Fraudsters Intensify Efforts on Christmas Day
Consumers warned to be on their guard against festive phishing scams
22nd December, 2010
Internet experts are warning of an increase in phishing scams expected over the Christmas period as scammers focus their efforts on targeting vulnerable web users with fake ‘seasons greetings’ emails.
A significant amount of these emails are predicted to land on Christmas Day, with fraudsters foregoing their own celebrations to target web users - particularly those logging onto new computers they have received as gifts when, in their rush to try them out, internet security is not front of mind.
Nick Staib, Director, GetSafeOnline.org explains: “Often, these emails appear to be from banks, or other reputable organisations, but are really from criminals trying to lure web users to a fake website to get personal information. Last year, the HSBC fraud team saw a 60% spike in the volume of phishing emails sent out on Christmas Day. Legitimate organisations and banks never send you emails asking you to disclose PIN numbers, passwords or other personal information, or which link to a page that asks for that kind of information. If you click on a link in an email that takes you to a page requiring a password, or personal information, it is very likely to be a scam.”
Dr Bernard Herdan, CEO, National Fraud Authority, adds: “Sadly fraudsters are opportunists and often use events such as Christmas to personalise their scams. People are much more likely to open an email if it is presented in a friendly way and wishing them a ‘Happy Christmas’. It’s important that web users don’t drop their guard with online safety even when relaxing over the festive period.”
Fake emails often (but not always) display some of the following characteristics:
The sender’s email address doesn’t tally with the trusted organisation’s website address
The email is sent from a completely different address or a free web mail address
The email does not use your proper name, but uses a non-specific greeting like “dear customer”
A sense of urgency; for example the threat that unless you act immediately your account may be closed
A prominent website link. These can be forged or seem very similar to the proper address, but even a single character’s difference means a different website
A request for personal information such as user name, password or bank details
The email contains spelling and grammatical errors
You weren't expecting to get an email from the company that appears to have sent it
The entire text of the email is contained within an image rather than the usual text format
The image contains an embedded hyperlink to a bogus site
If you think you may have compromised the safety of your bank details and/or have lost money due to fraudulent misuse of your cards, you should immediately contact your bank.
For information and advice on how to guard against online fraud and other internet crime, visit the Get Safe Online website at www.getsafeonline.org. Anyone who has fallen victim to online fraud should contact Action Fraud www.actionfraud.org.uk.