Text and email scams: How to report online attempts to steal your money

Joanna Whitehead
·10-min read
Don’t get caught out (Getty Images)
Don’t get caught out (Getty Images)

Fresh warnings have been issued over a new scam that claims payment is required for a package to be delivered.

The latest con involves the victim receiving a text message from “Royal Mail”, claiming that a parcel is ready for delivery, but that an additional fee of £1.99 or £2.99 is required.

A link is shared for the recipient to click through and pay the alleged fee, only to be directed to a copycat website operated by fraudsters.

One victim revealed on social media in a tweet that went viral that such a con had left her “scammed out of every penny I had” after fraudsters telephoned her pretending to be her bank and asking her to move money around.

The Chartered Trading Standards Institute (CTSI) and Royal Mail have both warned that such messages are fraudulent, with the CTSI adding that such scams have surged over the past year.

Read more:

“This delivery scam is yet another example of fraudsters attempting to make money out of the unsuspecting public,” said Katherine Hart from the CTSI.

“Due to the lockdowns, many millions of people rely on product deliveries, so scammers have focused their efforts on this theme.

“If you have any suspicions, contact Royal Mail to verify before you click any links or share details,” she added.

A spokesperson for Royal Mail said the service would only ever ask for payment by email or text message if a parcel had been sent to them from overseas and a customs payment was due.

“In such cases, we would also leave a grey card telling customers that there’s a Fee to Pay before we can release the item.”

But what other scams exist and what should you look out for? Here’s everything you need to know.

National Insurance

Getty Images
Getty Images

Action Fraud, the UK’s national reporting centre for fraud and cybercrime, is warning the public about a National Insurance scam after it received over 34,000 more calls last month compared with February 2020.

Victims have reported receiving an automated telephone call telling them their “National Insurance number has been compromised” and that they must “press one on their handset to be connected to the caller” in order to resolve the issue.

Once connected to the “caller”, victims are pressured into giving over their personal details in order to receive a new National Insurance number. In reality, they’ve been connected to a criminal who can now use their personal details to commit fraud.

Pauline Smith, head of Action Fraud, said: “We are asking the public to remain vigilant and be cautious of any automated calls they receive mentioning their National Insurance number becoming compromised.

“It’s important to remember if you’re contacted out the blue by someone asking for your personal or financial details, this could be a scam.

“Even confirming personal details, such as your email address, date of birth or mother’s maiden name, can be used by criminals to commit fraud. If you have any doubts about what is being asked of you, hang up the phone. No legitimate organisation will rush or pressure you.”

HMRC (tax scams)

With the end of the tax year approaching, scams relating to tax payments, bills and rebates are on the rise. Her Majesty’s Revenue & Customs (HMRC) received over 900,000 reports of HMRC scams in 2020, with more than half of these offering fake tax rebates.

Common scams include messages claiming you are owed a tax rebate, that you’ve missed an important deadline, or warning that you have an outstanding fee to pay. Scams exploiting the Covid-19 pandemic have also been reported, with people receiving texts stating that they are owed a “goodwill payment” due to the coronavirus. Others demand a £250 payment after individuals are accused of “breaching lockdown restrictions”.

HMRC has said that it will never send notifications by email about tax rebates or refunds and advise recipients not to open any attachments, click any links or share any personal or payment information. It adds that if you are unsure about the legitimacy of a message you receive by email, text message, WhatsApp, social media or telephone, you can forward the details to the National Cyber Security Council at phishing@hmrc.gov.uk.

Genuine emails from HMRC should all end in ‘gov.uk’ only. Any additional words, letters or numbers following this are likely to be fraudulent. Don’t click links contained in emails or messages claiming to be from HMRC – log in to your account, email or telephone them directly to be certain it’s safe.

You can also see examples of HMRC scams by following this government link.

Investment fraud

Getty Images/iStockphoto
Getty Images/iStockphoto

Investment fraud occurs when you receive a cold call from someone claiming to offer you an opportunity to invest in a scheme, service or product that is actually worthless or doesn’t even exist. It’s also known as share sale fraud, hedge fund fraud, land banking fraud or bond fraud. The majority of investment frauds are run out of offices known as boiler rooms. Victims may also be offered “special discounts”, “insider info” or “exclusive” stock tips.

Boiler room operations often contact victims out of the blue and pressure them into making rushed decisions with no time to consider the nature of the investment. Callers often sound extremely knowledgeable and professional, and may produce polished-looking websites, certificates or brochures to “prove” their authenticity.

As well as never providing bank account details or sensitive information, never accept investment offers on the spot from cold callers. Instead, look at the Financial Conduct Authority’s ScamSmart warning list which acts as a barrier between unscrupulous scammers and you.

Sadly, boiler room operations tend to target people aged 65 and older, so it’s important to talk to older family members and vulnerable people to help them spot bogus callers.

Netflix

Action Fraud received over 400 reports in just one week from people reporting fake emails purporting to be from Netflix. The emails state that the recipient needs to “finish signing up” by clicking the link provided before they can use the online streaming service. Doing so, however, takes victims to phishing websites that steal your Netflix login, personal and financial information.

Netflix says that it will never ask you to enter personal information in a text or email. This includes credit or debit card numbers, bank account details and Netflix passwords. If you think your account has been compromised, Netflix advises you to contact it directly using the details on this page.

Romance fraud

Getty Images
Getty Images

Romance fraud occurs when a person you’ve met through an online dating website or app uses a fake profile to build a relationship and gain your trust before asking you for money or information to steal your identity.

Tell-tale signs include asking you lots of personal questions but disclosing very little about themselves; and exploiting your trust by inventing a reason to ask for your financial assistance, such as money to pay for a flight to visit you, or money for medical treatment for them or a family member. “Perfect” profile pictures can also be a giveaway and may have been stolen from a model or actor. Using the reverse image search tool on Google can help you find the original source of photos.

To avoid getting caught out by romance fraud, avoid revealing too many personal details when dating online, such as your date of birth or home address, which may result in your identity being stolen. Never send or receive money or share your bank details to someone you’ve met online, no matter how convincing their story is. And, if you’re online dating, choose a reputable site or app and use their messaging service, rather than switching to social media or texting, where messages can be deleted more easily.

To view this content, you'll need to update your privacy settings.
Please click here to do so.

According to Action Fraud, women are twice as likely to fall victim to romance fraud and investment fraud twice as men.

Paul Davis, retail fraud prevention director at Lloyds Bank, said: “Scammers do this for a living – they're in it for the long game and will often spend a lot of time building up a 'relationship' and trust – they can invent convincing stories, waiting for the right moment to start tricking people into sending them money.

“If you've struck up a conversation or begun a relationship solely online and the discussion moves on to sending money, that's the time to stop.”

Fraud recovery

Getty Images/iStockphoto
Getty Images/iStockphoto

As if being scammed once isn’t bad enough, data from the National Fraud Intelligence Bureau (NFIB) found that over £373 million was lost by repeat victims of fraud in the 2019/20 financial year, with the average victim losing £21,121. However, when someone reported at least one investment fraud, this figure jumped a staggering 300 per cent to £84,604.

A fraud recovery scam is when criminals contact victims pretending to be from their bank, a law enforcement agency, solicitors or “specialist recovery firm” claiming to be able to help them get their money back or compensation. Incredibly, this is often the same criminal targeting the victim again, or the victim’s personal details may have been sold on the dark web to other fraudsters. Scammers will usually ask for a fee for this “service” and may ask victims for their bank account details so they can “deposit” the recovered funds.

Mark Steward, executive director of enforcement and market oversight at the Financial Conduct Authority said: “Consumers should always be wary of cold calls and promises to recover funds lost to a scam, as these are often signs of an attempted recovery fraud taking place. If you’re under pressure to make a quick decision or a payment, there’s a very good chance you’re talking to a scammer.

“Be ScamSmart and check the FCA Register to make sure that the firm you are dealing with is authorised to perform the service they are providing for you, and use the contact details on the FCA Register.”

TV Licensing

While this particular scam was first identified by the NFIB in September 2018, scam emails purporting to be from TV Licensing resurfaced again in October 2020. Victims receive an email which states that there is a problem with their Direct Debit that needs addressing in order for them to continue watching TV legally at home.

Victims are then urged to click a link, which directs them to an authentic-looking website that prompts them to enter their home address and bank details, which are duly stolen by scammers.

TV Licensing say that in emails, it will include your name and part of your postcode, compared with scam emails which often just use your email address or “Dear customer”. All legitimate emails from TV Licensing come from donotreply@tvlicensing.co.uk (or donotreply@spp.tvlicensing.co.uk). If you think you’ve been a victim of a TV license scam, contact Action Fraud or email the government’s fraud service at report@phishing.gov.uk.

What can I do if I think I’ve been a victim of fraud?

If you think you’ve been a victim of fraud, you can contact Action Fraud for help and advice. You can also forward details of suspect emails, messages and telephone calls to the National Cyber Security Centre.

Read More

Nicola Sturgeon discusses implications of a border between an independent Scotland and the rest of the UK

Oscars 2021: Best dressed stars on the red carpet, from Carey Mulligan to Zendaya

iPad Pro: How Apple made its new tablet – and what exactly it is