Three things prompted the writing of this post.
Firstly, I received a phone call from the Serious Fraud Office to tell me that my bank card had been used fraudulently. I’ve had cards misused in this way before but the informant has always been my bank or credit card company. So I queried why the Serious Fraud Office was involved.
“We have someone in custody with a cloned copy of your card.”
“Can you tell me which bank the card is for?” Like many people I have more than one payment card. Also, alarm bells were ringing – the Serious Fraud Office surely wouldn’t bother with my little bank card?
There was a long silence and then the SFO man named a bank. I don’t have an account there and so put the phone down. If he’d named my bank, I hope I would have had the sense to still put the phone down and then call the bank direct.
The second prompt came via an email from a follower of this blog. He told me how he’d been one click away from falling for a scam and transferring a large sum of money to an unknown bank account. Fred (not his real name) received a call from someone well-spoken, supposedly from his bank. This man was querying a large payment that had just been attempted via internet banking from Fred’s account. Fred said the payment was nothing to do with him. The well-spoken man said there had obviously been a security breach and that he would put Fred through to someone in the Security department who would sort things out. According to the security man this meant setting up a new account and transferring over the whole balance from old to new account. He gave Fred the ‘new’ sort code and account number and talked him through doing the internet transfer. Fred was just about to hit the ‘Confirm’ button when he began to feel suspicious, the ‘new’ sort code wasn’t like the ones usually used by his bank.
He didn’t press confirm and instead rang his bank direct. They confirmed it was a scam. Fred had been one click away from losing almost £2,000.
Finally, the company I work for is extremely hot on all security issues. It has a particular thing about phishing emails which, if a single employee clicks on a ‘bad’ link, can invite hackers into the whole of the company’s system. Last week we all got sent a warning about fake charity emails. Apparently charity scams are particularly prevalent in this season of goodwill. The email will appear to come from a well-known charity, it might even be one that you support. The email might ask you to click on a link to check the record of donations you’ve already made or it may be inviting you to make a donation. Don’t click on any links you are not absolutely sure of! Instead abandon the email and go direct via the charity’s main web page to donate or check your account.
Tip: By hovering the mouse over a link in an email, you can see where it will take you.
Be vigilant and stay safe!