Feeds

UK banks and police proffer anti-phishing advice

Beware of the two-tiered email scam

  • alert
  • submit to reddit

The essential guide to IT transformation

The National Hi-Tech Crime Unit (NHTCU) and the UK banking industry today issued guidelines to help consumers protect themselves against Internet fraudsters.

The advice was prompted by a two-tiered email scam that has emerged in the past two months.

The first part of the scam involves emails being sent to UK consumers claiming to be from UK banks, asking them to "re-register" or "reactivate" their accounts at a replica bank website.

Typically, the fraudsters behind these "phishing" scams are located outside the UK and, as they are unable to transfer money directly out of their victims' online account overseas, they need a UK intermediary.

That leads to part two of the scam. This involves spam emails being sent to people offering them the chance to make some easy money by acting as a UK agent to a business overseas. They are asked to receive funds into their account and send them on overseas, less a certain commission. If someone agrees to do so, their account is used as part of the scam to send on stolen funds to the fraudsters overseas.

According to the NHCTU, fraudsters have been sending spam emails with fake job offers and advertising dummy jobs on recruitment websites to lure consumers to act as their UK agent in fraudulent money transfer schemes.

Although all the early indications are that very few people have been successfully duped by these scams - and the likelihood of falling victim to any type of Internet fraud is very low – there’s still a need to educate the general public.

"We know that many of these 'funds transfer scams' involve the proceeds of fraud and consumers who participate in these schemes are likely to become embroiled in a police investigation,” said Detective Chief Superintendent Len Hynds, head of the UK’s NHCTU.

“The message is - don't allow yourself to be duped. Remember, if an unsolicited money-making offer looks too good to be true, then it probably is."

David Lennox, director, fraud & physical security at the British Bankers' Association (BBA), comments: "The threats in the online world are the same as in the offline world. While these types of fraud have always been with us, the Internet is now being used as the preferred medium for attempting to carry them out".

Tips for staying safe online

The NHCTU has combined with the BBA and the Association for Payment Clearing Services in compiling a list of tips for staying safe online. The checklist, largely commonsense advice, contains the following pointers:

  • Know who you are dealing with - Always access Internet banking by typing the bank's address into your web browser. Never go to a website from a link in an email and enter personal details. If in doubt, contact the bank separately on an advertised number.
  • Keep passwords and PINS safe - Always be wary of unsolicited emails or calls asking you to disclose any personal details or card numbers. Keep this information secret. Be wary of disclosing any personal information to someone you don't know. Your bank and the police would never contact you to ask you to disclose PINs or all your password information.
  • Keep hold of your cash! - Don't be conned by convincing emails offering you the chance to make some easy money. If it looks too good to be true, it probably is! Be especially wary of unsolicited emails from outside the UK.
  • Keep your PC secure - Use up-to-date anti-virus software, security patches and a personal firewall. Be extra careful if using Internet cafes or any PC which is not your own and over which you have no control.
  • Check your bank's website - If in doubt, a good place to get help and guidance on how to stay safe online is your bank's website.
  • Check your statement - If you notice anything irregular on your account contact your bank immediately.

®



Related Stories

< a href="http://www.theregister.co.uk/content/55/33047.html">Lloyds TSB phishing scam nipped in the bud
Barclays: Internet scam victim
Email fraudsters target Barclays
Two-in-one ID theft, fee fraud scam debuts
Accused AOL phisher spammed the FBI
Email scam aims to swipe PayPal users' credit card details
ID theft hits 10m Americans a year
MS, eBay, Amazon et al join ID theft busters

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?