Protect yourself from online scams

Scams, which are schemes to con you out of your money or possessions, are as old as time itself. The perpetrators tend to be very skilled at taking advantage of current trends, so a recent increase in online scams comes as no surprise.

In March, the Department for Digital, Culture, Media & Sport published a report on cyber security which said that 39% of businesses have suffered a cyberattack in the past year. The most common form of cyberattack is phishing attempts. This happens when scammers set up fake websites or send fraudulent emails in an attempt to extract certain information from you, such as financial details or passwords.

Phishing attempts have evolved in recent years to become even more sophisticated. And despite the best efforts of firms to install robust IT security measures, some phishing scams will still make  it to your inbox. Although the effect of phishing scams is potentially devastating for a business, everyone can help by being more aware of what to look out for. It is also important to be aware of how to report suspected fraudulent activity.

At GWA we have a dedicated Computer Services team that are responsible for more than 600 computers in 50+ locations nationwide. They have provided us with the following tips for spotting bogus emails:

1. Don’t Trust the Display Name. Scammers are skilled at using convincingly legitimate display names, which is the main title displayed in most user inboxes. If you are suspicious, check the email address of the sender
2. Hover Before Clicking. Before clicking on any embedded links in the body of an email, hover your mouse over the link to check if the link address looks valid
3. The Importance of Good Grammar. Legitimate emails rarely have major spelling and grammar errors. Also, scam emails quite often use US English rather than UK English
4. Greetings and Salutations. Legitimate business contacts will usually use your proper title, first name and last name. ‘Dear Valued Customer’ etc should put you on your guard
5. Don’t Divulge Personal Information. Most banks and service providers would never ask for personal data such as account details, passwords, pins or personal details in an email
6. Take Five. Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.” It is easy to react in the heat of the moment. Before you divulge information or click on a link, take time to reflect if the request is genuine
7. Review the Signature. Legitimate companies provide clear contact details. If this, or information about the seller, is missing then think again
8. Attachment Issues. Only open attachments that are from a known, trusted source. Malware (malicious software) can damage files on your computer, steal your passwords or spy on you without your knowledge. These attacks can cause devastating damage to business operations and cost a lot to sort out.

If you believe you’ve fallen for a scam, contact your bank or service provider immediately on a number you know to be correct, such as the one listed on their website or on the back of your debit or credit card.

Action Fraud is UK’s national reporting centre for fraud and cyber crime. If you have been scammed or defrauded you should report it to them on 0300 123 2040 or via actionfraud.police.uk. for anyone based in Scotland, please report to Police Scotland directly by calling 101.

If you would like more information on how GWA’s dedicated team of Microsoft certified engineers can help you with any aspect of your IT support including security, hardware and software supply or staff training, then please get in touch.

Finally, remember that phishers are extremely good at what they do. Just because an email has convincing brand logos, language and a seemingly valid email address, does not mean that it is legitimate. The best approach is to be extremely sceptical when it comes to your email messages— if it looks even remotely suspicious, DON’T OPEN IT!