Royal Mail alert as ‘easy to fall for’ scam could ‘drain bank accounts

This Morning: Expert issues warning over fake charity scam

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

With the Royal Mail warning customers earlier this month that postage will be affected by striking workers, scammers have been seizing the opportunity to trick unsuspecting victims waiting for their parcels. Phishing attacks related to missed deliveries continue to be prevalent, making it vital to know what to look out for now more than ever.

The Royal Mail scam is simple, an email is sent out claiming that the person has missed a parcel or that it is being held. They are then redirected to a website that looks like the Royal Mail’s official site to arrange delivery.

They then have to enter their details on the site and depending on the version of the scam, they could either be asked to pay a small fee or call a premium rate phone number.

Jacco, computer security expert at Next Day Delivery, said: “This scam is known as a phishing scam and if you are waiting for a parcel or have ordered many gifts online this month then it’s easy to fall for.”

He continued: “The easiest way to tell if these emails are legitimate is to check the sending address of the emailer. You can do this on your computer or your phone by clicking on the person’s name.”

Jacco said that this would show the email address, and if it’s legitimate, it “should look something like [email protected]”.

He said: “The last part of that email is the most important. Make sure that the email address does belong to the Royal Mail.”

If someone has missed a delivery or they owe anything for a parcel, the Royal Mail will let them know when they post a card through the door.

Jacco said: “Links in an email from an untrustworthy source can also be dangerous so don’t click on any unless you know the sender. Clicking on a fraudulent link could cause your device to become infected.

Man, 64, recalls sophisticated scam which almost lost him £6,400 [INSIGHT]
Brits are most likely to return coffee machines, shoes and tablets [ANALYSIS]
Family set to save £297 on energy bills through green energy scheme [EXPLAINED]

“You should also never call any of the phone numbers listed in the emails as they will point to premium rate phone numbers which will drain your bank account.”

For those who suspect they may have been targeted by a Royal Mail delivery scam or are in doubt about an email they’ve received, it’s advised to contact the company directly to clarify.

But while the festive season attracts a higher level of online shopping than usual, it inevitably leads to increased cybercrime, as reflected in last year’s staggering fraud stats. Here are a few additional tips and scams to watch out for when taking to the sales this week.

Browser extensions

Browser extension scams have become an easy-access option for fraudsters targeting online shoppers.

Browser extensions are described as a “small software module for customising a web browser”, and can enable automatic ad blocking, or even discount coupons.

Christopher Bulvshtein, cybersecurity expert at VPNOverview, said: “At this time of year, more people tend to install browser extensions that hunt for discounts. The problem is, some browser extensions can be a huge privacy risk.”

Fraud experts at Proxyrack weighed in, telling shoppers to “be cautious” with these, as while some are legitimate, some have been “developed by scammers for phishing data”.

The experts continued: “In short, avoid installing any new browser extensions relating to finances around this time of year – the most legitimate holiday savings will be found through the company websites directly.

“If you do opt to install extensions, be sure to do your research – putting the name through sites like TrustPilot can help identify any suspicions.”

Verification code hijacking

Another common scam circulating is a malicious caller posing as a bank or another company with whom a person holds an account.

Mr Bulvshtein explained: “They’ll tell you there’s a problem with your account. They’ll then say that they’re sending a text message to you, with a code to prove your identity.

“By posing as an official company, they turn the tables on you. You’re put on the spot and expected to prove who you are. Actually, they’re the criminal, and they already have your password.”

He went on to say that the code the person might be handing over “will allow them to process a payment or log into your account” with two-factor authentication before warning that unfortunately, “many companies will no longer refund customers who willingly handed over a security passcode.”

Mr Bulvshtein suggested: “Be sure to use a password manager to create strong, secure, and unique passwords. Set up two-factor authentication on your essential, high-risk accounts, such as bank, credit, and shopping websites.”

Source: Read Full Article