/ Community, Scams

Live event: ask our experts about scams – 2pm 8/7/21

Our experts were live on Which? Conversation on 8 July 2021 answering your questions. Check the comments for their responses.

We kicked off the first in a series of live Which? Conversation events with a Q&A on scams – we were live from 2pm – 3pm on 8 July 2021 in the comments.

📄 Live scams Q&A

🗓 2pm Thursday 8 July 2021

     

We were joined by Which? experts Lauren Merryweather (scams investigations and research) and Michael Tomlinson (Which? Money Helpline). They’ve both answered as many questions as they could in the comments below..

‘Scams’ of course, is a broad area, so we were specifically calling for your questions around:

🗨 The huge rise in text message scams in the past year

🗨 How fraudsters are attempting to take advantage of the pandemic

🗨 Action you can take to spot and avoid scams

🗨 How brands can help: what should/shouldn’t they be doing?

Check the comments for the answers.

Your scams questions answered

Click or tap on each question to expand or collapse each question.

❓ I keep getting text messages from mobile numbers that say I owe return postage on a parcel. Are these scams?

From @lmerryweather

These are likely to be fake texts and you can ignore them. It’s a scam that’s been going round for quite a while now: https://www.which.co.uk/news/2021/06/three-in-five-people-have-received-a-scam-delivery-text-in-the-last-year/

The best way to stay safe from text message scams is to avoid clicking on links in texts. There’s some more advice on how to spot scam texts here: https://www.which.co.uk/consumer-rights/advice/how-to-spot-a-messaging-scam-at2fR9B2E85g

❓ I got a call from a mobile number to say I’m being frauded by Amazon

From @gmartin:

…[this] sounds very similar to the Amazon Prime scam we’ve covered here: https://conversation.which.co.uk/money/amazon-prime-renewal-scam-phone-call/

Amazon’s popularity makes it an attractive target for scammers to impersonate. We’d advise that you check your Amazon account order history to make sure there aren’t any purchases you don’t recognise. You can also turn on two-factor authentication on the account for increased security:

https://computing.which.co.uk/hc/en-gb/articles/360000243980-What-is-two-factor-authentication-and-should-you-use-it-

Thanks to Jean for asking this question.

❓ How do ‘ghost brokers’ operate?

Thanks to @malcolm-r for this question:

”How do ‘ghost brokers’ operate?
Fraudsters lure victims in with the offer of cheaper insurance premiums, usually via social media or by word-of-mouth. These individuals or groups pose as middlemen for well-known insurance companies, claiming they can offer you legitimate car insurance at a significantly cheaper price.

This type of fraud is typically carried out either by forging insurance documents, falsifying your details to bring the price down, or by taking out a genuine policy for you but cancelling it soon after.

Often, the victim is not aware that they have been scammed until they are involved in an accident and try to claim on the policy. 

I wonder how many people have been tricked in this way. Many will not know, as they point out, until they need to make a claim.

@mtomlinson shared this response

Thank you very much for this and how encouraging to see such an informative and valuable service being delivered by your neighbourhood group. Interestingly, the Which? Money magazine published an article about ghost broking in March 2020 and I have copied a link here which takes you to the digital version, from Which? News:

https://www.which.co.uk/news/2020/03/car-insurance-fraud-are-scammers-taking-you-for-a-ride/

❓ Why is Facebook allowing scammers to carry on doing what they’re doing? Why can’t social media, phone companies and network providers block these at their source?

Thanks to June Parsons and Gary Greaves for these questions

From Lauren Merryweather:

We agree, there needs to be a more proactive approach towards stopping scammers operating on Facebook. We’re hoping social media sites could be made to take greater responsibility for what’s being posted on their platforms soon when the government’s Online Safety Bill has been finalised.

Read more and share your thoughts about why scams must be included in the Online Safety Bill

❓ I’ve been receiving emails from an unknown company I’ve never dealt with. I suspect they’re a scam, what can I do about it?

Thanks to Eric Strudwick for this question:

I have recently been receiving emails from no-reply-ncbcardalerts@jncb.com

They contain details about card payment transactions. I have never had any dealings with this company and assumed that its some kind of scam.

I guess that there is also a possibility that someone has cloned my identity.

How can I check?

The answer, from Michael Tomlinson:

Yes I would very much agree with you that certainly seems like a scam email. Many scams do seem to originate from ‘out of the blue’ contact – the telephone call, text or email we were not expecting. Certainly we should all avoid clicking on any links in these emails, as this is designed to harvest our personal data and account information.

Best practice is to simply delete these emails, but you can also forward them to the National Cyber Security Centre who have the authority to shut down and websites linked to them:

report@phishing.gov.uk

Many thanks.

Read our Consumer Rights Guide on how to spot a fake email

❓ It’s difficult to determine which emails from my bank are genuine and which are scams. What is Which? doing to address this issue?

Thanks to @beryl for this question, which prompted a good discussion with others, as well as to @alfa, who shared a similar question as well as her discovery of more information from her bank

Browsing recently through emails purporting to come from my bank, it was difficult to determine which were genuine and which were scams. For example, one email was a reminder that I had not paid the minimum amount on my credit card account and was threatened with hefty overdraft charges if I didn’t pay. As I don’t bank online and always pay my credit card balance in full and in time, I assumed this was a scam.

My question is, are we reaching a critical stage where technological advantages are being overshadowed and outstripped by the scammers to the point where people, including myself, are reluctant to open and reply to any email they receive from their bank? What would be the future outcome if this were the case for more and more people and what action can Which? take to prevent this predictable eventuality?

Which? scam expert @chiara-cavaglieri couldn’t join us on the day, but was able to provide an answer in advance:

It is a sad state of affairs that we can’t always trust that an email or a phone call is genuine – scammers are using cheap tech to spoof the phone numbers and email addresses of legitimate companies. But, banks can do more to protect you – and Which? will continue to put pressure on them to do so.

For example, they can stop scammers forging their email addresses using something called DMARC (more on this here https://www.which.co.uk/news/2021/06/banks-missing-vital-protection-against-email-scams-warns-which/) and they can protect their customer facing phone numbers using the DNO database (https://www.which.co.uk/news/2021/06/is-your-bank-protecting-you-from-number-spoofing-scams/).

Customers can do their bit too – vote with your feet if your provider isn’t doing everything it can.

❓ Is it worth reporting well-known scams? Can I just ignore scams that have been well publicised?

Thanks to @wavechange for this question:

I realise that it is worthwhile reporting suspected scams but is there any point in reporting well known ones? For example, it seems pointless to report that I have had an automated call to say that my subscription to Amazon Prime has been renewed at a cost of £79.99.

Can I just ignore a scam that has been reasonably well publicised?

From Michael Tomlinson:

There’s certainly no obligation to report this to, presumably you mean, Action Fraud. The scam you refer to seems to have gone out to most of us – I’ve certainly had this Amazon cold call on more than one occasion. So it’s really our decision if we wish to spend time filling out the reporting tool on the Action Fraud website. It is useful to submit information as it does at least provide Action Fraud with data, which potentially can be used for investigations or to be able to publicise warnings to the public. But yes, I do accept that there have been numerous warnings about this particular scam already. Many thanks.

Even if scams are well known, it’s very helpful to report them to us here at Which? using our Scam Sharer tool. This helps us keep track of what scams are currently affecting people, and to help spread the word on how to protect yourself further.

Comments
Alan Costa says:
8 July 2021

I had what was probably a legitimate call from Sky Insurance regarding insuring my Sky box. As this was unexpected I wouldn’t agree anything but seems strange Sky doing this with all these scam calls around at the moment.

I think this is an excellent point, particularly as they will be fully aware that many large organisations are being impersonated by scammers. Having had a bit of a look online about possible scams linked to box insurance, it does seem there have been incidents before that have caught people out. Not proceeding at all with any ‘out of the blue’ calls is certainly best practice.

Sally says:
8 July 2021

This is a pretty hopeless way of running a ‘live’ event. I can’t really follow it at all. Please use zoom, YouTube live event or similar video conference next time.

Yes, I found it difficult at first, expecting a Zoom event or on a similar app. As installing software for any company is a specialist project by an IT, I ask that complaints on this subject be addressed to the IT team, or IT sub-contractor. It is not fair on non-IT specialist staff. Espepcially to answer a technical complaint. It took me a long while to find the correct way to enter this session. I thought at first it was on Zoom or similar. I can guess that a Zoom event might present security problems for you.
When I registered, with difficulty, I was taken back to what seemed the wrong source, and definitely not this email-linked session. It’s most unusual but good in some way to have an email session instead of Zoom. However, I agree with Sally, and the IT in-house team or IT sub-contractor has a lot to answer for.

The live event today was an interesting innovation but I can sympathise with those who found it confusing to follow. It was a bit muddled and I was hoping to find a list of prior questions that would be tackled first [hopefully to avoid repetition]. There was clearly a lack of information about how to join and how to participate.

Because the live event was embedded within a live Conversation that was already running, and in parallel with all the other active Conversations, there was no straightforward way to keep abreast of the Q&A. For a future live event I hope some way could be found in which to compartmentalise the input.

There was also a problem with some questions attracting two answers from the Which? team – and having a team approach did not seem to increase the overall throughput, so there were a surprisingly small number of points covered during the allotted timeframe.

A benefit of a text format is that it should be possible to handle several parallel lines simultaneously rather than in a Zoom presentation where the dialogue has to be in serial form. Perhaps this advantage could be developed for future application.

I am not sure it was a good idea to run the live event at the same time as Which? had dumped a big topic — the PSR on APP scams — onto Conversation which flooded it out and led to a degree of overlapping and mix-up of content. Curiously, that topic didn’t elicit any new angles on the problem and it was largely rehearsing what had been said previously. There could be lessons there in setting the question for revitalised Conversations.

It will be worth doing this kind of activity again as well as trying out some different formats.

In February 2021 an imposter fraudulently set up an account in my name with the financial services company, ClearScore. It was lucky that I picked up on this quickly to prevent financial loss but, during my investigation into what happened I found that all such financial information and credit rating agencies have a really low barrier to entry for new applicants. I found that these agencies do not ask for an applicant’s current address and only ask for one “within the last 3 years”! ClearScore say they “know of the challenges in this area” (not asking an applicant what their current address is) and it seems are not willing to close this loophole in their application process.

The FCA will not act on a single person’s complaint and the FOS do not have the powers to ask the companies to change their processes. I have now taken this to the ICO, as they do have powers of enforcement, but it would be great if Which lobbied these agencies to fix this loophole and make it more difficult for fraudsters to gain access to individual’s financial information by impersonation with financial institutions such as Credit Rating and Information Agencies.

After all, aren’t these supposed to be the guardians of our personal financial and credit information?

Received an email from Amazon stating an order I did not purchase, what should I do.

Ignore it. Or, if in doubt, log into your Amazon account to see if the order is there in your history.

Hi Barry – that’s good advice from Annie. Please do check your purchase history – if the order isn’t there then the email is almost certainly fake. However, for extra security you should set up two-factor authentication on your Amazon account (https://computing.which.co.uk/hc/en-gb/articles/360000243980-What-is-two-factor-authentication-and-should-you-use-it- )

If you do spot any orders on your account that you don’t recognise you should let your bank and Amazon know ASAP.

It’s likely fake – this is a common scam. If you’re worried, you can check the order history on your Amazon account.

Here’s some info and advice on phishing scams you might find useful: https://www.which.co.uk/consumer-rights/advice/how-to-spot-an-email-scam-au5Lt0O3EgcP

Is there a scam email which can hack or phish just by opening it, never mind clicking on links and providing personal details?

Mike Bear says:
8 July 2021

Amazon are pretty good at sorting these issues out. Check if the email did actually emanate from them and isn’t a spoof. As said DO NOT click on any links!

No. That’s usually a social media scam designed to turn you into a spammer by asking you to share the message with everyone on your contact list. Nothing, ever, needs sharing with everyone you know – on social media, on email or by any other method. It just makes you a spammer.

Has anyone else experienced a Sainsbury delivery scam? I have used Sainsburys but had not made a recent order. I had an exactly Sainsburys worded text message about a food delivery I was supposed to have made. I even had a phone call/vm (I did not answer) in the delivery time slot quoted in the text saying they were trying to find me. I called Sainsburys who confirmed there were no orders on my account. Completely inexplicable.

Also this morning I had the usual call from Amazon about being on prime and to press 1/2 etc…I simply blocked that number but it is irritating.

This is very interesting and whilst I have spoken to numerous callers to the Which? Money Helpline about the delivery text scams and fake texts from banks, I don’t recall speaking to anyone about supermarket texts as yet. However, it certainly makes sense as an ‘angle’ that scammers could use. I presume it asks to click on a link somewhere in the content of the text, which of course should always be avoided.

I have been helping someone who, over the last few years. has been inundated with high pressure sales calls for appliance insurance. Perhaps not always scams in the pure sense but it is quite alarming how these companies can prey on the elderly and vulnerable. They get them into recurring contracts often with heavy up front payments and smaller recurring ones. You can soon pay well over the cost of repairs or a new appliance.
There do seem to be some reputable companies but too many with dubious tactics.

We have helped many residents recently with this ‘scam’ – like you say, not always bad companies, but just hard sales over the phone. Our residents have been lucky when we have tackled these and got some of their money back and stopped any more money going out on a monthly basis. We also then fit them a callblocker which stops the majority of these calls getting through. But I agree, they are inundated with them.

Thanks for telling us about this. This is a really big problem we’ve been investigating for a long time now. They could consider getting a call blocking device or phone which should stop these kinds of calls. You might find this useful: https://www.which.co.uk/reviews/cordless-phones/article/how-to-block-nuisance-calls-aHkHz1m7wCes

I find the amount of text scams I get seems never-ending 🙁 I try and block the number where I can but is there a better way of reporting these? It can be very time consuming trying to dig out the email addresses for the likes of Royal Mail or HMRC so wondered what advice you could share?

Yes, I myself have noticed an increase in scam texts received recently. If only there was a way to completely stop them but for now, it’s a case of simply deleting them and certainly avoid clicking on any contained links. We do have some information about text scams on the Which? Consumer Rights website:

https://www.which.co.uk/consumer-rights/advice/how-do-i-stop-unwanted-premium-rate-texts-a3WoY1S9jFjF

Thanks for the reply Michael and I’ll check out that link.

harry Watters says:
8 July 2021

Has Which ever looked at The Company Digital river which seems to have lots of problems collecting payments via paypal. seems pay pal might not be such a good pal

I have to go out now. Can I access the chat at a later time please?

Tina Langdon says:
8 July 2021

Good afternoon.
Have you had many people contact you about Clifton Consulting LLC? The Jersey Consumer Council was first made aware of this investment scam in March and have received enquiries from both Jersey and UK residents.
Thank you

Hi Tina.

I work for the Which? Money Helpline and admittedly this name isn’t familiar to me, so I’m not sure we have received any calls from our readers about them.

Please can I recommend website https://www.friendsagainstscams.org.uk/ run by National Trading Standards – Maggie Lewis (Oxford Neighbourhood Watch)

Hi Maggie – absolutely 🙂 We’re a fan of Friends Against Scams’ work and have had them here on Which? Conversation as guests in the past: https://conversation.which.co.uk/scams/friends-against-scams-fasathon-2020/

K_f_Hanna says:
8 July 2021

I get several emails a day about bitcoin. I have outlook.com as my email provider. I use the spam filter provided but they just keep evolving with new email addresses. Any tips on how to cut down on these emails?

[Moderator: we’ve edited your username to remove personally identifiable information, as this is not allowed in the Community guidelines. Please don’t post people’s names, addresses, or other personally identifiable information – even if you suspect it is made up. This is to protect everyone’s privacy.]

As do I. My spam and junk boxes are full of emails about bitcoin, which of course are all fake. If only there was a way to cut down the amount we both receive but scammers send phishing emails to thousands and thousands of email addresses every day. Of course all they need is 2 or 3 people to believe the email and respond.

Best practice is simply to delete, but we can all forward phishing emails to the National Cyber Security Centre:

report@phishing.gov.uk

as they have the authority to shut down websites linked to these emails. Many thanks.

Will you be keeping these comments so we can view again?

Hi Maggie, yes the comments will be available to read whenever is best for you.

Many thanks, you are getting a great response!

Heather says:
8 July 2021

Good Afternoon, I sometimes get scam emails that refuse to be ‘blocked’ or ‘reported’ and deleted! I have to go through the process several times before they dissappear! Can you tell me why this happens and how I caneresolve the issue? Thank you.

Heather says:
8 July 2021

Many thanks Jon! That’s great!

Mark Ellis says:
8 July 2021

Perhaps a question for Vodafone but how do scammers manage to buy bulk quantities of SIM’s (Vodafone according to Who Called tracker) to make calls to mobile phones with recorded messages, insurance claims and expensive (charged) call back numbers ? I have had the same scam calls from several Vodaphone numbers over a period of weeks.

Diana Abramova says:
8 July 2021

I cannot find a link to watch and am disappointed. If recorded please let me know how to watch and with a link. Thank You

Hey Diana, we’ll be answering the questions in the comments below, so please feel free to add your questions for the team 🙂

I get bombarded by cold calls day and night, and when I google the number it suggests it’s a scam. I keep blocking the numbers but they just call from a brand new number. What’s the best way to deal with scam callers?

Thanks for the comment and I have noticed an increase myself, very recently infact. Frankly I simply do not answer the phone if I don’t recognise the number. If it was genuine, they can always leave a message. Scammers want people to answer and engage in conversation with them so preventing this from happening, by not answering, is best practice.
It’s much better for cold calls to landline numbers now as the likes of BT, Sky and Talk Talk etc have developed call blocking services, which means the caller has to announce themselves first before you have even picked up the phone. BT Call Guardian and Sky Shield are examples. When I speak to people on the Which? Money Helpline, who have such a service in place, I am often told that they have reduced the amount of cold calls received significantly. It would be great if something equivalent could be developed for our mobile devices

Rodger says:
8 July 2021

Purchase of telephone numbers. I know it is legal to buy the use of a telephone number or block of telephone numbers for any area in the UK, which is what a lot of tradespeople do to make it appear that you are dealing with a local company to your area. These numbers have also been known to have been purchased by overseas individuals in order to conduct fraudulent business. Are there any government controls on this?

Anne says:
8 July 2021

I was scammed by a caller allegedly from Bt asking me if I had made changes to my IP address. Alleged this had been done accidentally by Openreach working in the area – made public. I did not ask him for my account details but I did ask about my name and he knew my “ official” name which is only on documents and was the name on my bank account to pay BT. He asked me if he could help me to make my IP private again as this was v important that it be so being worried about security I agreed. He asked me to download an app which on opening said – incoming call secure and then BT SECURE SERVER. He proceeded then to make my email etc secure. He asked me to check my bank account to see if it was ok as with IP being public it could be compromised. I did so but all was ok. At no time did I give out my personal details or my pin – in fact when I opened the mobile app to “ secure “ it ( this was much later when the server was supposed to be working to secure my IP ) he warned me not to put in my pin but to use the added online security. I had no idea he was in my account nor did the bank notify me that a new payee had been set up. The end result was a loss of a large sum of money for which the bank say I am liable as the beneficiary could only have been set up using a mobile device. No one from the bank really took the time to talk to me and find out EXACTLY what happened. It’s currently with the ombudsman

This is just an awful experience to have gone through and sadly one that I hear about regularly from people who have experienced something similar and call in to the Which? Money Helpline.

I’m wondering if the App you were asked to download was a form of 3rd party remote access software – examples of this are Team Viewer, Quick Access and Any Desk. They are perfectly legitimate tools but can sometimes be used by scammers to gain control of our tech devices. We have published an article about this in the Which? Money magazine back in November 2020 and here is a link to the digital version:

https://www.which.co.uk/news/2020/11/remote-access-scams-the-call-that-could-wipe-out-your-life-savings/

The important point here is whether your loss of money was authorised or unauthorised. Am I to understand that in this case, the scammers transferred the money out of the account, because they had access to your computer device? I would class this therefore as unauthorised – you were not expecting the money to leave your account. Banks have to follow the rules set by the Financial Conduct Authority and they have such a rule related for unauthorised transactions which states that banks should refund. It is more difficult for authorised payments. The FCA rules on this are on the following link:

https://www.fca.org.uk/consumers/unauthorised-payments-account

Obviously without knowing the full details of this and without knowing precisely how your bank has worded their decision to refund you, my initial thought is that they have made the wrong decision, if the loss of money was indeed unauthorised. Therefore I think you have very much done the right thing in passing this now to the Ombudsman.