Scams
Travel
10 November 2022

Beware of a British Airways scam doing the rounds

As the weather gets colder and the nights get longer, the idea of a New Year holiday in the sun becomes more and more appealing. But if the idea of a free holiday sounds appealing, please be aware that any invitations to a British Airways giveaway that are currently doing the rounds are not legitimate. The ‘British Airways Black Friday giveaway’, which Islanders have been sharing on social media and in local WhatsApp groups, is in fact a scam. British Airways have commented: “We are aware of a fraudulent promotion that is being shared via WhatsApp and social media, which has been reported. This message is not from British Airways and we advise anyone who receives it not to click any links and to report it as spam or delete it.” The Online Threat Alerts website reports that the ‘British Airways Black Friday giveaway’ promotion in fact contains a link that goes to a phishing website called shortlinks.su. They explain: “The website uses the ".su" top-level domain, which was designated for the Soviet Union (USSR). “The shortlinks.su website will attempt to trick visitors into completing surveys that steals personal information and may go to other phishing websites thats steals financial information. Therefore, if you were tricked into disclosing your financial information by the British Airways scam, please contact your bank for help.”
Money
Scams
22 September 2022

Revolut Hacked!

During the weekend of 11 September, the Revolut card system was hacked putting over 50,000 account holders' data at risk. Although affected account holders will be/have been advised, there is still a risk to other Revolut users. It is extremely important to keep vigilant as it’s likely cybercriminals will increase phishing attempts in the wake of this attack. Be alert for texts and emails that may contain malicious links. Scammers may pose as Revolut fraud staff to trick customers into divulging security details.   We're sharing Which? UK's article for you to read the full details.  
Scams
17 June 2022

Father's Day Scams

Be on your guard for scams, particularly on WhatsApp.   We're aware of a couple of scam competitions, where fraudsters are imitating companies such as Heineken and B&Q.   Please remember not to click on any links if you don't know where they have come from.
Scams
12 May 2022

Gaming Scams

Have you got two-step authentication switched on?  Many children and adults play online games using the Steam* platform, often messaging each other via the Discord** service.   As with any online platform, these are at risk of fraud and we’ve recently been made aware of a 14 year old gamer becoming the victim of a scam.  A scammer pretending to be an official administrator of Steam contacted the gamer saying the user’s account had been reported for fraudulent transactions and they were going to block it.  In order to ‘protect’ and ‘validate’ the account, the victim was instructed to by a £100 gift card. Being unfamiliar and naïve of scammers, the young gamer was worried that all gaming history and contacts would be lost, if they did not act quickly and pay the money. Using a GoHenry account, the victim paid the amount.  The scammers then took their request to the next level and asked for the gamer’s passport details. Thankfully, the young victim asked his parent where his passport was and explained why he needed it.   The parent read the threatening Discord messages and realised it was a scam, which the victim refused to believe and was more concerned that the account would be blocked. They contacted a known local gaming contact who was very helpful and explained to the victim that it was a scam and to immediately stop all communication with the scammer.  The Steam account had been compromised, as the scammer had changed the user’s password. The parent contacted Steam who were able to retrieve the account.  Due to a limit on the GoHenry account, this victim’s financial losses were limited to £100 but it has scared them and they no longer feel safe online.  Activating the two-step verification process will reduce the risk of accounts being hacked.    * Steam is an online platform where gamers can buy, play, create, and discuss PC games. The platform hosts thousands of games from both major developers and indie game designers.  ** Discord is a free voice, video, and text chat app that's used by millions of people ages 13+ to contact their gaming communities and friends. 
Scams
11 May 2022

Email and Phishing Scams

Definition of phishing (Merriam-Webster dictionary)  : the practice of tricking Internet users (as through the use of deceptive email messages or websites) into revealing personal or confidential information which can then be used illicitly    Phishing scams are used by fraudsters to trick you into giving them your personal information, including bank account details, passwords and credit card numbers. They are becoming more sophisticated, often masquerading as legitimate companies and using real logos, and are often indistinguishable from the real company, so it is always sensible to remain suspicious.   Individuals and businesses can be the targets of these scams.   In the past, it might have been easier to spot scam emails as they were filled with spelling mistakes and poor grammar, but this is not the case nowadays.  Phishing emails may contain links that, when clicked, 'infect’ your computer with a virus. It’s important not to click any links, until you are sure the sender is legitimate.    Do and Don’ts to avoid phishing scams  Do not reply to any spam mail asking you to confirm or update information about your account.   Do not click any links, especially ones that request you to login, unless you were expecting to receive it and it is from a real company/contact.  Do be careful opening attachments even if they appear to have been sent by an authorised entity.  Do not send confidential account information by email, especially your bank details, as emails can be intercepted.   Do install a firewall, anti-spyware or anti-virus software to protect your computer from any possible attacks.   Do not respond to scam emails as they often request you to call a number that is usually untraceable. Only use contact details you have and not those listed on the phishing email.  Do be suspicious and vigilant by checking the email address it has been sent from. Often the last part of the address doesn’t make sense or can have one letter different to the real company’s address, for example someone pretending to be from PayPal or Netflix may use email addresses like @paypail.com or @netfllix.com. Do not share passwords under any circumstances.    If you receive an email or fall victim to a phishing email, report it to the police or forward it to scams500@police.je.   You can also contact the Jersey Office of the Information Commissioner (JOIC) on 01534 716530 or email enquiries@jerseyoic.org if you believe personal information has been compromised, lost or accessed without your consent.     
Scams
11 May 2022

Romance Scams

Definition of catfishing (Mirriam-Webster dictionary)  : a person who sets up a false personal profile on a social networking site for fraudulent or deceptive purposes    Have you watched the Tinder Swindler on Netflix? Online dating was becoming more popular before the pandemic, but the last two years have seen this form of dating increase hugely.  Sadly, scammers are taking advantage of people looking for love with catfishing a common ploy. They pretend to be romantically attracted to a victim by building up trust and then use manipulative and gaslighting* tactics to demand money.   Many of us might be convinced we could never fall for this type of scam but, sadly, it happens too often and victims are often scammed out of thousands of pounds.    Have you received an unexpected Facebook friend request?  In this digital age, scammers frequently use social media to target individuals, often using bogus photos and stories to lure them in for example:  Facebook friend requests or messages from someone claiming to be a highly qualified professional, such as a lawyer, doctor, neurosurgeon, soldier or even helping others with the agencies, such as UNICEF.  The fraudulent Facebook profile will show photos of the scammer in exotic locations, or helping others, but these photos have usually been copied from the internet and are not the person they claim to be. A reverse image search will often find where the image has been taken from. From examples seen by the Consumer Council, profile names can often be a double Christian names such as David James; Paul Henry; Mark Frances etc, although we have also seen ones from James Henderson.    False promises  These scams are often conducted over a long period of time, building up the victim's trust.   The scammer will often ‘live’ in a different country explaining this is the reason they are unable to visit but promising to do so, as soon as they can. They may promise lavish gifts and even offer to marry the victim sending photos of the engagement ring they have apparently purchased.     Guilt tripped into sending money  Though many people won’t even meet the scammer, they frequently will be willing to transfer them vast amounts of money in the hopes of a relationship. In fact, Islanders have lost hundreds of thousands in the last few years.  Once the trust is built, the scammer will ask for money often making the victim feel guilty if they don’t send the money. It may start with relatively small requests, such as to  Help pay for a hospital bill  Pay for a child’s education  Donate to the church fund  Buy an iphone or ipad to help keep in touch  Pay for phone calls to keep in contact with you  Money for a ticket to visit you  Then the bigger payment requests start, and this is where many victims lose thousands of pounds:  Money to put a deposit on a house for you both  Problems a with a large building or legal invoice that, if unpaid, means the scammer will be jailed    How to protect yourself from falling victim to a romance scam?  Never send money to someone you haven’t met in person.   Remain skeptical and if any warning signs appear, try to remove emotion from your decision even if your ‘partner’ appears sincere.  Don’t feel guilty for refusing to make a payment and if they insist stop all contact. They are scamming you.  Don’t give out personal information especially account details.  Do a reverse image search of your admirer’s photos. Often these romance scammers will steal other people’s photos, so these may be featured on a legitimate person’s social media. Go to Google and search ‘How to reverse image search’.  Watch out for inconsistencies in their story and grammar.  Be cautious about what photos or information you share with the person. They may use compromising photos or information as blackmailing material.  If you arrange to meet them in person, inform friends and family of where you are going.     Remember, anyone of any age or gender is a target for these scams.  If you have fallen victim to romance fraud or catfishing, report it to the States of Jersey Police on 612612.  For more information, go to the Jersey Fraud Prevention website.   * Gaslighting is a form of psychological manipulation which often occurs in romantic relationships. In relation to online romance fraud, a scammer will mislead by creating a false narrative, threaten to ‘leave’ and make the victim feel guilty and question their judgments. This leads to anxiety, confusion, loss of confidence and self-esteem and usually results in the victim transferring money to keep their loved one (the scammer) happy and ensure they are not left alone.