Make sure you mullet over before you fall victim to phishing emails on National Fish and Chip Day
- Action Fraud received over a quarter of a million reports of phishing between April 2018 and March 2019
- Most commonly spoofed sectors are telecoms companies, technology brands and Government organisations
- Never automatically click on a link in an unexpected email or text
Action Fraud received over a quarter of a million reports of phishing between April 2018 and March 2019.Over two thirds of these reports were about emails claiming to be from a well-known brand. There were almost 70,000 that related to phishing phone calls, otherwise known as vishing, and close to 18,000 relating to phishing text messages, known as smishing.
Commander Karen Baxter, National Police Coordinator for Economic Crime at the City of London Police, said:
“Phishing messages are a fraudster’s gateway. If you provide personal details in response to these messages, this can give criminals access to your accounts, leaving them free to commit fraud.
“Fraudsters often use spoofed phone numbers and email addresses to trick you. If you receive a message claiming to be from a well-known brand or organisation, always check directly with that brand or organisation to see if it is legitimate. If something feels wrong then it is usually right to question it. ”
Phishing is an enabler of fraud. These messages are commonly used by fraudsters to gain access to the victim’s personal details, including date of birth, banking details and addresses. The victim’s details are then used to commit fraud and / or cyber crime.
The most commonly spoofed sectors are telecoms companies, technology brands and Government organisations.
- Don’t click on the links or attachments in suspicious emails, and never respond to unsolicited messages and calls that ask for personal or financial details.
- Caller ID and email addresses can be spoofed by criminals, so these shouldn’t be used to determine if the communication is legitimate.
- Anyone who has provided personal or financial details as a result of a phishing message, has lost money to a fraudster, or you have received a phishing message, even one not acted upon, should report to Action Fraud.
One victim who spoke to the City of London Police’s Economic Crime Victim Care Unit said he felt stalked and warned people to be cynical, never doubt their instincts and react quickly to an attack. He knew he was compromised at the time and changed his passwords, but says that he now wishes he had reacted quicker. It wasn’t until speaking to people he knew that worked in IT that he was informed of what further steps to take. He then spent 24 hours cancelling false log ins and changing passwords. He advised people to log into their settings to see how many sessions they are logged into for their online accounts.
Chris Ainsley, Head of Fraud Strategy at Santander UK said:
“Email and text messages sent by fraudsters can be highly sophisticated, appearing in inboxes as convincing and genuine messages from brands customers know and trust. In some instances, they can even appear in the same thread as genuine messages.
“There are signs to look out for such as spelling mistakes, generic greetings rather than your name and suspicious looking email addresses. Ultimately, the best way for customers to check if a message or request is genuine is to contact the “business” that the message claims to be from using independently sourced contact details.”
Abrahim Bakhtiar, CELA Senior Attorney, Microsoft Digital Crimes Unit UK said:
“Our research shows that more than 40% of people in the UK have been targeted by increasingly sophisticated attacks. The best protection against these scams is awareness - be vigilant and don’t open attachments or click links in unsolicited emails unless you are sure who the sender is, even if the message appears to be from Microsoft. If the email is unexpected, be extra cautious about opening any attachments.”
ActionFraud is the UK’s national fraud and cyber crime reporting centre.
We provide a central point of contact for information about fraud and cyber crime.
The easiest way to report fraud and cyber crime is by using our online reporting tool.Report
Latest News from
Mother and daughter share their experiences of ticket fraud to warn others17/06/2019 13:43:00
A mother and daughter have shared their experiences of falling victim to ticket scammers in the hope that others think twice before buying tickets from unauthorised platforms.
Controls prevent phone fraudsters spoofing HMRC04/06/2019 10:20:00
The tax authority has put an end to fraudster’s mimicking its most recognisable helpline numbers to dupe taxpayers and steal money.
Over £27 million reported lost to crypto and forex investment scams22/05/2019 10:20:00
New warning from The Financial Conduct Authority (FCA) and Action Fraud.
Action Fraud warns of Hajj fraud, as criminals target Muslims booking trips to Mecca16/05/2019 12:20:00
New Hajj fraud warning from Action Fraud and City of London Police.
Fraudsters are continuing to send victims their own passwords in sextortion scam15/05/2019 17:02:00
A sextortion phishing scam, first identified by the National Fraud Intelligence Bureau (NFIB) in July 2018, continues to be reported to Action Fraud in high numbers.
NCSC advice following WhatsApp vulnerability15/05/2019 13:20:00
The National Cyber Security Centre (NCSC) has issued advice for users of WhatsApp following yesterday's vulnerability announcement.
Gang of fraudsters jailed for 43 years by the Metropolitan Police after reports to Action Fraud10/05/2019 10:20:00
A gang of fraudsters have been jailed for a total of more than 43 years for their parts in the theft of millions of pounds from businesses and individuals in the UK and abroad.
Action Fraud report reveals £7 million lost to holiday fraud08/05/2019 10:20:00
Fraudsters stole more than £7 million from unsuspecting holidaymakers and other travellers in 2018, a new report yesterday revealed.