AI threat
The rapid development of AI has been well documented in the media this year. Chatbots are now incredibly proficient at replicating human designs and writing styles. Fraudsters will use AI to make their attempts to fool you more believable. Beware that AI can create convincing emails, websites, text messages, adverts, social media posts and human conversation.
Below are some examples of popular scams.
Fake or spoofed online stores
It can be difficult to spot a fake, fraudulent or scam website. Fraudsters can be extremely cunning and use their expertise to create convincing websites.
How to identify and avoid this scam:
- Check the URL – Look for subtle misspellings or incorrect domains.
- Check the website is secure – A secure website’s URL should begin with ‘https’ – the ‘s’ stands for secure. Additionally, a padlock icon next to the URL in the browser indicates that the site uses encryption to protect your data.
- Check for red flags – Poor design quality, low-resolution images, spelling mistakes or grammatical errors are all signs of a website being fake/spoofed.
- Check for reviews – Complete a search using the website’s name with the word ‘reviews’ or ‘scam’ to see if other users have reported it as fraudulent.
Fake social media advertisements
Fraudsters create advertisements with discounted prices to entice shoppers through the use of social media. They are designed to look legitimate but are created by scammers with malicious intent.
How to avoid this scam:
- Verify the brand’s official page – Visit the brand’s official social media page to see if the same offer has been posted.
- Research the offer – Search the product or deal online to see if it is offered across multiple platforms.
- Check comments on the ads – Comments will often be left on posts calling them out as scams.
- Check the URL – If the ad takes you to a website, check the URL is correct and the site is secure (https and padlock).
Phishing emails and text messages
Phishing attempts often include emails or text messages where scammers will pose as trustworthy entities to deceive you into providing sensitive information, such as login credentials, debit or credit card numbers and/or personal details. They will often create a sense of urgency, fear or curiosity, prompting you to act quickly without due diligence.
How to avoid this scam (emails):
- Urgent action – Emails threatening a negative consequence, or a loss of opportunity unless urgent action is taken, are often phishing emails.
- Suspicious links or attachments – If you receive any emails that contain links, hover your mouse over, but do not click the link. Look at the address that pops up when you hover over the link and ask yourself if the address matches the link that was typed in the message.
- Mismatched email domains – If an email allegedly originates from (say) Amazon, but the domain name reads as something else, such as Gmail, you can report the email as a phishing attack to report@phishing.gov.uk.
- Generic greetings – If the message you have received starts with a generic ‘Dear Sir or Madam’, this is a good indication of a phishing attempt.
- Bad spelling and grammar – Legitimate businesses go out of their way to proofread their emails. If an email contains spelling mistakes or improperly worded sentences, it’s likely a phishing attempt.
How to avoid this scam (text messages):
- Verify the phone number – Whenever you get a text you were not expecting or from someone you do not know, it is good practice to do an internet search for the number to see who it is associated with.
- Suspicious links or attachments – On some mobile devices you can hold your finger on a link for a second or two in order to check the destination of where the link takes you. If that location differs from how the link is written within the text, it is a good indication of a fraudulent attempt.
- Don’t engage – Never click links, reply to text messages or call numbers you do not recognise. Do not respond, even if the message requests that you ‘text STOP’ to end messages. If you believe the text to be fraudulent, you can report it to your mobile phone provider by forwarding it for free to 7726.
- Update your device –Make sure your phone and security apps are updated to the latest version. Consider installing anti-malware software on your device, if available, for added security.
Too good to be true offers
All of the above scams may use enticing ‘too good to be true’ offers as an attempt to lure shoppers in during Black Friday and Cyber Monday. Exercise caution and scepticism when encountering promotions that seem excessively generous or unrealistic.
Scammers often utilise the holiday season to impersonate bank representatives, seeking sensitive information. Remember, we will never ask you for one-time passcodes or online banking passwords. If you receive any unsolicited calls requesting personal details, hang up immediately and contact us.
If you believe you have fallen for a scam, please speak to your private banking team or Relationship Manager in the first instance. You can also contact the Private Bank Team on +44 (0) 1933 543 600 or the Racing Bank on +44 (0) 1933 543 543.