Phishing - the simple scam that will never die

Rights, Scams and Politics

16 February 2013 | 11 Comments

These phishing scams are as old as the internet, yet people still fall for them every day.

The wonder of the internet is that sending hundreds of thousands, if not millions, of messages – spamming – is so cheap that it provides scam merchants with the biggest bang for the few cents they spend.

The second wonder of the internet is why anyone takes any notice of what they must know by now is obvious nonsense. Why does anyone fall
for tricks which are so old they have been around the block time after time? Especially when they have been the subject of warnings online, on television, in newspapers and magazines, in mailings from financial companies and just about anywhere else you can think of.

And the third wonder is the huge amount a fraudster can make if only one in 100,000 responds.

So I write this with an air of “I know I should not have to write about this for the millionth time but if someone is doing this then it is likely there will be a victim, possibly for big money.”

Phishing - the scam that won't die

The “This” is phishing - attempts by scamsters to get hold of your personal details by pretending to be your bank and claiming a security breech. Of course, they have no idea where you might bank. As a result lots of people are told that someone has their secret passwords with Barclays or Lloyds or whatever and they must contact the bank immediately or their account will be frozen or lost, even though they have never dealt with the banks in question. It's been around for years so surely everyone is aware and no one bothers to phish any more?

Wrong.  This week, I received an email headed “Errors were detected on your account (Fix Now)”. And it came from PayPal. Or at least that
is what it said – the sender was “service@paypal.co.uk but don't try it at home because it has nothing to do with the real PayPal.

It read:

from: service@paypal.co.uk <service@paypal.co.uk>

Subject: Errors Were Detected On Your Account (fix now)
Date: Tue, 12 Feb 2013 05:04:16 -0500
Reply-To:

Dear Valued Customer,

PayPal security team is sending you this notification message because we seem to be having errors in the proper verification of your account. This might be due to one of the following reasons:

*A recent Change in your Account Details
*An Internal error within our servers

CLICK HERE to rectify these Errors.

Regards,
PayPal Online Security Team.

So I clicked on the link to rectify these Errors – although I could do nothing about the errors in the grammar and erroneous use of capitals in the message itself.

But whatever the errors were, all I got was a form to fill in.  And guess what?  They want to know just about everything about me other than my great-grandfather's birthplace (which I don't know anyway).

Had I filled it in, I would have handed over my credit card details - including that three figure code on the back - so they could have spent whatever they could get away with. Credit card companies are much better these days at spotting unusual transactions – so a big purchase of something easy to sell (such as high street store vouchers) or easy to cash in (such as some airline tickets) gets picked up. 

But such protection is never guaranteed – nothing can be 100% secure.

Playing the odds

This is phishing.  PayPal says it would never communicate in this way but at first glance it looks convincing.  Now I don't have an account with PayPal. As far as possible I do not send many payments  through it – I think the last time was about three or four years ago. I find it easier to pay with my credit or debit card directly.

But the phishers are more likely to catch the unwary with PayPal than by using HSBC or NatWest. It's a simple question of odds. More people
online have or have previously had some relationship with PayPal than with HSBC or NatWest or any other high street bank.  In any case, the banks are really fast at removing phishing sites.

There's another organisation that is even more prominent than PayPal and far more in our minds especially at this time of year. So expect
a number of emails claiming to be from HMRC offering a tax rebate (usually around £280) in return for financial details to its “secure” site.

This seasonal activity is based on the recent 31st January deadline for tax returns, the end of the tax year on 5th April, and the interest in tax from next month's Budget.

Phishing folk seem stupid if you spot them – and yes, to forestall comments, I know it is obvious. But they will convince someone, maybe a vulnerable person, and they will get some money from this.  So warn those you know both about the false PayPal and those phoney HMRC
emails that will come.  HMRC has a warning about this on its website – but the problem with all such alerts is that you have to find them
before the scam merchants find you. 

Thousands are still caught each month, their identities stolen and their accounts (plus credit cards) cleaned out.

More on scams:

This vacuum cleaner scam will cost you

Criminals target doorstep charity bag collections

Warning: PayPal child pornography scam email

How to protect your PINs and passwords

Don't be a victim of ID fraud

The five most common types of fraud

The scams that target the elderly

How credit card cloning works

How to spot a fake £1 coin

Sneakiest phone scams

Comments

Be the first to comment

Do you want to comment on this article? You need to be signed in for this feature

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.

loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom. loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited. We operate as a credit broker for consumer credit and do not lend directly. Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards. While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.