STAYSAFE
This month an update on some old scams and some new ones that have appeared recently.
Funeral Scam
I didn’t think the scammers could stoop much lower but there are a number of reports of the recently bereaved being specifically targeted. On the day of a funeral family and friends are sent a link on social media that looks like it comes from legitimate funeral directors and claims to let those unable to attend watch the service online. Those who click on the link are asked for payment details. The scammers even go so far as to copy pictures of the recently deceased from real funeral directors’ sites and actively seek out and target the families involved on Facebook.
Funeral directors will never ask for mourners to pay to live stream a funeral.
DVLA Scam
A scam email claiming to be from the DVLA is doing the rounds again telling you that 'you are not up to date with your current vehicle tax' and threatens you with a fine or other penalties if you don't pay. A link is included to complete a form to 'be up to standard with the DVLA legal requirements'. The form is, of course fake, and is simply a way for the hackers to steal your data.
DVLA will never send e-mails of this kind. If in doubt contact them directly via www.gov.uk
Action Fraud has issued a warning about social media hacking after 22,530 people reported that their accounts had been hacked in 2023. With access to your accounts, fraudsters can con your contacts, sell your info on the dark web and try to steal your identity. Action Fraud has reported that some victims of email and social media hacking have been extorted by criminals who’ve stolen their private photos and videos.
There are a number of ways a hacker can gain access:
Data breaches: this is when hackers gain access to a system that holds confidential data on people. Fraudsters can then use this data to gain access to accounts.
Responding to a phishing message: scam messages that impersonate legitimate companies and contain links leading to malicious websites can be used to harvest personal details. Links can download malware to your device that steals your personal data, or cons you into entering your information on a website.
On-platform chain hacking: a fraudster posts links to dodgy websites in the comment section of social media posts, which then asks the victim to enter their social media account details, thereby giving the fraudster access to these details. The fraudster may also message the victim impersonating one of their contacts to try and get them to share their two-factor authentication code.
Credential stuffing: this is when hackers use a password they’ve stolen for one account to access other accounts from the same person because they have not used different passwords.
Shoulder surfing: this is when a scammer looks over your shoulder and watches you log in to an account.
Malicious apps: dodgy apps created by fraudsters that install malware on your device, which is then used to steal login information for your accounts.
Advice on how to avoid your accounts being hacked can be found in my previous Marnhull Messenger articles. But if you do get hacked what should you do?
Beware of recovery scammers contacting you on social media telling you that they can get your account back. They can’t, and this is just another scam.
Go to the help page of your account provider and find out who to contact to get assistance with a hacked account. Ensure you change your password and log out of your account on all devices.
Check to see if any new ‘rules’ have been set up on your email account that you haven’t created. These can control where emails about your account are forwarded to.
Let your contacts know that you’ve been hacked and that any messages they receive are not from you.
Make sure you change passwords on other accounts in case fraudsters have also hacked into them, and check your bank statement for unauthorised transactions.
If you notice any unusual behaviour on your bank account, call your bank immediately using the number on the back of your bank card and report it to Action Fraud – The National Fraud & Cyber Crime Reporting Centre on 0300 123 2040 or at: www.actionfraud.police.uk/reportscam
Comentários