 2017 author Iain Thomson)

Full article [Option 1]:

Foreign students looking to experience the stochastic joys of a year at Newcastle University in England are being warned that phishers are after their cash - using an unusually well-crafted attack.

The raiders set up a very realistic-looking fake website proclaiming itself to be Newcastle International University, complete with pages of well-laid-out information. The URL isn't that of the actual university site, but if you're a student unfamiliar with the center of learning, it would be easy to be fooled.

"We have been made aware of an unofficial website which is fraudulently using the Newcastle University brand and accepting credit card payments to apply for courses," the university said. "The website Newcastle International University is in no way affiliated with the University and we are advising anyone who finds the website should not submit any personal details."

It's the ideal time for phishers to pull a stunt like this. The exam results announcements for British students looking to go to university will be released within a month and overseas students are already trying to secure their places, and so could be vulnerable to slapping down the plastic if they think they can secure their place in academia now.

While the university has no comment at this time, it's thought the website was spammed out via email to these foreign students, who are also unlikely to notice that the site uses faked Newcastle University logos and coat of arms. The fake site not only tries to harvest credit card data, but also asks for other personal information, including passport details.

"Make no mistake, this is an effective scam. They've put in the time and effort to create a remarkably realistic website. It is well designed, well executed, and it highlights the very real danger of modern spoofing attacks," said Azeem Aleem, director of advanced cyber defence practice - EMEA at RSA.

"Newcastle University's response has been admirable, quickly identifying and warning prospects about the site. Yet it is often very hard for a company or organisation to know if their site has been spoofed until someone has already become a victim."

(21st September 2017)

(Via BBC News, dated 12th July 2017 author Bruno Buonaguidi - Universita della Svizzera italiana)

Full article :

If you are the owner of a credit or a debit card, there is a non-negligible chance that you may be subject to fraud, like millions of other people around the world.

Starting in the 1980s, there has been an impressive increase in the use of credit, debit and pre-paid cards internationally. According to an October 2016 Nilson Report, in 2015 more than $31 trillion were generated worldwide by these payment systems, up 7.3% from 2014.

In 2015, seven in eight purchases in Europe were made electronically.

Thanks to new online money-transfer systems, such as Paypal, and the spread of e-commerce around the world - including, increasingly, in the developing world (which was slow to adopt online payments) - these trends are expected to continue.

Worldwide losses from card fraud rose to $21 billion in 2015, up from about $8 billion in 2010. By 2020, that number is expected to reach $31 billion

Thanks to leading companies such as Flipkart, Snapdeal and Amazon India (which together had 80% of the Indian e-commerce market share in 2015) as well as Alibaba and JingDong (which had upwards of 70% of the Chinese market in 2016), electronic payments are reaching massive new consumer populations.

This is a goldmine for cybercriminals. According to the Nilson Report, worldwide losses from card fraud rose to $21 billion in 2015, up from about $8 billion in 2010. By 2020, that number is expected to reach $31 billion.

Such costs include, among other expenses, the refunds that banks and credit card companies make to defrauded clients (many banks in the West cap consumers' liability at $50 as long as the crime is reported within 30 days for credit cards and within two days for debit cards. This incentivises banks to make significant investments in anti-fraud technologies.

Cybercrime costs vendors in other ways too. They are charged with providing customers with a high standard of security. If they are negligent in this duty, credit card companies may charge them the cost of reimbursing a fraud.

###The types of frauds

There are many kinds of credit card fraud, and they change so frequently as new technologies enable novel cybercrimes that it's nearly impossible to list them all.

But there are two main categories:

card-not-present (CNP) frauds:

This, the most common kind of fraud, occurs when the cardholder's information is stolen and used illegally without the physical presence of the card. This kind of fraud usually occurs online, and may be the result of so-called "phishing" emails sent by fraudsters impersonating credible institutions to steal personal or financial information via a contaminated link.


This is less common today, but it's still worth watching out for. It often takes the form of "skimming" - when a dishonest seller swipes a consumer's credit card into a device that stores the information. Once that data is used to make a purchase, the consumer's account is charged.

The mechanism of a credit card transaction

Credit card fraud is facilitated, in part, because credit card transactions are a simple, two-step process: authorisation and settlement.

At the beginning, those involved in the transaction (customer, card issuer, merchant and merchant's bank) send and receive information to authorise or reject a given purchase. If the purchase is authorised, it is settled by an exchange of money, which usually takes place several days after the authorisation.

Once a purchase had been authorised, there is no going back. That means that all fraud detection measures must be done during in the first step of a transaction

Once a purchase had been authorised, there is no going back. That means that all fraud detection measures must be done during in the first step of a transaction.

Here's how it works (in a dramatically simplified fashion).

Once companies such as Visa or Mastercard have licensed their brands to a card issuer - a lender like, say, Barclays Bank - and to the merchant's bank, they fix the terms of the transaction agreement.

Then, the card issuer physically delivers the credit card to the consumer. To make a purchase with it, the cardholder gives his card to the vendor (or, online, manually enters the card information), who forwards data on the consumer and the desired purchase to the merchant's bank.

The bank, in turn, routes the required information to the card issuer for analysis and approval - or rejection. The card issuer's final decision is sent back to both the merchant's bank and the vendor.

Rejection may be issued only in two situations: if the balance on the cardholder's account is insufficient or if, based on the data provided by the merchant's bank, there is suspicion of fraud.

Incorrect suspicions of fraud is inconvenient for the consumer, whose purchase has been denied and whose card may summarily be blocked by the card issuer, and poses a reputational damage to the vendor.

How to counter frauds?

Based on my research, which examines how advanced statistical and probabilistic techniques could better detect fraud, sequential analysis - coupled with new technology - holds the key.

Thanks to the continuous monitoring of cardholder expenditure and information - including the time, amount and geographical coordinates of each purchase - it should be possible to develop a computer model that would calculate the probability that a purchase is fraudulent. If the probability passes a certain threshold, the card issuer would be issued an alarm.

The company could then decide to either block the card directly or undertake further investigation, such as calling the consumer.

The strength of this model, which applies a well-known mathematical theory called optimal stopping theory to fraud detection, is that it aims at either maximising an expected payoff or minimising an expected cost. In other words, all the computations would be aimed at limiting the frequency of false alarms.

My research is still underway. But, in the meantime, to reduce significantly the risk of falling victim to credit card fraud, here are some golden rules.

First, never click on links in emails that ask you to provide personal information, even if the sender appears to be your bank.

Second, before you buy something online from an unknown seller, google the vendor's name to see whether consumer feedback has been mainly positive.

And, finally, when you make online payments, check that the webpage address starts with https://, a communication protocol for secure data transfer, and confirm that the web page does not contain grammatical errors or strange words. That suggests it may be a fake designed solely to steal your financial data.

The Conversation

Bruno Buonaguidi is a researcher at the InterDisciplinary Institute of Data Science at the Università della Svizzera italiana. This article originally appeared on The Conversation.

(21st September 2017)

(The Telegraph, dated 4th July 2017 author Sam Meadows)

Full article [Option 1]:

When Ian Price handed over his bank cards, pin, and all the cash he had to a motorbike-riding courier in the dead of night he thought that he was acting on instructions from the police.

In fact, he was one of an estimated half a million over-65s who have fallen victim to scammers. More than half of all pensioners have been targeted by fraudsters, according to research by Age UK, the charity, so being aware of scammers is more important than ever.

Mr Price, 89, was phoned by someone purporting to be a police officer. The caller told him that he had been monitoring his bank accounts and had noticed some suspicious activity. The "officer" would send a courier, he said, to collect his bank cards for his own protection. The clincher for Mr Price was the scammer's claim that he could hang up and dial 999 if he was unsure.

He did so, but the fraudster was relying on a little-known quirk of the telephone system that allows a caller to "tie up" your line for a few minutes if they remain on the line after you have put the phone down. This meant that when Mr Price dialled 999 immediately, he was reconnected to the scammer (BT said lines were now tied up for no more than 10 seconds).

Reassured, Mr Price handed his cards and pin to the courier - who arrived at 11pm - thinking that he was doing the right thing. Instead, the scammers ransacked his accounts.

Mr Price's son, Christopher, a charity worker, said the incident had taken an incredible toll on his father. "If you get swindled at a younger age you can kind of rationalise it and deal with it," he said. "At an older age, when your confidence is waning anyway, it can really knock you down.

"It's got to the point where he really has lost his confidence to deal with money or passwords. I deal with his banking, and my sister does all of his online shopping for him. He has an iPad, which he uses to listen to the radio, but anything with an app or a password, he now struggles with. We joke that I'm giving him his pocket money every week."

Mr Price was relatively lucky. His credit card companies refunded him the money and he lost only around £100. But Telegraph Money has reported several times how elderly people who have been scammed have lost tens of thousands of pounds.

Last year, we reported that one reader, Shaun Phillips, had lost £51,000 to fraudsters after he had already been targeted twice and told by his bank, TSB, that he was protected.

Experts have also predicted the Government's database of scam victims - which currently numbers around 300,000 - could reach close to one million by 2019.

Lucy Harmer, a director at Independent Age, a charity that provides information and advice, said the elderly were disproportionately likely to be targeted by scammers. According to the Financial Ombudsman Service, 80pc of phone scam victims are aged over 55, and 65pc of doorstep-scam victims are over 65.

"Older people face multiple risk factors," she said. "They are often home alone, and during the day. They are more likely to pick up the phone and more willing to talk. They may well be more vulnerable the older they get, suffering from dementia and other illnesses."

She added that while statistics existed for the number of people who fell for online scams, many people were too embarrassed to come forward, meaning that the true scale of the issue could be much larger.

Elderly people who fall for one scam often also find themselves put on a "suckers' list". Government estimates suggest that there could be a million people on these lists by 2019. "There are some really sad stories about people who receive more and more contact," Ms Harmer said.

"One of the signs that an older person may be falling victim to scammers is that they receive an unusual amount of post, or they get a lot of phone calls from strangers. If you have been conned once, they pass your details around and you can very easily become a victim again.

"If older people have the information they need," she added, "they can start to spot the things to look out for, and become less likely to fall for the scams."

How can I protect myself from scammers?

Independent Age has launched a Scamwise campaign to help older people stay ahead of the con men. As well as an advice leaflet, the charity has produced an online quiz that allows you to test your knowledge of some of the most common scams.

Ms Harmer said: "For older people who think they may have been scammed, it's important to remember that anyone can be a victim of a crime. It's nothing to be ashamed of. The most important thing is to report it so you can get the support you need, and to help prevent other people being targeted by the same scam.

"It's also good to be aware of the tactics scammers use, and learn how to protect yourself. There are a few simple things you can do, such as hanging up on cold callers, registering with the Mailing Preference Service to reduce the amount of junk mail you get, and never giving out personal information."

(21st September 2017)

(Independent, dated 28th July 2017 author Josie Cox)

Full article [Option 1]:

Thousands of pensioners are at risk of losing their life savings in a rapidly growing financial scam that British authorities are powerless to clamp down on, The Independent can reveal.

Savers are investing their money in fraudulent online trading sites offering the promise of potentially huge payouts with little risk attached.

The majority of the complaints relate to companies that appear to be based overseas and are attracting increasing numbers of users, particularly pensioners, who say their investments are frozen if they try to withdraw their money.

The companies encourage investors to make apparently simple bets on whether shares or currencies will rise or fall in value. Many such "binary options trading platforms" are legitimate, but an increasing number are fraudulent.

Both types currently fall outside the control of financial regulators in the UK, meaning that people have little recourse to get their money back if they feel they've been scammed.

In the year to May 2016, the most recent for which figures are available, the National Fraud Intelligence Bureau (NFIB), which is part of the City of London Police, reported having received 305 reports of binary options scams, or 27 each month.

But one lawyer representing victims told The Independent that the true number is likely to be significantly higher - running into the thousands each year - as victims are frequently too embarrassed to come forward and admit to being conned. He described it as "possibly the biggest financial scam in the world".

Elizabeth Ablett from Derbyshire said that she signed up to a platform caller Binary Uno in December 2016. The 70-year-old's husband had died the previous year and she didn't have a pension big enough to live on.

Ms Ablett said that she initially invested £200 with the company, but that individuals who described themselves to her as "brokers" convinced her to up her stakes, telling her she was trading on the performance of gold and stocks.

By the end of March, she said, she had invested a total equivalent to almost £40,000, nearly her entire life savings. The following month, she said, her online account balance was shown to have slipped to zero. She said that nobody at BinaryUno answered her calls.

"They basically had assured me that the money I invested could not be lost," she told The Independent. She said that they had convinced her to keep paying in by promising to match some of her investments.

Later she said she was contacted by a representative who told her that she would only be paid out if she had trading revenues of at least £1.5m. "Now I realise just how stupid I was," she said. "I have no money at all. I'm skint."

The Australian Securities and Investments Commission and the British Columbia Securities Commission in Canada have both publicly called for caution when dealing with binary options trading platforms. Both specifically name Binary Uno.

Lawyers and personal finance experts speaking to The Independent said the Government was unable to regulate the market because the platforms - even the legitimate ones - were not controlled by the Financial Conduct Authority (FCA) watchdog.

Some binary options trading platforms are regulated by the UK's Gambling Commission, but only if the firm has gambling equipment located in the country.

Pensioner James Hellis, a former self-employed IT worker, said he invested a total of nearly £60,000 in a binary trading platform called Tradorax. Mr Hellis said he was initially approached online by the firm in February 2016. He said that he felt his pension income might be improved by accepting the investment opportunity he said they were offering him.

Like Ms Ablett, Mr Hellis said he was assigned someone who identified themselves as a "broker" to trade on his behalf and made a series of investments over the course of several months.

In December, he said he filed a request with the platform to withdraw his money, the majority of which had stemmed from his pension fund. He claims that request was denied and - like Ms Ablett - he said his account later appeared to have been blocked.

Because Mr Hellis had paid for some of the investments with credit cards, he said he raised a chargeback dispute with his banks, but they have so far been unable to help him.

He said he also reported the matter to the Action Fraud Police - the national reporting centre for fraud and cyber crime which operates alongside the NFIB within the City of London Police - and the Financial Ombudsman Service (FOS), which was set up by Parliament to resolve problems with financial services. The latter, Mr Hellis said, has told him that it is looking into his case.

"If this situation occurred in the front office of an investment bank the perpetrators would be fired," Mr Hellis claimed. "Why is the regulator doing nothing? Why are the banks doing nothing?"

A spokesperson for the FOS confirmed that Tradorax is not regulated by the FCA, which means investors do not have recourse to the ombudsman "if things go wrong".

The Independent received no replies to emails sent to addresses on both Tradorax and Binary Uno's websites or calls made to numbers listed.

Richard Howlett, a partner at London-based law firm Selachii LLP, has dealt with dozens of cases concerning binary options trading fraud, with victims conned out of anywhere from a few hundred pounds to more than £1m.

He said he had been approached by people who have lost money on dozens of different sites and that new ones appear to be springing up daily.

In many cases, clients' only hope for getting their money back is if banks to which victims have made payments are willing to cooperate by freezing accounts out of fear of being accused of facilitating criminal activity, he said.

"Sometimes that puts enough pressure on the platform to pay out at least some of the money owed," he said. "But most of the time there's nothing to be done except raise awareness to prevent more people from being conned."

He said fraud perpetrated by certain binary options trading platforms was "possibly the biggest financial scam in the world".

Many of the individuals who turn to Mr Howlett for help are pensioners, especially tempted to give trading a shot because of changes to regulation introduced in April 2015, which allow for easier access to funds.

Under the new rules, pensioners are no longer required to buy an annuity and are able to take their entire pension as a lump sum. Suddenly having access to so much cash, and with such low returns offered by other investment options, the prospect of trading binary options can be enticing.

"Pension freedoms have to a certain extent opened a can of worms," says Kate Smith, head of pensions at Aegon. She said that some scammers are specifically targeting pensioners.

"They're playing on people's weaknesses."

David Newman, head of pensions at investment firm Close Brothers Asset Management, said that "greed can send people to do silly things" but also admitted that anyone is at risk of falling for a fraudster.

"People need to be educated as early as possible about this sort of thing," he said. "Just putting a leaflet at the back of a financial statement is not enough."

Figures published this month by the FCA show that 53 per cent of pension pots accessed since the new rules were introduced have been withdrawn fully. And the watchdog has recently raised a number of concerns relating to what people are doing with that money.

A full report into the issues around pension freedom is due to be published next year.

In December the FCA published a consultation paper on the risks associated with binary options trading and, under a piece of financial regulation due to be introduced in January, regulated financial betting platforms will come under the FCA's remit, but the watchdog says that its hands are tied when it comes to any unregulated operations.

(21st September 2017)

(Mirror, dated 30th June 2017 author Ruki Sayid)

Full article [Option 1]:

Britain's love affair with online shopping has sent credit card fraud to a record high of £618 million, figures reveal.

The 9% rise year-on-year puts Britain at the top of the European card crime league with crooks cashing in at a rate eight times higher than Germany.

And an internet shopping boom is at the heart of the cyber crime explosion with Card Not Present (CNP) fraud rocketing 103% between 2011-16, according to the National Audit Office (NAO).

Its Online Fraud report out today (Fri) found there were almost two million cyber fraud incidents in the 12 months to September 30 last year with CNP a game changer.

The watchdog said CNP crime cost the nation almost £309 million last year but estimates that figure will more than double to £680 million by 2021.

A study by analytics firm FICO found crooks went on a £1.44 billion credit card spending spree across 19 European nations with Britain the easiest country to pickpocket.

Only France came any where near the UK's losses with gangs putting £438.4 million on stolen card details and Germany was third with £76.8 million.

By comparison countries like Austria, Portugal, the Czech Republic and Hungary barely registered in the card crime league with losses ranging between £1.6-£5 million.

The NAO admitted there was "much work to be done" in the UK to keep the banking industry, police and consumers a step ahead of the criminals.

NAO boss Sir Amyas Morse said: "For too long, as a low value but high volume crime, online fraud has been overlooked by government, law enforcement and industry.

"It is now the most commonly experienced crime in England and Wales and demands an urgent response."

The NAO was critical of both the police for not making fraud a "priority" and said the Home Office was also not doing enough to crack down on gangs.

But Sir Amyas added that the department was "the only body that can oversee the system and lead change" and said the launch of the Joint Fraud Taskforce last year was "a positive step".

FICO senior consultant Martin Warwick added: "The growth in online spending and CNP fraud brings new challenges for banks and retailers, as criminals thwarted by chip & PIN have moved to a less risky channel.

"Hiding amongst the growth in online purchases is great from a criminal point of view, but finding and stopping fraudulent transactions just gets tougher.

"Spotting the 'needle in a haystack' requires new behavioural analytics and artificial intelligence, combined with enhanced information from outside the traditional data contained within a purchase."

According to the NAO, last year fraud overall cost the nation £10 billion with four in ten Brits losing £250 or more to crooks.

Almost 12 million adults were victims of fraudsters in England and Wales with crimes ranging from phishing attacks that sent out spoof emails to glean personal details and lottery scams to ransomware and fake dating sites.

How to protect yourself

Trading Standards recommend looking for a professional website, with a landline contact number, and details of a head office before entering any details online.

Here are Get Safe, Action Fraud and NordVPN's top tips for shopping online:

- Get protected: Before you start shopping online, secure your device with anti-virus software or a firewall. This will help block out pop-ups and hackers.

- Check the URL: Only use secure websites for purchases, never buy anything from a site that does not have 'https' at the start of the URL and also look for the icon of a locked padlock at the bottom of the screen.

- Is the deal too good to be true? Don't be seduced by "bargains" from companies which you don't know, if something appears too good to be true, it probably is.

-Only shop with companies you know and trust: Watch out for fake websites. You can tell by checking the URL of the website, it may have a different spelling or a different domain name that ends in .net or .org.

-Shop from home: Using public WiFi hotspots such as those offered by coffee shops and libraries could leave you vulnerable. If it won't wait until you get home use your own 3G/4G network.

NOTE - This article provides some comprehensive information on the following :

Financial Scams - How to stay safe

- Tips to avoid pension scams
- Fake holiday websites
- HMRC tax rebate text scam
- Card dangers
- student loan scams
- contactless card dangers
- Scams that steal your savings
- rental scams

Scams to watch out for

- Caught speeding scam
- How Groupon hackers work
- EHIC and DVLA scammers
- 4 dangerous WhatsApp scams
- Fake supermarket coupons
- SIM - splitting scams - how they work
- Fake "Wcouncil tax refund" emails
- NHS scams

(21st September 2017)

(Bury Times, dated 27th July 2017 author David Taylor)

Full article [Option 1]:

CYBER criminals have stolen £235,000 from Bury Hospice in a sophisticated and "sickening" fraud.

The online crooks plundered hospice bank accounts following an elaborate hoax involving an online virus check.

Bury Hospice chairman Prof Eileen Fairhurst said: "We are shocked and sickened that fraudsters would target hospices and other charities. It is beneath contempt when you think how this money was raised by hard-working volunteers and kind benefactors - and what it is needed for."

The hospice is now carrying out a full investigation and keeping in close contact with its bank.

Prof Fairhurst said: "Our own protection systems are now subject to extensive review. The police and the Charity Commission have been informed. There will be no immediate impact on the running of Bury Hospice and we will continue to provide an excellent service to those in the Bury community who need us."

Prof Fairhurst said all avenues are now being explored to recover the money and the matter is being investigated by the police national fraud investigation team.

Other charities in the Greater Manchester area have also been targeted in a similar way and some have also suffered financial loss.

And hospices in other parts of the UK have also been victims of online theft.

The news is a further blow to the hospice after a turbulent few years during which some people are believed to have lost confidence in the charity and fundraising became difficult.

In March, the former chief executive of the hospice, Jacqui Comber, won a claim of unfair dismissal and could be in line for a payout of up to £72,000.

However, the hospice in Rochdale Old Road recently celebrated the start of a new era after it was given a 'good' rating by the Care Quality Commission following its latest inspection.

But despite the hope of a fresh start, the fraud comes at a time when Bury Hospice can only afford to keep open six of its 12 available beds.

Fundraiser Ann Birch, former chairman of the Ramsbottom support group for the hospice, said: "I am absolutely horrified.

"We have had it bad enough, this on top is just dreadful. We have all been trying to raise as much money as possible for the hospice. I am sure everybody involved with fundraising will be very shocked. It is hard work raising money these days, because there are a lot of different charities and people don't have that much money.
We were really just getting on top of things, so that is really bad news. It costs so much every day to keep that place going, it is devastating. But hopefully now people will all get together and try to reimburse it, but that is a lot of money to replace."

Sgt Simon Ward, from Bury police, works across the borough raising awareness about and tackling cyber crime.

He said: "The fraudsters don't care who they affect or the impact that their actions might have on people.
It can be very lucrative work for them and it is usually well-organised. It is not the old style criminal who will turn their hand to anything. This kind of cybercrime can be used to fund even more serious crimes such as terrorism, so it is a national threat. Once the money has been taken, it is very difficult to get back."

Sgt Ward and his team will be visiting business, banks and charities in the coming weeks to advise on how best prevent online fraud and cybercrime.

Action Fraud is the UK's national reporting centre for fraud and cyber crime where people should report fraud if they believe they have been scammed, defrauded or experienced cyber crime.

For more information, visit:

(21st September 2017)

JUNE 2017

(Good Housekeeping, dated June 2017) [Option 1]

With cons and rip-offs on the rise, you need to keep your wits about you when you're online. Here's what to look out for :

Fake Holiday booking sites

One common scam involves fraudsters hacking into the accounts of owners on well known accommodation sites, such as Aidbnb, and creating convincing fake entries. You may receive emails from so-called "owner" asking you to send money, but this cash goes into a criminal's bank account.


- Check the web address is legitimate. Make sure it has not been altered, for example, with unexpected numbers or characters.

- Contact the accommodation' owner before and after you book, through the websites messaging feature.

- Never pay money into a personal bank account. Use a secure service - look for the "https" and a closed padlock symbol - or a payment provider, such as PayPal.

- Google the property. Bad reviews - or none at all - are a clue.

Fake Passport renewal sites

When you're applying for a new passport, driving licence or European Health Insurance Card (EHIC), make sure you don't get caught out by a copycat website. These sites may closely resemble the legimate ones, but you will be charged a premium for a public service that's either free, or much cheaper, via the official channel. Misleading sites also crop up when you search to apply for a holiday visa, birth or marriage certificate, book a driving theory test, or file a tax return.


- Go directly to the site - or, for the EHIC card, to

- If you do fall for a copycat site, you may be able to get your money back using Section 75 of the Consumer Credit Act, if you paid with a credit card.

Fake Social Media promotions

Beware of promotions claiming to offer vouchers if you share a particular message on Facebook or via WhatsApp. These scams can seem very convincing, and its easy to get sucked in if you see people you know sharing the message. But the bogus links can lead to phishing or malware sites. Spam you friends with fake promotions and you could end up sreading a virus.


- Tread carefully if a promotion asks you to share a page with friends.

- Watch out for tell tale speling and grammar mistakes.

- Think twice if a well known brand offers freebies to celebrate an anniversary.

- Type the promotion into Google and see what comes up.

And finally

- Trust your instincts - if something sounds too good to be true, it probably is.

- Fallen victim ? Contact Action Fraud at or call 0300 123 2040

(1st September 2017)

(Mirror, dated 28th June 2017 author Emma Munbodh)

Full article [Option 1]:

How safe do you consider your personal details to be on the internet? If the answer is 'very', you might want to think again.

That's because new figures released today by the government's security arm, Action Fraud, have revealed that identify theft is at an all time high in the UK - with record numbers of criminals stealing people's data online for financial gain.

And it's costing the UK £5.4 billion a year. In 2016, 172,919 people reported identity theft to fraud protection agency Cifas, with the figures steadily rising since 2008.

Despite these numbers, a YouGov and Equifax report released today, has found that thousands of Brits are still browsing - and entering sensitive data - on the web without precautionary measures in place - even though they're aware of the potential risks.

According to Cifas, 40% of us don't have antivirus software installed on our devices and 27% use the same password across all accounts, a further 55% admit to using password-free wi-fi in public and entering sensitive data whilst on it.

City of London Police spokesman Dave Clark, said: "The recent survey results have highlighted that we need to do more to protect ourselves from fraudsters.

"There is a common misconception that only old people fall victim to fraud but reports show that every age and demographic is affected."

YouGov found that 31% of people think the over 60's are the most at risk to fraud - this is not necessarily the case.

Lisa Hardstaff, fraud expert at Equifax added: "How people manage and store their passwords for their online accounts is the first line of defence to keeping their personal information safe and secure from fraudsters.

"The fact that just under a third use the same password for multiple accounts and slightly more admitted to writing them down, clearly demonstrates people are being complacent and are of the belief that their personal information won't be at risk," Hardstaff added.

"The reality is that ID fraud is an indiscriminate crime that affects all ages in the UK irrespective of where they live or how much they earn. Everyone is vulnerable - so everyone needs to be vigilant."

How to protect yourself from identity fraud

Action Fraud, Cifas and Equifax have revealed the measures people should be taking to protect their identities from unscrupulous criminals - and it takes just five minutes.

- Set your privacy settings across all the social media channels you use, and think twice before you share details - in particular your full date of birth, your address, contacts details - all this information can be useful to fraudsters.

- Password protect your devices. Keep these complex by picking three random words, such as roverducklemon and add or split them with symbols, numbers and capitals: R0v3rDuckLemon!.

- Install anti-virus software on your laptop and any other personal devices and then keep it up to date. Check MoneySavingExpert have a recommended list of the best free anti-virus software here.

- Take care on public wi-fi - fraudsters hack them or mimic them. If you're using one, avoid accessing sensitive apps such as mobile banking.

- Download updates to your software when your device prompts you - they often add enhanced security features.

What to do if you're a victim

Act fast if you think you have been a victim of identity fraud.

If you receive any mail that seems suspicious or implies you have an account with the sender when you don't, do not ignore it.

Get a copy of your credit report as it is one of the first places you can spot if someone is misusing your personal information - before you suffer financial loss.

Review every entry on your credit report and if you see an account or even a credit search from a company that you do not recognise, notify the credit reference agency. They all offer a free service to victims of fraud.

Individuals or businesses who have fallen victim to identity theft should report to Action Fraud.

(1st September 2017)

(This is money, dated 20th June 2017 author Lily Canter)

Full article [Option 1]:

Fraudsters scammed £18,000 from a high profile criminal psychologist using 'persuasive techniques straight out of a psychology textbook'.

The professor, who has helped police hunt serial rapists, arsonists and murderers, was caught out when conmen phoned his home.

The scammers took him through a series of fake 'security' checks before transferring the money from three separate bank accounts.

Professor David Canter, who is director of the International Research Centre for Investigative Psychology at The University of Huddersfield, is one of Britain's foremost behavioural profilers.

He is best known for developing criminal profiling in the 1990s after he helped police catch Railway Rapist and serial murderer John Duffy.

More recently his research has involved studying fraudulent emails and warning people of the dangers of online scams.

But the 73-year-old was caught out himself when he was embroiled in an elaborate con to empty his bank accounts.

'I was a complete idiot. I am the first to admit it. I should have known better and I should have spotted it,' said Professor Canter.

ronically, the scam began when fraudsters hacked into his BT email account despite the professor using a complex password.

He said: 'A colleague told me a spoof email had been sent from my address saying I was in Turkey and needed money. I immediately changed my password and didn't think anymore of it.'

But a week later the professor realised he wasn't receiving any emails. After lengthy conversations with BT helpdesk he realised his email messages were being automatically forwarded onto another address the fraudsters had set up.

'I stopped the forwarding but then a few days later I got a phone call at home saying my IP address had been compromised.'

Professor Canter received the phone call on his ex-directory number from a 'polite woman with an Indian accent' claiming to be acting on behalf of BT.

'I was immediately very suspicious and asked how they got my number. She said they got it from BT and they had been alerted to a security problem with my computer. In hindsight I think they got the number when they hacked my email in the weeks before.'

The woman took Professor Canter through a series of 'checks' asking him to corroborate unique numbers on his computer, which he wrongly assumed meant the caller was legitimate.

He said: 'She knew all these details about me and my computer and she was very formal. There was a sense of urgency and concern and it makes you feel you have to something about it.'

The woman then passed him onto a man who asked the professor to download some 'protective' software before logging into his bank accounts. The whole operation took several hours and the professor chatted to the fake technician about his BT training and university education in Britain.

'They were very sophisticated in terms of their plausibility,' said Professor Canter. 'We can learn a lot about the techniques of persuasion from these people. They use just the right level of technical terms to make you think you understand when you don't. They probably spent a few weeks building up how they were going to deal with me.'

The convincing back story made the professor believe that they were putting a block on his bank accounts so they could not be accessed. But in reality the scammers were setting up transfers to move thousands of pounds into their own account.

Whilst they were putting this block into the system the screen went completely blank. The man on the phone said 'don't panic', and then he moved onto the next account. I was doing other work at the same time and I think they deliberately targeted me before a bank holiday so it would be difficult for me to contact the banks.'

At the end of the call Professor Canter started to get suspicious and the realisation of what was happening sunk in.

'They said they were at the end of their working day and they would finish in the morning as it was about 5pm. When the call finished I rang an IT expert I use and he told me straight away that it was a scam.'

Professor Canter immediately logged into his online accounts to change the password then contacted Lloyds, Natwest and Santander to alert their fraud departments. This was not as easy as he had expected.

He saw that the hackers had set up transfers of £2,500 from his Lloyds account, £7,500 from his Natwest account and two lots of £3,919 from his Santander account - a total of £17,838.

And he was surprised to find that the banks all had different security systems to deal with fraudulent transfers.

'Lloyds had the best system. If there is an unusual sum of money going to an unusual location they put a temporary block on it. I was able to put a stop to that transfer. The money had transferred out of my Natwest account and although it was difficult to get through to someone they repaid me all of the money the next day.'

Santander eventually repaid Professor Canter £3,919, around six weeks after it was taken by the scammers.

'Their system recognised one of the transfers as fraudulent and automatically stopped it. I don't understand why they did not do that for the other one. Santander said I endorsed the transfer via a message on my phone. I was in such a tizzy I don't know what I did, but I can't find the message on my phone.'

Frustratingly, Professor Canter says he knows the account numbers the money was transferred to and yet he says the banks and police do not appear to be chasing the money.

The police gave the professor a crime number and told him to contact Action Fraud, the national fraud and cyber crime reporting centre.

This was assessed by the National Fraud Intelligence Bureau who contacted the professor to say they would not be able to investigate. They were unable to provide a comment on his case.

'No-one has the resources to follow through on these bank accounts. Santander told me they get a case like mine every three minutes,' said Professor Canter.

The trauma of the crime has left the professor feeling 'violated and vulnerable' and cost him both financially and emotionally.

He said: 'It has made me terribly anxious about having an online account. I have had to change all my bank accounts and buy a new computer as I found that the fraudsters had put about 300 programmes on it. It has made me suspicious of everyone and caused me a lot of stress.'

Action Fraud said that it had received the report in April, which was assessed by the National Fraud Intelligence Bureau at the City of London Police. However it said there were 'insufficient lines of enquiry for an investigation based in the UK'.

It added that with 250,000 crimes reported to Action Fraud every year, not all cases can be passed on for further investigation, but that the disruptions team was able to take down the phone number used by the fraudsters.

(1st September 2017)

(Echo, dated 16th June 2017 author John Lucas)

Full article [Option 1]:

A BANK worker took part in a "sophisticated fraud" which saw scammers steal millions of pounds from rich customers using a string of impersonators, a court heard.

Molly Jones, 24, of Bohemia Chase, Leigh, scoured computer systems at Lloyds Bank for rarely-accessed accounts holding large sums of money before passing the details to the criminal gang.

The gang then ordered new bank cards so imposters could pose as the customers and set up transfers of hundreds of thousands of pounds.

The money was laundered through a series of bogus companies before being moved offshore to prevent it being recovered, it is claimed.

One victim lost more than £750,000 after an unknown man used a fake driving licence in his name to set up two transfers over three days.

The Old Bailey heard Jones was involved in the attempted fraud on the account of Thomas Murphy at time when it had a £3million balance.

She set up a payment of £486,000 - supposedly for a house purchase - after an imposter came into her branch of Lloyds TSB.

Investigations of her mobile phone revealed messages relating to the Murphy account and a description of the man impersonating the customer.

She has admitted conspiracy to defraud but other defendants are standing trial at the Old Bailey.

Benjamin Omoregie, of no fixed address, has also admitted involvement.

Courtney Ayinbode, 29, of Magdalen Court, Enmore Road, South Norwood, denies conspiracy to defraud between 9 November 2012 and 8 August 2013.

Kushveer Raulia, 25, of Gledwood Gardens, Hayes, West London, denies two counts of conspiracy to defraud and one count of converting criminal property.

Parvez Hussain, of Cedar Road, Romford,, denies converting criminal property.

Another bank worker accused of involvement- Tajinder Galsinh- is not involved in proceedings.

Prosecutor Paul Cavin told the Old Bailey: "They were all involved in an agreement to defraud Lloyds TSB of millions of pounds.

"Accounts belonging to people with large balances - in some cases several millions of pounds - were targeted.

"To identify those rich accounts, an insider, an employee of the bank was recruited to help the gang.

"The insider would then assist in breaching the security protocols in order to steal the money.

"The money would be transferred to accomplices who would swiftly transfer the money through a number of bogus businesses before eventually the money would disappear offshore.

"Once it is offshore it can come back onshore and nobody can trace it."

The first victim lost £750,975 in the space of three days after his account was accessed by both Ayinbode and Omoregie at the Balham and Streatham branches of Lloyds TSB in July 2013.

A few days later the customer's address was changed and a new card was issued to the new address, it is claimed.

Then on August 5 a man claiming to be the customer went into the Kings Cross branch to ask to set up a transfer.

The Echo told last year how Jones was involved in another major scam. She admitted being part of a money-laundering ring involving a luxury car firm based at London's Canary Wharf. She was given a two-year suspended sentence. The trial continues.

(1st September 2017)

(Mirror, dated 12th June 2017 author Emma Munbodh)

Full article [Option 1]:

A new wave of suspicious emails claiming to be from online payments platform PayPal are back in circulation, the UK's security body has warned, and they can empty out your bank account in just seconds.

Action Fraud UK - the government's cyber crime agency - has warned of a particularly high number of PayPal phishing emails that are landing in people's inboxes, claiming to be from the electronic payments company.

The emails claim 'unusual activity' has been flagged on their accounts - although this is not the case.

Once clicked on, victims are redirected to a fraudulent version of the PayPal website - one that looks remarkably similar - where they are asked for sensitive data to resolve the alleged 'issue'.

A PayPal spokesperson told Mirror Money: "At PayPal we go to great lengths to protect our customers in the UK, but there are still a few, simple precautions we should all take to avoids scams."

"We do contact our customers by email (e.g. for marketing purposes), however if the email is about an account limitation, then the customer should: open their internet browser, visit and login.

"If we require the customer to take any action, we will communicate that in the secure message centre."

Deputy Head of Action Fraud, Steve Proffitt added: "Fraudsters are increasingly targeting people with very professional looking emails warning that online accounts have been compromised and asking you to click on links to verify your details.

"Action Fraud is now warning people about fake emails that appear to have been sent from PayPal. These emails ask you to log in and review your Paypal account. It is difficult to know if they are fake as they look so professional.

"If you have received one of these fake emails, we are advising people not to follow the links in the email as by logging into your account, you are providing fraudsters with your login details which gives them access to your account.

"Always contact the fraud department of the organisation directly from the contact details you have on your statements or bank card and explain the contents of the email you have received."

What the emails say

This fake PayPal email even made us look twice! Well designed, slick and personalised. The link leads to a fake login page!

In most cases, the emails open with the line: 'We noticed unusual activity in your PayPal account'.

The emails appear incredibly professional - and feature PayPal's trademark font, logo and layout.

In a tweet, Action Fraud said: "This fake PayPal email even made us look twice! Well designed, slick and personalised. The link leads to a fake login page! #Phi shing".

Other customers have reported emails claiming their accounts had been either 'suspended' or 'lifted'. These featured prominent typos which experts warn should not be ignored.

"We've limited your access and the reason is the last login attemp , we've limited your account for security reasons.

"To fix this problem you have to login and update your personal informations by following this link."
(Don't its bogus)

In several more cases, the scammers claimed the victim had "added a new email address to their account". This is a common tactic used by criminals to instill fear or panic, prompting the user to click on the email in haste.

But it doesn't end there.

One email doing the rounds claims you've made a payment - which of course is not the case.

These emails employ similar tricks to those used by banking fraudsters - which alerts users to unidentified transactions.

How to tell if the email is genuine or a hoax

- Check the email address - in most cases fraudulent addresses will contain multiple letters and numbers and will appear unusually long.

- Be aware of any emails and pop-up windows asking you to click on a link or provide personal information directly in response.

- A genuine email will only ever address you by your full name at the beginning - anything that starts 'Dear customer' should immediately raise your suspicions.

- Do not reply or open any attachments that arrive with the email.

- If you suspect something is wrong, get in touch with the firm directly to verify it.

What PayPal say you should do

"Phishing" is an illegal attempt to "fish" for your private and/or sensitive data. In most cases the criminals will claim to be from a well-known company such as PayPal.

If you believe you've received a phishing email, follow these steps:

1. Be aware of any emails or text messages that ask you to provide personal information directly in response.

2. Look out for spelling mistakes, which are a common tell-tale sign of a fraudulent message.

3. A genuine PayPal email will only ever address you by your full name at the beginning - anything that starts 'Dear customer' should immediately raise your suspicions.

4. Scammers often use a false sense of urgency to prompt you to act on a phishing email such as hyperlinks asking you to login to your account. If you want to check that PayPal has tried to reach you, go to and log into your account normally. You will have a secure message waiting if PayPal does need you to take any action.

5. If you have any concerns regarding an email you have received, you should send it to .

Action Fraud tips if you've received a suspicious email

- Do not click on any links in the scam email.

- Do not reply to the email or contact the senders in any way.

- If you have clicked on a link in the email, do not supply any information on the website that may open.

- Do not open any attachments that arrive with the email.

- If you've been a victim of fraud, report it to Action Fraud .

(1st September 2017)

(BBC News, dated 31st May 2017)

Full article :

Cold-calling fraudsters use an urgent tempo of conversation or apologetic language to convince victims they are genuine, research has suggested.

The con-artists often adopt the persona of someone in authority such as a police officer or a fraud detection manager, transcripts have shown.

The Take Five campaign, which raises awareness of scams, asked a speech pattern analyst to study calls.

Dr Paul Breen said fraudsters use a variety of techniques to garner trust.

"The process used by fraudsters is carefully scripted from beginning to end - knowing the language fraudsters will use to mimic patterns of trust can help people to avoid becoming a victim," he said.

He found that while many people are more likely to trust a stranger over the phone if they sound like a "nice person", a caller acknowledging someone's concerns and sounding apologetic can be the hallmark of a scam.

Analysis suggested that fraudsters use snippets of information about their victims, remain patient and acknowledge concerns about security to gain the trust of the person being called.

Cases of identity fraud have been rising, with young people a growing target, often after people give up personal information to someone pretending to be from their bank, the police or a retailer.
Related Topics

(1st September 2017)

(Daily Mail / This is money, dated 13th June 2017 author Rob Hull)

Full article [Option 1]:

Drivers are being warned of a new scam email feigning to be from the Driver & Vehicle Licensing Agency telling them they are due a refund on their car tax.

The email, which 'brazenly' includes an address for reporting scam emails, has a link to a 'secure web form' that's designed to collect personal information from unwitting recipients.

The correspondence targeting motorists says: 'We would like to notify you that you have an outstanding vehicle tax refund of £239.35 from an overpayment, request a refund.'

It goes on to urge recipients to complete the web form and promises that funds will be paid into their account within four to six days.

BBC Watchdog tweeted the phishing email to warn motorists to ignore and delete it immediately.

The email looks legitimate and includes the DVLA's existing logo and fonts - something that could dupe many motorists into sharing their personal data.

And as one final brash move, the scammers have included a link to the email address phishing@dvla.gsi, for people to report possible fraudulent emails to the DLVA.

When would I receive a refund from the DVLA?

Criminals behind the email seemingly timed it to take advantage of changes to Vehicle Excise Duty rates from April 1 and ongoing confusion surrounding the switch to online car tax after paper discs were scrapped in 2014.

Under the current system, when an owner sells a vehicle they must cancel the outstanding tax and they are then refunded the remaining full months.

The only other scenarios where you'll receive a tax refund from the DVLA will be if the car has been declared SORN (Statutory Off Road Notification), written off by your insurer, scrapped at a vehicle scrapyard, stolen, exported out of the UK, or registered as exempt from vehicle tax.

If you currently still have your car and none of the above scenarios are true, there is no reason why the DVLA would offer a refund.

In fact, the DVLA said it will never send links to third party sites or ask for confirmation of personal details or payment information - red flags that should stall confused drivers before they they fall for the scam and submit their own data.

It's not the first time scammers have targeted motorists by impersonating the DVLA.

Last year, This is Money revealed an example of an email that was sent to drivers asking them to confirm their direct debit details.

The DVLA warned motorists that it would never contact them about direct debits and said not to open the PDF attached to the scam as it contained malware.

Over the last two years, fraudsters have also pretended to be the DVLA by contacting drivers via text.

Tony Neate, CEO of Get Safe Online, said the switch has made it easier to manage your car tax but has also made it easier for scammers to defraud people by sending them 'sophisticated hoax emails'.

'As phishing emails become ever more sophisticated and elaborate, it is important to be vigilant about sharing any of your personal information online,' he told This is Money.

'Like many official bodies, the DVLA's policy is to never send links to third party sites or ask for confirmation of personal or payment details - so if you do receive emails asking for this sort of information, stay one step ahead and report them immediately.

'If you're ever not sure, be your own detective and contact them by other means - perhaps phoning the number you would use normally.

'In addition, you should never use free public Wi-Fi to fill out online forms, however convenient, as you can't guarantee it will be secure.

'And always look out for 'https' at the beginning of the address as well as the 'padlock symbol' in the browser frame as it shows the website you are using is secure.'

(1st September 2017)

(Love Money / BT News, dated 16th June 2017)

Full article [Option 1]:

New research from Which? has revealed the top danger zones around the country for dating fraud, computer repair scams, investments cons and other types of fraudulent schemes.

The study draws on data from Action Fraud - the main body to report cases of fraud in the UK - on scams reported during 2014, 2015 and 2016, broken down by police area and type.

Which? has used the information to reveal where certain types of fraud appear to be more common in England and Wales and is urging the Government to tackle the growing problem.


Norfolk residents were the most likely to report incidents of dating fraud, where victims are duped into sending money to bogus lovers.

This impacted 1.6 people for every 10,000 people in the country, compared with the national average of 1.1.

The county was also a prime location for reported lottery scams, where victims are tricked into paying to enter a fake lottery, with 2.2 people per 10,000 reporting compared with one nationally.


Those living in Dyfed-Powys, Wales, commonly reported losing money to computer repair fraud, which involves a cold caller getting in touch to help fix a non-existent computer glitch.

Which? noted that this type of fraud tended to be reported in areas with an older population. In Dyfed-Powys 19.3 people per 10,000 were hit compared to the national average of 10.4.

The area was also a hotspot for fake services fraud, where victims are tricked into paying for a service that doesn't exist or aren't delivered. This impacted 13.4 people per 10,000 in contrast to the national average of 9.5.


London was also revealed to be a common are for scammers to target with a myriad of frauds, probably thanks to the large amounts of wealth and people concentrated in the area.

Which? found those living and working in the capital were most at risk of falling victim to a range of scams including: being charged fees for fake loans (4 per 10,000 people), social media or email hacking (3.7per 10,000), scam door-to-door sales (4.3 per 10,000), rental scams (3.4 per 10,000) fraud involving false or stolen goods (8.55 per 10,000), payment redirect fraud (3.9 per 10,000) and ticket fraud (4.7 per 10,000).

Other fraud hotspots

The data revealed that Dorset residents were particularly prone to being targeted by computer virus, malware and spyware fraud, with 3.8 cases per 10,000 people, compared to the national average of 2.3.

Households in affluent Surrey most commonly reported financial investment fraud, with 2.1 people per 10,000 compared to 1.3 nationally.

While those living in Warwickshire typically reported the most cases of retail fraud with 15.67 reports per 10,000 people in contrast to the 3.4 national average.
The scale of the fraud problem

In total Which? Found there were 266,964 frauds reported between 2014 and 2016. Below are the types, what they involve and the scale of the problem.

TYPE OF FRAUD (Source: Which?)

The reported cases were to Action Fraud (2014-2016)

Online shopping and auction fraud - Number reported : 123,298

What it involves : A product advertised online doesn't exist, arrive, or match its original description. It also includes where sellers aren't paid for goods sold online.

Computer fixing fraud - Number reported : 80,264

What it involves: Someone is told that there's a problem with their computer which can be fixed for a fee. No fix actually happens.

Fees for fake services - Number reported : 66,035

What it involves: Victims pay an upfront fee for a service that doesn't exist. For example, cold callers falsely offer to make PPI claim for money, or employers demanding money for employment checks for jobs that don't exist.

Cheque, plastic card and online bank account fraud
- Number reported : 54,696

What it involves: Someone's cheque, card or online bank account is fraudulently used. It doesn't include companies that deal with electronic money transfers.

Fake or stolen products fraud - Number reported : 41,108

What it involves: Victims make a purchase after being shown, or test a product. However, that product is later found to be false or stolen - also known as 'Other consumer non-investment fraud'.

Retail fraud - Number reported : 30,944

What it involves: Fraud committed against retailers, such as when goods are ordered with no intention of paying, or when a fraudster tries to get a refund from stolen goods.

Fake loan fraud - Number reported : 19,531

What it involves: A victim is offered a 'loan' in exchange for a fee. The loan never materialises.

Payment redirect fraud - Number reported : 16,467

What it involves: Fraudsters get a victim to change a direct debit, standing order or bank transfer by pretending to be an organisation that the victim regularly pays. This could be a phone or energy company, for example.

Hacking cases - social media and email - Number reported : 16,249

What it involves: Someone's social media or email account is hacked. This is unlikely to result in money loss directly.

Door-to-door sales and bogus tradesmen - Number reported : 15,907

What it involves: Fraudsters go door-to-door offering goods or services that are never delivered, or are of poor quality.

Computer virus/malware/spyware - Number reported : 15,561

What it involves: Scammers trick you into spreading a virus or allowing malware to be installed on a device. A virus is a computer program that can replicate itself and spread from one computer to another. Malware/spyware collect information or data from infected devices and passes them on to another device.

Fake ticket fraud
- Number reported : 14,949

What it involves: A victim purchases a ticket in advance only to find that it's never received, or isn't valid for the event.

Other financial investment fraud - Number reported : 9,521

What it involves: This covers a range of scams designed to convince people to part with their savings.

Dating scams - Number reported : 8,311

What it involves: The victim is persuaded to send money to a prospective 'lover'.

Lottery scams - Number reported :6,933

What it involves: The victim pays to enter a non-existent 'lottery'.

What about Scotland and Northern Ireland?

The research found that Scotland and Northern Ireland had much lower reports of fraud compared to the rest of the UK over this three-year period.

Which? says this is likely because the Scottish police aren't officially part of Action Fraud reporting network while Northern Ireland joined in June 2015.
Getting tough on fraud

Which? is urging the Government to set out plans to tackle fraud and scams.

It suggests improving how businesses handle customer data, the response to a data breach and to ensure people get the right redress.

The watchdog is also calling for the Payment Systems Regulator (PSR) to implement stronger rules to protect consumers from bank transfer scams.

Gareth Shaw, Which? money expert, said:"As more information is available about us online than ever before, fraudsters are finding it much easier to know who to target and how.

"These criminals are constantly finding new ways to rip us off and those tackling fraud should be upping their game. The Government needs to set out an ambitious agenda to tackle fraud, while law enforcement agencies need to be working harder to identify and protect the people most at risk from fraud."

If you think you may have fallen victim to a scam you should report it to Action Fraud.

uaware Further information

Original Which ? article :

(1st September 2017)

(Action Fraud, dated 12th June 2017)

Fraudsters have been advertising vehicles and machinery for sale on various selling platforms online. The victims, after communicating via email with the fraudster, will receive a bogus email which purports to be from an established escrow provider (a third party who will keep the payment until the buying and selling parties are both happy with the deal).

These emails are designed to persuade victims to pay upfront, via bank transfer, before visiting the seller to collect the goods. The emails also claim that the buyer (victim) has a cooling off period to reclaim the payment if they change their mind. This gives victims the false sense of security that their money is being looked after by this trustworthy third party, when in fact it is not and the money has gone straight to the fraudster.

Protect yourself:

- When making a large purchase such as a new car or machinery, always meet the seller face to face first and ask to see the goods before transferring any money.

- If you receive a suspicious email asking for payment, check for spelling, grammar, or any other errors, and check who sent the email. If in doubt, check feedback online by searching the associated phone numbers or email addresses of the seller.

- Contact the third party the fraudsters are purporting to be using to make the transaction. They should be able to confirm whether the email you have received is legitimate or not.

- False adverts often offer vehicles or machinery for sale well below market value to entice potential victims; always be cautious. If it looks too good to be true then it probably is.

If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting, or by calling 0300 123 2040.

(1st September 2017)

(Essex Community Messaging, dated 1st June 2017)

We have recently had a couple of incidents in different areas of Essex where Bogus Callers have made out they were from the local council and had come to investigate and remove rats nests in the loft. These bogus callers have then proceeded to take a deposit of cash (or in at least one case with a card reader) and said they would return to remove the nest and then disappeared.

If you do get a visitor along these lines, they are likely to be fraudulent. Please ring your local council direct to confirm that any caller is bonafide. Fraudsters can produce fake ID badges.

If an unknown trader knocks on your door at any time , don't open it unless you use a door chain . Preferably, open a small window either upstairs or downstairs and speak through the window.

To verify someone's identity please ring the organisation they claim to be from. Use a number from a bill or telephone directory that you have looked up yourself - never use a telephone number provided by the caller. A bona fide caller will wait outside whilst you verify their validity - a bogus caller is also likely to disappear as soon as they know you are telephoning to check identity.

Please do not let anyone into your home if you are not expecting them. REMEMBER - Your door - Your House - Your choice. Not sure? Don't Open the Door

Display a 'No Cold Calling' sticker on your front door. These are available from Trading Standards free of charge. Call them on 03454 040506.

If you do need work undertaken on your property, Trading Standards operate a 'Buy With Confidence' scheme, which enables residents to identify approved local traders who have readily demonstrated a commitment to high working standards, high levels of customer care and a fair trading policy.

The 'Buy with Confidence' scheme is available via the internet or by telephone 03454 040506.


(1st September 2017)

(Action Fraud, dated 6th June)

With the upcoming "Wedding Season", and for those individuals who are considering making plans for next year and beyond, you should be aware of the potential risks of fraud involved.

According to '', in 2017 the average wedding cost spend is approximately £30,111. This will be paid out to multiple vendors, including; photographers, caterers, reception venues and travel companies, to name a few. Many of these services will require booking at least several months in advance and you may be obliged to pay a deposit or even the full balance at the time.

Being aware of the potential risks and following the below prevention advice could minimise the likelihood of fraud:

Paying by Credit Card will provide you with protection under Section 75 of the Consumer Credit Act, for purchases above £100 and below £30,000. This means that even if a Company goes into liquidation before your big day, you could claim a refund through your Credit Card Company.

Social Media - Some Companies run their businesses entirely via social media sites, offering low cost services. Whilst many are genuine, some may not be insured or may even be fraudulent. There are a few things you can do to protect yourself;

- Ensure you obtain a physical address and contact details for the vendor and verify this information. Should you experience any problems, you will then be able to make a complaint to Trading Standards or consider pursuing via the Small Claims Court.

- Ensure you obtain a contract before paying money for services. Make certain you fully read and understand what you are signing and note the terms of cancellation.

Consider purchasing Wedding Insurance - Policies vary in cover and can be purchased up to two years in advance. They can protect you from events that would not be covered under the Consumer Credit Act.

Complete research on each vendor, ensuring you are dealing with a bona fide person or company. Explore the internet for reviews and ratings and ask the vendor to provide details of past clients you can speak to. You should do this even if using companies recommended by a trustworthy friend or source.

For services such as wedding photographers, beware of websites using fake images. Look for inconsistencies in style; Meet the photographer in person and ask to view sample albums. If you like an image from a wedding, ask to view the photographs taken of the whole event so you can see the overall quality.

Remember, if something appears too good to be true, it probably is!

(1st September 2017)

(BT / Love Money, dated 5th June 2017)

Full article [Option 1]:

New research from Financial Fraud Action (FFA) shows how scammers manipulate our instinctive human willingness to accept someone at their word in order to con us.

Dr Paul Breen. a speech pattern analyst, has found that fraudsters use specific techniques to gain our trust when they call before they try and get us to hand over valuable financial or personal information.

"The process used by fraudsters is carefully scripted from beginning to end - knowing the language fraudsters will use to mimic patterns of trust can help people to avoid becoming a victim," says Dr Breen, senior lecturer at the Westminster Professional Language Centre.

Six common scam call tricks

Dr Breen analysed recordings and transcripts of real-life scam phone calls and discovered six key tricks fraudsters use to gain your trust.

1. Seem to know you - the con artist will use snippets of information about you that they've gathered from different sources to sound like they are familiar with you and know what they are talking about.

2. Use apologetic language - they will attempt to create a false balance of power by apologising for taking up your time so that you feel sympathy for them.

3. Layers of authenticity - they will remain patient as they seemingly build up authenticity until they have convinced you they are legitimate.

4. Impersonate an authority figure - criminals will pretend to be someone in authority such as a police officer or fraud detection manager.

5. Welcome scepticism - if you are dubious they will turn that to their advantage by welcoming it and acknowledging your concerns about being security conscious.

6. Switch tempo - con artists will increase or decrease the pressure by creating a false sense of urgency or using understanding language.

Would you fall for them?

Reading through those tricks you may think you wouldn't fall for them, but a survey by FFA UK's Take Five campaign suggests otherwise.

It looked at the factors that make us more likely to trust a stranger over the phone and asked people to rank trust factors. The top three results were all tricks used by criminals.

The most common factor that makes us trust someone over the phone is 'sounding like a nice person' followed by 'sounding like they know what they're talking about', and almost a third listed 'offering to help with a problem'.

Most of the people surveyed said they were cautious of trusting strangers without meeting them, and a third of people said they never trust anyone on the phone. But fraudsters are prepared for our scepticism.

Dr Breen found that scammers used the 'patterns of trust' outlined above to build up an appearance that they were legitimate and get around our mistrust by mimicking the kinds of people we tend to believe.

"Tackling financial fraud is a priority for every bank and each one continuously invests in advanced security systems to protect their customers," says Katy Worobec, director of FFA UK. "However, as this research confirms, fraudsters use sophisticated methods in an attempt to circumvent these when targeting victims.

"While the payments industry stops six in every £10 of attempted fraud, it cannot solve the problem alone. Criminals try to take advantage of our instinctive willingness to accept someone at their word."

You can protect yourself from financial fraud by taking a moment to step back and think whether a phone call really seems genuine.

"We are asking everyone to take five - to take that moment - to pause and think before they respond to any financial requests and share any personal or financial details."

(1st September 2017)

MAY 2017

(The Guardian, dated 27th May 2017 author Rupert Jones)

Full article [Option 1]:

Retirees have been persuaded to switch all their cash into schemes involving self-storage facilities and there are fears they may have lost huge sums

Fears are growing that large numbers of people may have lost huge sums of money after investing their retirement pots in - of all things - self-storage units. The Serious Fraud Office this week launched an investigation into storage unit investment schemes, and revealed that more than £120m has been poured into them. But could that just be the tip of the iceberg?

One man was persuaded to transfer almost £370,000 out of his workplace pension and put it all into one such scheme supposedly offering an 8%-12% return. The Pensions Ombudsman, which looked at his case, said the "blameless" man had switched out of the "secure and generous" NHS pension scheme and may have lost all his money as a result. Others were lured in with claims that they could more than double their money in just six years.

Many of us have used a self-storage facility at some point - perhaps to temporarily stash our belongings when moving home. But what most people probably don't realise is that these units (also known as storage pods) have been touted as a wonder investment with double-digit returns. Many people appear to have lost some, or all, of their retirement savings after falling for the spiel of firms flogging dodgy schemes.

The SFO says it is probing several, including Capita Oak Pension and Henley Retirement Benefit, plus some schemes that invested in other products. It adds that more than 1,000 individual investors are thought to be affected by the alleged fraud, though it presumably thinks the number could be higher as it is asking people who have paid into these schemes between 2011 and 2017 to complete a questionnaire available on its website.

One brochure, issued by a property investment company, boasted of a 14% average annual yield

Kate Smith, head of pensions at insurer Aegon, says the SFO probe "is a timely reminder that unregulated unusual investments at home or abroad come with a high risk that people could lose all their hard-earned pension and other savings". She adds that it is possible that thousands more people may find they have lost money, too.

"Pension liberation" scams - where people are persuaded to transfer or cash in their pension pots and put the money into often exotic-sounding investments - have been around for years, but there has been a surge in activity since April 2015 when the government introduced reforms giving over-55s more freedom in terms of what they can do with their retirement cash.

Storage units on UK industrial estates might not have the exotic allure of hotel rooms in the Caribbean and palm oil plantations in Asia, but perhaps that was their selling point. Marketing tended to highlight how this was a profitable and growing industry.

One glossy brochure seen by Guardian Money offered the chance to buy individual units from £3,750-£30,000 said to be located in the north-west of England. The investor would buy the unit on a long-term lease from Store First Limited, and then sublet it to a management company which would subsequently rent it out.

The brochure, issued by a property investment company, boasted of a "14% average annual yield" and claimed that when capital growth and income were combined, the "forecast net return" over six years for someone investing £11,250 would be £12,180, "or over 108%" - equating to a total return of £23,430.

In December 2014, the Pensions Ombudsman published its decision in the case of "Mr X" who was persuaded to transfer his entire future pension - £367,601 - from the NHS Scotland scheme into Capita Oak. The ruling stated that Mr X was told his money would be invested in "Storefirst Limited" (sic), "a large self-storage firm in the north of England". It was offering a 8%-12% return "and therefore it seemed a good investment". He later discovered that he couldn't get his money out.

The ombudsman said Mr X may well have been "duped" out of his entire pension, and it is not known whether he ever recovered any of his money.

In April 2015 the ombudsman published two decisions relating to a man called Joseph Winning, who transferred £52,401 in pension cash from Scottish Widows and Legal & General to Capita Oak. Winning's money had apparently been invested in Store First storage pods, the rulings said.

Things don't look good for Mr X or Winning (and doubtless others) because the two companies that acted as trustees to Capita Oak and Henley Retirement were wound up by the high court in July 2015. This was after an official investigation found that they were involved in a venture where people were cold called and persuaded to transfer their pensions "on the basis of misrepresentations made" concerning returns. The investigation found that the only investments offered to the public were storage pods marketed for sale by Store First, which paid commissions of up to 46% to another company which was part of the overall scheme.

It's all been quite frustrating for the Self Storage Association UK, which describes itself as the main trade body for the industry. Its boss Rennie Schafer says investment companies have been aggressively marketing these unregulated schemes to small investors "who are less informed of their perils," adding: "The idea of breaking it up into little pieces and selling it off is not how self-storage works."

Store First, based near Burnley, told us: "The SFO investigation is not against Store First or its product of storage pods, but against the schemes named … Store First is in no way connected with the running of any pension scheme being investigated by the SFO or, indeed, any scheme. In addition, Store First does not carry out any direct sales activity, and all sales are made by third party intermediaries."

The company added it had "no connection whatsoever" with any financial advice these schemes receive or give, or to their ongoing administration.

(Action Fraud, dated 26th May 2017)

Smishing - the term used for SMS phishing - is an activity which enables criminals to steal victims' money or identity, or both, as a result of a response to a text message. Smishing uses your mobile phone (either a smartphone or traditional non-internet connected handset) to manipulate innocent people into taking various actions which can lead to being defrauded.

The National Fraud Intelligence Bureau has received information that fraudsters are targeting victims via text message, purporting to be from their credit card provider, stating a transaction has been approved on their credit card.

The text message further states to confirm if the transaction is genuine by replying 'Y' for Yes or 'N' for No.

Through this method the fraudster would receive confirmation of the victim's active telephone number and would be able to engage further by asking for the victim's credit card details, CVV number (the three digits on the back of your bank card) and/or other personal information.

Protect yourself:

- Always check the validity of the text message by contacting your credit card provider through the number provided at the back of the card or on the credit card/bank statement.

- Beware of cold calls purporting to be from banks and/or credit card providers.

- If the phone call from the bank seems suspicious, hang up the phone and wait for 10 minutes before calling the bank back. Again, refer to the number at the back of the card or on the bank statement in order to contact your bank.

If you have been a victim of fraud or cyber crime, please report it to Action Fraud at or alternatively by calling 0300 123 2040

(1st June 2017)

(Action Fraud, dated 15th May 2017)

Following the ransomware cyber attack on Friday 12 May which affected the NHS and is believed to have affected other organisations globally, the City of London Police's National Fraud Intelligence Bureau has issued an alert urging both individuals and businesses to follow protection advice immediately and in the coming days.

Ransomware is a form of malicious software (Malware) that enables cyber criminals to remotely lock down files on your computer or mobile device. Criminals will use ransomware to extort money from you (a ransom), before they restore access to your files. There are many ways that ransomware can infect your device, whether it be a link to a malicious website in an unsolicited email, or through a security vulnerability in a piece of software you use.

Key Protect messages for businesses to protect themselves from ransomware:

- Install system and application updates on all devices as soon as they become available.

- Install anti-virus software on all devices and keep it updated.

- Create regular backups of your important files to a device that isn't left connected to your network as any malware infection could spread to that too.

The National Cyber Security Centre's technical guidance includes specific software patches to use that will prevent uninfected computers on your network from becoming infected with the "WannaCry" Ransomware:

For additional in-depth technical guidance on how to protect your organisation from ransomware, details can be found here:

Key Protect advice for individuals:

- Install system and application updates on all devices as soon as they become available.

- Install anti-virus software on all devices and keep it updated.

- Create regular backups of your important files to a device (such as an external hard drive or memory stick) that isn't left connected to your computer as any malware infection could spread to that too.

- Only install apps from official app stores, such as Google's Play Store, or Apple's App Store as they offer better levels of protection than some 3rd party stores. Jailbreaking, rooting, or disabling any of the default security features of your device will make it more susceptible to malware infections.


Fraudsters may exploit this high profile incident and use it as part of phishing/smishing campaigns. We urge people to be cautious if they receive any unsolicited communications from the NHS. The protect advice for that is the following:

- An email address can be spoofed. Don't open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for your personal or financial details.

- The sender's name and number in a text message can be spoofed, so even if the message appears to be from an organisation you know of, you should still exercise caution, particularly if the texts are asking you to click on a link or call a number.

Don't disclose your personal or financial details during a cold call, and remember that the police and banks will never ring you and ask you to verify your PIN, withdraw your cash, or transfer your money to another "safe" account.

If you have been a victim of fraud or cyber crime, please report it to Action Fraud at

(1st June 2017)

(Action Fraud via Essex Community Messaging, dated 23rd May 2017)

Action Fraud has received the first reports of Tech-Support scammers claiming to b