/ Shopping, Technology

The North/South divide of online scams

We’re all at risk of online scams, but why are some types more common in the North than in the South? Wherever you live, it’s worth keeping up to date on how to stay safe…

Online scams are on the rise – and it seems that where you live could influence the type of scam you need to watch out for.

Based on the five months leading up to December 2014, figures from Action Fraud show that online shopping and auction scams are most common in the North. In contrast, computer software fraud and online bank account scams are more typical in the South.

Regional differences for online scams

What’s less clear is why the same trends don’t apply across all of the UK. Online shopping scams accounted for 35% of the scam reports in Scotland, 21% of those in the North East, 24% in the North West and 25% in Yorkshire and Humberside.

But head south of the Midlands and the most commonly reported scams relate to computer software service fraud (Wales and the South West) and cheque, plastic card and online bank accounts (East, South East and London).

London seems to be the place for bank scams, with 50% more of these reported than online shopping scams. But it’s not as though Londoners don’t shop online – in fact, research suggests that Londoners are more likely than anyone to buy certain goods over the internet.

So what’s going on? Do scammers live in regional hubs with specialised scamming skills? Do those with a particular talent for online shopping scams gravitate towards the North, while fraudsters with a flair for card scams move south?

Whatever the cause, make sure you know how to spot and avoid some of the most common types of cyber crime doing the rounds.

How to spot a cyber crime

So how do online shopping scams work? Victims may be sent a phishing email that looks like it’s from a credible source, such as an online shop, auction site or payment gateway (such as PayPal). It will ask them to update their personal details – or even bank account information – by following a link to a copycat site. Once they have this information, the scammers could use it to steal a victim’s ID or money.

It’s important spot these scams quickly so you can steer well clear. So for those of you with a love of internet shopping, hear are some tips:

  • If you get an email from a site you use regularly, asking you to update your details, don’t follow the link. Instead, go to the site directly to see whether the request’s genuine.
  • Try to avoid paying by transfer; opt for a credit card or PayPal.

And to avoid anyone snooping around your bank account follow these tips:

  • Banks will never contact their customers by email to ask for passwords or other sensitive information.
  • Watch out for emails containing grammatical errors, typos or oddly placed capitals; they’re sometimes written that way to get round spam filters.
  • The phone number or email address might look legit, but this is no guarantee the person’s really from the company they say they are.

Also, remember there are computer software scams too:

  • Don’t allow anyone spontaneous remote access to your computer.
  • The ‘Microsoft lottery’ doesn’t exist, so unfortunately you can’t have won it.

Have you been scammed online or fallen victim to a fraudster? Do you have any top tips for avoiding these types of scam?


Within the last 3 days I’ve started seeing RayBan ads appear on my facebook wall. So I reported them to RayBan as suspected scams. RayBan’s have already come back saying the 1st is definitely selling fakes. I’m expecting the same response for the other one.

A few months back 2 friends posted links to a “win an audi r8 competition”. Guess what, also a scam. And almost 20k people had liked it. Sigh.

Top Tips: don’t trust anything you see on facebook, especially when linked by “friends” always look at the address of links by checking the tootltip if you have one.

https in the address doesn’t guarantee the site can be trusted, just that the payment on it will be encrypted making snooping between you and the site harder.

I have never been victim of a scam and I hope that the same applies to most people. Does Which have any information on the percentage of people who have been scammed?

I very much support efforts to stamp out the problem.

My mum had a phone call asking for my dad, claiming to be his bank and that fraudulent activity had been detected on his cards. I gather this is a very common scam. Luckily I’ve trained my mum and when asked what bank my dad uses she replied, you said you’ve got a system in front of you, you tell me. They quoted 2 banks and luckily he uses neither.

So another tip, don’t trust phone callers, make them prove they are who they say they are.

Martina says:
23 January 2015

Well done William. These types of scams particularly target the elderly who may not be using the internet and are not as savvy when it comes to searching for scam advice.
Good advice is also to say ‘thank you, I will pop into my local branch right now to sort it out’ as a rule. Ends all other conversations about it and if the call is real they won’t mind.

I once nearly fell for a scam when confronted with a very authentic ooking e-mail purporting to come from MSN. I had sufficient doubts about it being genuine so I just saved it without responding in any way. I thought that if MSN really were going to do what this e-mail said, either they would have annonced it already [and they hadn’t], or they would send me a further notice closer to the expiry date for action. Eventually this date came and went and some time later I received an identical e-mail – the scammers hadn’t even changed the date, so I realised it was all wrong and deleted all traces of it. The original e-mail was so clever and looked so right that I am sure many people must have responded. I’m just glad I procrastinated. My tip is to treat anything that looks important that you have not seen before, or has not been pre-notified or announced officially, as suspicious – even if it’s got your name on it.

Scammers mostly contact us in a baited trawling expedition where a million e-mails might net a hundred flounders. But there are other scams which people walk right into because they have not looked around first. This is evidenced by the sorry tales of those who have been caught by a copycat website [see related Conversations]. The clue is to look for what’s not being said rather than what is. If it doesn’t say GOV.UK then it is not official. If it doesn’t say it is an agency of, or affiliated to, the government then it isn’t. If it says it is not affiliated [as so many do, somewhere] and you cary on entering the site then you can’t expect the authorities to get you out of the jam – so look around, carefully, and take your time. Having a mimic web address is such a give-away but if you’ve never used a site before you might not know whether or not it is the genuine article, so take your time especially if you’re ina hurry; look at others on the list; read exactly what the website says it does – and think about what it doesn’t say it does. Count to ten before committing. Once your money’s gone you’ve had it – the catch is set at a level that will not be worth your while pursuing by lawful means. Scammers prey on the unprepared, so – . . . . . . And anticipate the unexpected.

Suzanne Hutchinson says:
24 January 2015

Had what purported to be a gov.uk website: charitycommission@gsi.gov.uk. Spot the clue. Googled charity commission, and no gsi.

Martina says:
23 January 2015

In response to scams on Facebook – often scammers will use pages on social media to gain followers, which can make some people believe that they have credibility. Even if no one likes a page, it is important to remember that followers and likes can be bought for all social media platforms. Scams are so rife nowadays and as this article suggests, scammers do target specific audiences with specific scams. Often, by calling, they confirm details that are then sold to other scammers for profit and exploited. People need to also be aware why there they are vulnerable, something I am trying to research and develop better measures of testing for that (i.e. impulsive people will be more likely to invest in financial ventures and therefore more vulnerable to those scams and those that panic when down are likely to make emotional rather than rational decisions).

John is right, we should anticipate the unexpected. So many scam warnings concentrate on warning us about scams that are already in use but scammers often come up with new ones at a drop of a hat. Being generally vigilant and having strategies in place is better than just keeping up with current warnings. And use Google and social media to check stuff, put emails into Google, into facebook… and you may come up with discrepancies that will warn you. Even a tiniest of doubts – walk away.

[This comment has been edited to align with our commenting guidelines. Thanks, mods]

doddy says:
24 January 2015

Any email I receive I delete. If I want to contact my bank, Paypal etc, I always go in through the front door as you might say, into the website.

Idabella says:
24 January 2015

I regularly get emails from PayPal, saying that x amount of money is being taken from my account on such and such a date, if I am concerned about this debit please follow links and update my details etc. I also have received some emails purporting to be from BT saying they can’t debit my account and please would I update my details. I know these are scams, but they do look ‘real’ and some unsuspecting people would/could enter their bank details.

Some time ago when looking on a dating website I sometimes clicked onto a profile of a “lady” Seems as a result, that scammers emailed me with enticing profiles of much younger females from several different parts of the world.I was in my late 60 s at the time but as a Scot and dinna like parting with my money I treated the situation with suspicion, but strung them along .Then came a request for me to send an airline ticket so that the lady could visit me ! With no tickets arriving they asked why .I replied that it was a scam and the tickets would have been cashed in. Surprise surprise no more emails .

Mike says:
24 January 2015

Always check the sender email address if you’re at all suspicious. I’ve seen “Paypai”, “Paypa1” and other variations of Paypal. If the email says “Dear Valued Customer”, it’s probably fake. Any company who either keeps or takes your money would never ask you to enter security information in an email. Lotteries you haven’t entered, you can’t win! Be aware that scam emails can involve banks, supermarkets, couriers, accountants, conservatory manufacturers, in fact anyone. Don’t be surprised to see emails purporting to be from Tesco or Sainsbury’s or even a double glazing company you’ve never heard of. They may be suggesting you owe them money and should view the attached invoice (probably a .doc or .zip) file. Don’t open attachments unless you are absolutely certain the email is genuine. If in doubt look up the phone number for the organisation (not the one in the email!) and call them to check. Google the details to see if scams are circulating from that company. Take your time and check things out if you’re unsure; don’t take a risk. Don’t forget the old adage “if it seems too good to be true, it probably is”. Stay alert, don’t click the link until you are certain it’s genuine.
Regarding phone calls that ask for sensitive information – don’t say anything except that you will contact the organisation yourself, and then put the phone down. Don’t engage in any conversation or ask them to prove themselves, just end the conversation and check with the organisation directly. Look up the phone number yourself, don’t take one off the caller!

Concerned Friend says:
24 January 2015

An elderly friend of mine has been targeted by an Australian Lottery Syndicate scam consistently for 3 years. They are now “introducing” her to an American Lottery Syndicate. Every week she receives a letter in the post saying she stands a chance of winning ‘X’ Millions if she sends a minimum of £X. They also string her along with “representatives will be in her area and can they visit on a given date”. Needless to say she has never won and never had a visit.

Despite family and friends , as well advice and guidance from the police, telling her it is a scam, she continues to send money.

Keep an eye on your elderly friends and family to make sure this very vulnerable and susceptible group of people are not being targeted.

This is only effective if they are willing to accept advice.
As you have shown, this is not always accepted as scammers know only too well.
Perhaps Psychologists need to research why some people continue to accept scammers statements in spite of official advice from the Police and other Authorities.
Sometimes, only a shock will jolt them out of their trance.

Even people of sound mind and judgment with senior positions and [apparently] most of their faculties in place are prey to lottery and other windfall scams. The lure of a sizeable but not unrealistic prize captivates them and it can take some persuading to convince them that they are being conned – the very notion is unthinkable to them. The money spent by the promoters of these false draws in the printing of authentic-looking tickets, envelopes, telephone lines and postage makes the victims think it must be genuine and they just will not see that it is too good to be true. Hence, despite all that outlay, the scammers reap big rewards. The only thing that might hold some people back from posting off a cheque is that the perpetrators have over-egged the pudding and made it just too implausible for sensible people to fall for it; nevertheless, thousands of others do.

All good advice – but one thing I haven’t seen yet is the fact that most banks, building societies and major companies have their own phishing investigation team. Every time I get a suspicious email purporting to be from one of these companies, I go to the fraud section of the website (usually listed in the ‘Contact Us’ section or at the bottom of the page) and check their advice which is usually to forward the message to the phishing department of the organisation – i.e. phishing@uk.tesco.com, for them to investigate and hopefully assist them to develop more secure systems.
If everybody forwarded all suspicious messages in this manner I’m sure that the targeted companies could take more action against the fraudsters and ultimately be more accountable themselves if they ignore the continuing threats.
(Tesco’s phishing used as an example only because I forwarded two messages to the yesterday supposedly from Tesco’s Bank)
I would also suggest that everyone ensures that all suspicious messages are transferred automatically to the ‘Spam’ section of their e-mail, or manually before being opened for a peek, as this will disable all of the dangerous links and enable the message to be read and forwarded without danger – I use GMail which, so far, has proved excellent in identifying and segregating this threat.

J G Fox says:
24 January 2015

What is being done in our schools to educate young people of the dangers (as well as the benefits) of the internet?

Andrew P says:
24 January 2015

e-safety education is a high priority in most schools and Ofsted inspects it (google ‘esafety Ofsted’). While it is predominantly concerned with cyber bullying and the dangers posed by sexual predators the issues raised by this article should also be covered. Parents have a role to play as well, of course!

Ann Cummins says:
24 January 2015

I had an e-mail purporting to be from a friend of mine who lives in remotest Scotland and who travels extensively telling me that he had had his wallet stolen and he was in ?Uzbekistan and needed to have £900 to get him back to the UK. He gave more details and it all sounded very plausible – I replied saying I would send him half the money and perhaps one of his other friends who were included in the e-mail could add the rest. I even went so far as finding a place which transmitted money abroad. Something made me suspicious when I got a reply to my e-mail – a word misspelt or something and I decided to phone one of his friends to see if he had responded and of course he told me it was a scam! He had had the e-mail but he knew about it because it had been used so many times. I then phoned my friend who was actually at home in Scotland.
For some weeks after that I kept getting e-mail from Russian addresses.

Nick Westwood says:
24 January 2015

Same happened to me, an email from a long time friend saying he was in Turkey, got mugged, couldnt pay his hotel bill, needed money to fly home.
I went down to western union, and nearly sent the 1500 quid asked for, but had second thoughts.
I asked him by email to confirm which city we first met and worked together – no reply.
Guess I was lucky, his email address had been hacked, and although he knew; he hadnt bothered to tell any of his contacts………..

These have been quite common for years. Copy and paste some of the text into Google and you are likely to find several sites identifying it as a scam.

John says:
24 January 2015

I had one of these emails purporting to come from a friend saying she had been in an motor accident in Spain and needed 2000 Euros bail money so that she could come home. Unfortunately for the scammer she was sat behind me talking to my wife at to time.
I responded to the email telling them that it was a scam and where the the requester was. I have never had another one like that!

buff bottom says:
26 January 2015

I have had quite a few of these in the past few years. Some one had accessed a person’s e_ mail account and sent e- mails to everyone in their address book and I happened to be one of the recipient’s. The grammar is usually fairly bad, I just do not open anything these days if it looks the slightest bit suspect.

I understand that Western Union is used by scammers to prevent the money from being traced. I would never use it.

John T says:
25 January 2015

I am regularly receiving landline and mobile telephone calls from two numbers which merely ring for no more than twice and ring off. If I answer before they do so, the caller does not speak but rings off. I never ring back as I assume a scam of some sort would hit me! For information, the numbers are: 0203 837 8445 and 0203 8445 8454. Anyone else similarly pestered?

A Google search reveals that these numbers belong to Unicef.

Maryna says:
26 January 2015

Couple weeks ago I received very susicious call claiming that there was an issue with my Windows reported or something along those lines.Something did not sound right and immediately I was very cautious. They claimed they called from my work IT department, but they never mentioned what company they allegedly worked at (and I have never mentioned name of my employer either not to make life easier for them!). They were very insisting and tried to trick my to go into my Windows settings, but I told them that I don’t know who they were and in case there are indeed issues with my PC, than they should contact me throguh standard channels (work email or internal communicator). They still didnt’want to budge and had to hang up on them and they still called me twice afterwards.
Never heard of such scam and not sure what they would achieve through this, but obviously not going to let anyone fiddle with my Windows so easily!

buff bottom says:
26 January 2015

Yep, had this one as well, a caller usually from Indian sounding male phoning from Microsoft to inform me there was a problem with my computer. I usually tell them they know absolutely nothing about my computer ……There follows a bit of a silence and the line goes dead, I have had so many of these calls I have lost count.

I have had a number of calls which I recognised from the outset were scams – but I strung them along for a while.
The story was that about 6-8 weeks ago I had spoken to another of their consultants and paid them (perhaps) £49.50 for them to do work to stop me getting unsolicited phone calls. Did I remember? – No matter, it was a time ago. Anyway, the good news was that they had now done all the necessary work – not only registering me with the Telephone Preferential (sic) Service, but also writing to every company which might want to contact me, advising them that such calls would be unwelcome. So, now the final part of the exercise could take place – they could write to me officially to tell me that the work had been completed. Of course, it would be very remiss of them to send this letter to the wrong place, so, for security reasons, I needed to confirm my identity by verifying the card I had used previously for the payment. The idea was that a) I would say which card I had used, b) they would tell me some of the digits of the card number, and c) I would tell them some of the digits.
Of course, the digits they planned to tell me would be the ones that relate to the bank that issued the card which they would know when I told them which bank had issued the card. When I refused to give the card details, one caller told me that this would effectively be a cancellation of the agreement (which, according to the story I had already paid for) and therefore a cancellation charge of a further £49.50 would have to be issued. That charge has not yet appeared (I’m glad to say) – presumably because they do not know my card number!

Good advice in the article but I’ve seen other “scam warning articles” giving advice on “how you check if a call or an email is genuine”? Well my position is we should just assume that none are genuine.. That way you won’t go far wrong. Banks and credit card companies don’t email or phone asking for details of your account and they’ve told us all this many times so if a caller or an email does ask then it’s a scam, even if they don’t ask then but try some other way to get info from you it’s still a scam. So rather than go off to check if it’s genuine just assume it’s not. If your Bank really wants to contact you don’t worry they will do it in a secure way usually by letter asking you to contact them. They will also stop cards and sometimes freeze accounts if they think anything is wrong that way they will certainly get your attention and you’ll contact them, and not the other way around by phone or email.

This comment was removed at the request of the user

I have recently been receiving emails (on my hotmail account) supposedly from people listed in my address book.
It is obviously not from the people concerned as these emails refer me to a link which automatically appears suspicious.
The body of the email shows my contact’s full email address, but when I look more closely, the email is listed as having come from another email address.
The part in front of the @ sign is the same, but the text after the @ is different.
This has happened with several contacts. It appears that someone may be harvesting my address book.
I use windows defender, Malwarebytes anti malware, and windows updates are set to download automatically.
I avoid clicking on links in emails.
Has anyone come across this problem?