ATP Template with bundler

Cybercrime


Answer

With the increase in online banking and the introduction of contactless payments, criminals are finding new ways to scam people out of their money. There are a few common scams relating to banking.

Cash Machines

Cash machines are good targets for criminals as they can fit devices to cash machines that may trap the bank card or copy the card details and record the PIN. They may also try to distract you by making conversation, allowing an accomplice to then take your card and cash. Another tactic is to ask if something on the floor is yours, distracting you in allowing them to get your money and/ or card. Ways to protect yourself against it are to make sure you are:
  • Be wary of anyone approaching when you are at a cash machine,
  • Always shield your PIN (Personal Identification Number), the best way is to stand close to the cash machine and cover the keypad with your purse/ wallet or spare hand,
  • If your card is ever retained by the machine do not leave the cash machine. Report it immediately by calling your card issuers number.
Cards and Contactless Payment

This method of payment has become increasingly popular and there are many myths around this use of payment.

One that is common is that people can come along with a card payment machine whilst the card is in your bag and take the information on your card to then commit fraud. This is not true because whilst a card reader that is contactless-enabled can read a card from 10cm away the information it receives is what is stored on the front of the card. Which is never enough to clone a card as it is incomplete for the information needed. As the card reader needs to be very close to the card this also makes it impossible for the details to be intercepted when in use, something that is also a common myth. There are a few tips you can follow to reassure yourself that no one has used your card through contactless payment:
  • Always go through your bank statements and check which are contactless, to make sure you recognise them all,
  • Don’t let anyone take your card out of sight for payment under any circumstances. They could use this time to copy the information stored in the magnetic strip or the CCV code on the back of the card,
  • If your card or phone, with card payments, enabled on it, are ever stolen inform your bank as soon as possible.   
Online banking

With online banking becoming increasingly popular so are criminals trying to scam people out of their money. Some banks may give one-time passcodes sent to your device so you can make payments, always keep these and any personal details, passwords or memorable information safe. Never share these with anyone even from your bank. If someone asks for these details, they are most certainly a criminal. You can protect yourself by:
  • Making sure any passwords or memorable information are chosen with care, try to make them as random as possible,
  • Always keep any banking apps or software up to date by downloading updates when prompted,
  • Remember to log out of your online banking account or app every time, simply closing the app/ web page or turning off your device may not be enough,
  • If you use any banking apps/ websites in public take care to shield your PIN, passcode or any passwords used,
  • It is difficult to tell if public WI-FI spots are secure so never use them for banking,
  • Never share any security codes, passwords or memorable information that can be sued to access your account with anyone,
  • If your bank ever calls you get a reference code from them, then hang up and call them back using a number you know is safe. Such as one on their website or listed on your banking information. Only call back once the line has been cleared, if you are unsure about this call using a different phone than the one they contacted you on.  
For more information please see the Is this a scam? question.


Answer

Buying and selling items on the internet is quick, easy and offers a wide range of choice. Here are a few simple steps to follow to ensure you stay safe whilst shopping online:

  • Always buy from a reputable site, read through their terms and conditions and always remember to log out when you have finished.
  • If using an internet auction site, check the seller's reputation and take time to read the guides issued by them
  • If goods are advertised substantially cheaper than elsewhere, be careful as it may not be genuine
  • If buying from a private seller make sure you have full contact details and not just an email and mobile phone number
  • Be wary of sending cash and money order. It is advisable when paying over £100 to use a credit card as it offers the best protection in case anything goes wrong.
  • When entering payment details make sure the website is secure; a small padlock should appear at the bottom of the screen and the URL should read https://- the 's' stands for secure.
  • Consider using an online payment option such as PayPal.
  • Never pay by direct bank transfer.
  • Avoid using public wi-fi when online shopping, hackers can intercept passwords and credit card details.

Action Fraud is the UK's national fraud reporting centre; if you come across something suspicious when shopping online or something seems too good to be true, you can report it via their website. Additionally, the UK European Consumer Centre (UKECC ) provides free and impartial advice for anyone who experiences problems when purchasing goods in other European countries. Please see links to this and Action Fraud in the related information section.


Answer

This is almost certainly a scam and you should delete or ignore the communication. There are different versions of scams and you must remember- if something seems too good to be true, it usually is. Below are some examples of the methods scammers may use:

  • 'Phishing' is the term used for a scam that attempts to induce you to reveal personal information, such as passwords and credit cards numbers. In the case of a dating agency, it is preying on people who are lonely and want friendship. For any similar scenario, if you are asked for and give money (and it is a scam), it is unlikely you will ever see your money again.
  • Telling you that you are a long lost relative of a recently deceased person, you have been chosen to inherit a large amount of money from a person who does not have any living relatives.
  • Lottery scams may ask you to pay out in order to receive your winnings. No real lottery company would ask you to pay a fee before being able to claim your prize nor are large amounts of money handed out randomly. If you receive an email and it is not genuine, do not respond.
  • Informing you that your computer has been hacked and you need to pay a 'ransom' in bitcoin . Further information on, and examples of this can be found in related information.
  • You may receive a letter purporting to be from the police confirming the authenticity of a letter regarding a lottery win. The police do not authenticate commercial organisations.

To protect yourself from scammers, here are some useful tips:

    • If you were a long lost relative it is unlikely that the executors would make contact with you via email.
    • Is the phone number a mobile? A mobile call using a UK number can be made from anywhere in the world.
    • Solicitors and executors of wills do not just hand over large sums of money without very thorough checks.
    • Payment for the execution of a will comes out of the deceased person's estate, not from the people likely to receive a bequest.

It is better to thoroughly check out the situation rather than pay out a large sum of money on the basis of an email, electronic message, letter or phone call. Remember:

  • NEVER give out your personal details, bank account details or send any money to anyone who sends you such a communication, unless you are satisfied it is genuine. Many people have been defrauded out of a lot of money.
  • No matter how official it sounds check it out using a totally independent source.
  • They may lie about being based in the UK as this may make the scams seem more believable.
  • The addresses used are fake or reputable names of companies but with the wrong number.

Scam emails can be reported directly to Action Fraud, please see the link in related information.


Answer

Many police forces do now offer a service whereby they email members of the public to inform them of any known scams that are currently circulating. The name of the service varies from force to force with some referring to it as 'Alert' or 'Community Messaging.' These will appear under that force's messaging system rather than as a direct email from the Police.

Before circulating messages, even with good intent, it is worth 'googling' it as you are likely to easily identify those messages that are a hoax or scam.

It is important to remember that not all emails will be genuine and it is recommended that, if you do receive one, you check with the police force directly (via 101) who will be able to confirm whether or not it is a scam. If it is a scam email, you can report it directly to the Action Fraud website. Please see the links in related information.


Answer

Just because a car is advertised on a reputable site such as Autotrader or Ebay does not automatically mean that the seller is genuine. Many criminal gangs have been using reputable sites to advertise cars that don't belong to them or don't even exist.

Once the buyer decides that they want the car they are then taken to a fake website where they hand over the cash for a car that they will never see. The website is supposed to hold on to the cash until the vehicle is received (supposedly an independent place to hold the money whilst the deal is done), but it goes straight into the bank accounts of the criminal gangs, most of whom are based abroad.

There are a few ways to spot a fraudulent car sale:

  • Check the address and postcode are correct
  • Check the contact numbers – for a big company there should be a land line AND a mobile number
  • Look out for suspicious voicemail messages and spelling mistakes in emails/messages
  • Be wary if you cannot meet the buyer in person or if you can't physically view the car prior to purchase
  • HPI check can tell you whether a car is stolen, has any finance owing or if it has been written off – see the website in related information but please note there is a charge for their service

VSTAG (The Vehicle Safe Trading Advisory Group) is a forum designed to combat vehicle-related fraud and offer protection from this during the buying/selling process. You will find a link to their website in the related information section.


Answer

There is an application on Facebook which enables users to download the 'ClickCEOP' button and place it within their profile. This gives Facebook users direct access to advice and guidance should they ever need it, as well as a link to report concerns directly to the CEOP (Child Exploitation and Online Protection Centre). Please find the link to this website under Related Information.

There are various safeguarding measures that can be taken to keep your child safe whilst they are online. Further advice is available via the 'Internet Matters' and 'Cyberstreet Wise' websites under Related Information.


Answer

People are being increasingly targeted via social networking sites. Anybody who can get access to your personal information can do this; whether it is a former partner/friend or someone you have never met before. This is why it is extremely important to protect yourself when using sites such as Facebook /Twitter.
You should always be cautious about including any of the following information:

  • Name;
  • Address;
  • Telephone numbers/Email addresses;
  • Education / Employment information;
  • Photographs which may show your home and any valuables you may own;
  • Date of Birth;
  • Status updates/comments which may state when you are not at home, when you are going on holiday, what expensive items you have recently bought etc.

Be wary of including 'friends of friends' in your privacy settings, as this effectively allows anybody, to view your information. The anonymity of the internet makes it easy for people to lie about their identity; so be wary of accepting strangers who send you a friend request. They could be pretending to be someone else (e.g. lying about their gender/age) in order to persuade another person to agree to meet up with them, when in actual fact they have criminal intentions.

Also, if you add someone who you do not know, they may begin to ask you questions over time and aim conversations to particular subjects, in order to find out more information about you. If they already have your email address, they could log in to that account using the information you have given them and answer your security questions/reset your passwords. Once they have done this and have access to your personal emails, they could be gaining access to your bank details, online shopping accounts, PayPal etc. and use these to take money from your accounts or buy goods in your name.

'Internet matters' and 'Cyberstreet Wise' are websites that offer advice on using social networking securely and what safeguarding measures to take. You will find links to these, and other helpful websites, in the related information section.


Answer

If a person sends threatening/abusive/offensive messages to another person via Facebook, Twitter, or any other social networking site, they could be committing an offence. The most relevant offences are 'harassment' and 'malicious communications. The offence of 'stalking' may also be relevant if a person is being targeted persistently by someone across various social media accounts, along with any other repeated, obsessive and intrusive behaviour, that causes the person alarm and distress. See Q151 and the links in Related Information for further details.

For harassment to be committed, there must be a 'course of conduct' (i.e. two or more related occurrences). The messages do not necessarily have to be violent in nature, but must be oppressive and need to have caused some alarm or distress. See Q497 for further information regarding this offence.

If there has only been a single communication, which would be insufficient for the offence of harassment (above), there could be an offence relating to malicious communications. For such an offence to be committed, a message must be sent to another person (or sent via a public communications network) that is indecent, grossly offensive, obscene or threatening/menacing.

You can report any possible offences to your local police force, who will advise whether they can progress the matter based on the full facts and your individual situation. In order to assist the police with their investigation, you must not respond to the message as it may encourage the sender and make the situation worse. Also, you could take a screenshot of the message so if it gets deleted later there will still be a record of what was said.

However, depending on the circumstances and the nature of the messages, you may wish to initially make a report to Facebook/Twitter etc., as they have processes in place for such situations, and may be able to simply remove the content and/or close down the person's account.

Please see the links in Related Information for Facebook and Twitter's Community Guidelines in relation to dealing with harassment.


Answer

Depending on the exact nature of the information and how they have posted it (Have they sent the information to someone else? Have they posted it via their own account? Who has access to the information?), an offence may have been committed.

The offence of harassment may apply. For harassment to be committed, there must be a 'course of conduct' (i.e. two or more related occurrences). The information does not necessarily have to be violent in nature, but must be oppressive and need to have caused some alarm or distress. See Q497 for further information regarding this offence.

If the information is indecent, grossly offensive, obscene or threatening/menacing, then an offence relating to 'malicious communications' may have been committed. This offence does not require more than one incident. You can report any of these offences to your local policing team and they will then investigate and take appropriate action.

If the information posted does not fall under either of the above offences, then you may wish to consider whether the person has committed 'libel' (defamation of character - publishing a false statement that is damaging to a person's reputation). If this is the case, you would need to take action through the civil courts as this would be a civil matter and the police do not have any jurisdiction to assist with this. You should seek legal advice from the Citizens Advice Bureau and/or a solicitor before taking any action regarding this. Please see related information to find your local bureau.

In the first instance, depending on the circumstances and the nature of the information, you may wish to initially make a report to Facebook/Twitter (before contacting the police/Citizens Advice/a solicitor), as these sites have processes in place for such situations, and may be able to simply remove the content and/or close down the person's account.


Answer

A scam is a scheme designed to con you out of money. You will be contacted out of the blue either by telephone, email or in person. Fraudsters can be very convincing so it is important to be wary and investigate any suspicious behaviour to stop you potentially losing large sums of money.
If you are offered a deal that seems too good to be true, it more than likely is so be sure to check over all the facts and do not feel rushed into making a decision. Below are examples of the different types of scams you may come across:

  • Investment scams: smooth-talking sales people with brochures offer the opportunity to buy shares and investments that do not actually exist
  • Prize draw scams: Being told you have won a prize draw/competition but in order to receive the money you must dial a number - there will be a charge for this that they don't inform you of (if the company was genuine, they would make you aware that there is a cost to call them).
  • Insurance scams: companies offering insurance on products that you didn't originally buy from them. Check that the company is registered with the Financial Conduct Authority (FCA ) before agreeing to anything
  • Visa scams: examples of this type of scam include –
  • A person pretending to be a Home Office officer asks you to meet them/comes to your home to ask for money to process you or your partner's visa. Officers from the Home Office never collect money from you at home and will only meet you at their offices.
  • A person calls claiming that there is a serious problem with your visa and that you need to send money as soon as possible to prevent deportation, cancellation. They appear to be genuine and convincing.
  • Applicants for work visas will be asked to pay a deposit as proof that they have sufficient funds to support them in the UK. This is a scam. As part of the official process, you would only be asked for evidence not money.
  • Agents who say they can get a visa using forged documents and agents who say they can speed up the process, can't.
  • Vehicle matching scam: after advertising a vehicle you receive a call saying there is an immediate buyer. They then ask for an upfront fee which will be refunded if the car isn't sold; the car isn't sold and no refund is given
  • Pyramid scams: You are asked to pay into a scheme and promised that you receive money when you get to the top of the scale, however you never can reach the top.
  • Courier scams: fraudsters are sending couriers out to collect your bank card or money after calling to inform you there has been a fraudulent payment on your card (see Q887 for more details on telephone/courier scams).
  • Pension scams: the most common tactics include - offer of a 'free pension review,' promise of high returns on your investment, saying you can access your pension before the age of 55 or wanting to transfer your money overseas. They may tell you they are part of the Pension Wise Scheme - be wary as pension wise would never contact you out of the blue. 
  • Website scams: designed to look official but ask for payment on items that would be free on the genuine site e.g. EHIC card. Be wary of fraudsters cloning bank websites and sending emails pretending to be from banks and stealing credit card details.
  • Computer virus scams: small computer programs that are used to help scammers undertake their scam. In order to protect yourself you need to –
  • create passwords that are long, unique, a mix of letters and numbers and that you change regularly.
  • use anti-virus software that is kept updated and when installing new software, use a secure site which begins with https:
  • leave your firewall switched on and don't open suspicious or unknown emails, attachments, texts etc
  • before entering payment card details on a website, check that the link is secure (indicated by a padlock symbol in the browser window frame, NOT on the page itself.) If you click on the padlock, check the security certificate.

If you suspect a scam you should report it to both the Financial Conduct Authority and Action Fraud (see websites in related information) If the company is not registered with FCA, you can report them on 0800 111 6768. Do not give out personal details or money if you are unsure; once the money is transferred it is usually extremely difficult to reclaim it.


Answer

The offence of revenge porn occurs when a person publishes/ shares/ discloses a private sexual photograph or film, without the consent of the person who appears in the photograph or film, intending to cause that person distress. It is not enough that the person appearing in the photograph or film is distressed, as there must be an intention to cause that person distress, hence the offence being referred to as revenge porn. It is not an offence if the photograph or film is shown only to the person who appears in the photograph or film. It does not have to be published on the internet, it can be sent via text message or shown in person.

There are some defences to this offence -

  • That the material was disclosed as journalistic material and it was in the public interest to do so.
  • That the material had been previously disclosed for money (for example someone selling a sex tape of themselves to a newspaper) and that there was no reason to believe that the person appearing in the image or video had not consented to that disclosure.
  • That the disclosure was necessary to prevent, detect or investigate crime.

A person found guilty of this offence may face a fine or even imprisonment. If you believe that you have been the victim of revenge porn then contact your local police via their website, or by dialling 101. A victim of revenge porn can also get advice from the revenge porn helpline, see link in related information.

For circumstances that do not fit the above see Q697 for further information.


Answer

Cyber-flashing is the sending of obscene pictures to others over peer-to-peer Wi-Fi networks, such as AirDrop.

AirDrop is a feature on iPhones, iPods and iMacs that uses Bluetooth to create a peer-to-peer Wi-Fi network between devices. When switched on, it automatically detects supported devices within a radius of 10 metres. Although AirDrop can be used in a harmless way as it allows people to share photos with family and friends, some people are using the facility to send obscene pictures to strangers, usually whilst they travel on trains or buses. This can take place anywhere where there is a Wi-Fi signal.

The victim receives an obscene picture on their device with a message request to accept it from the sender. The victim can see the picture whether or not they accept. This may cause the victim to be distressed and embarrassed, making them feel vulnerable, as they do not know who or why the person sending the photo has targeted them.

At present, there is no specific offence of 'cyber-flashing' but this behaviour can potentially fall within the offences of harassment or public nuisance. If you receive an obscene picture from a stranger in this way, whilst you are travelling on the rail network, take a screenshot of the photo and report the incident to the British Transport Police.
In order to prevent yourself from becoming a victim of cyber-flashing over AirDrop, you can turn Airdrop off on your iPhone when you are not using it:

1 Go to Settings > General > AirDrop
2 Choose the option – Receiving Off

This will stop your device receiving AirDrop requests.

Contact your local police force

Enter your town or postcode to see information from your local force

If you can't find the answer?

Submit A Question