Staying alert for fraud
Protect your personal information and identity
Fraudulent activity across the banking and financial services industry is on the increase. Criminals are contacting individuals in a variety of different ways, often claiming to be from trusted organisations such as the government, HM Revenue and Customs (HMRC) or a bank. Regardless of how they make contact, their aim is to deceive people into disclosing personal security information.
In some cases this has led to the victims losing considerable sums of money.
Please be extra cautious when receiving any kind of contact, including texts, emails or calls requesting money, asking for personal details or to click on a link, and never disclose confidential information. At Handelsbanken Wealth Management, we will never ask you for confidential online banking information. If you have any concerns, please contact your Client Director or the Client Support team immediately.
Top tips to protect yourself online
- Never disclose your security details with others
- Use strong passwords/PINs
- Do not use the same password/PIN for more than one account
- Never write your passwords down
- Only save passwords on private devices
- Keep firewalls and anti-virus software up to date on all devices
- Limit the amount of personal information you provide on social media
- Make sure you have strong security settings on social media
- Only accept online friend requests from people you know
- Don’t do online banking on public wifi
Source: Your Money Matters (Young Money)
Social Engineering is the use of deception to trick people into performing actions or divulging confidential/ personal information for the purpose of data gathering, fraud or systems access. This tactic used by fraudsters is very effective as it manipulates the natural human instinct to trust. Victims are contacted by fraudsters through various channels and duped into releasing information or taking actions which assist the criminals in perpetrating fraud.
Examples of Social Engineering Scams:
Vishing (telephone calls): Fraudsters cold call you at home or on your mobile pretending to be from a trusted organisation – like your bank, the police, a utility provider or a computer company. They may already have some of your details that they will use to convince you that they are genuine.
Smishing (Text message / SMS scams): Fraudsters obtain personal details of a victim by SMS text messages. They usually claim to be from your bank or a company that you have an account or subscription with (eg Netflix, Apple, Paypal). The communication may involve a problem with a recent purchase, suspicious activity on your account, or the need to verify account details, and will either contain a link or a number to call.
Phishing (Email scams): Fraudsters send bogus emails to victims with the intention of tricking people into doing ‘the wrong things’ such as clicking a link which will infect your computer/device, extracting data or instructing a course of action to perpetrate a fraud. Phishing can be conducted via a text message, social media, or by phone, but the term ‘phishing’ is mainly used to describe attacks that arrive by email.
If you think the email is fake don’t reply or release any information – a reply tells the fraudster that the email address is live and you are there.
Other examples of Scams
Hoax official scams: Hoax official scams happen when victims are contacted by bogus individuals who claim to be officials such as police officers, HMRC or bank fraud professionals. The scammers usually contact victims by phone but can also send false documentation via phone or post to make their claims appear more legitimate. The scams are aimed at convincing victims to part with their cash by using scare-tactics. Bogus HMRC calls insist victims must make immediate payments to avoid heavy taxes or legal action. Bogus police calls pressurise victims to withdraw high volumes of cash to be either collected by courier or placed into a safe account to support a top secret investigation into bank corruption. And fake fraud calls claiming to be from banks rush victims into releasing personal information and bank credentials by stating that this information is required to stop live fraudulent transactions debiting the victims accounts.
Investment scams: Investments scams happen when fraudsters convince people to part with their money and invest in fictitious opportunities by providing untrue and misleading information. Fraudsters will often target people via cold calls or emails, and claim to be offering low risk investments which can provide quick and high returns, but if the return sounds too good to be true it probably is! Fraudsters will be persistent and will go to great lengths to scam people by producing convincing paperwork and impressive websites, all to help legitimise the investment. Investment scams can be devastating for victims, with recent reports from the FCA stating that victims lose an average of 22 years of pension savings.
Spot the warning signs:
- Unexpected contact– traditionally scammers cold-call but contact can also come from online sources e.g. email or social media, post, word of mouth or even in person at a seminar or exhibition.
- Time pressure – they might offer you a bonus or discount if you invest before a set date or say the opportunity is only available for a short period.
- Social proof – they may share fake reviews and claim other clients have invested or want in on the deal.
- Unrealistic returns – fraudsters often promise tempting returns that sound too good to be true, such as much better interest rates than elsewhere.
- False authority - using convincing literature and websites, claiming to be regulated, speaking with authority on investment products.
- Flattery – building a friendship with you to lull you into a false sense of security.
Customers should always do their research:
- Is the company FCA regulated?
- Do they appear on the FCA warning list?
- Are they impersonating a legitimate investment company?
- Seek impartial advice
See the FCA website below on how to stay Scamsmart - www.fca.org.uk/scamsmart
Stay Safe – Stay Secure
General rules to protect yourself and others:
- Never provide your full PINs or passwords online – you could be reacting to fake requests generated by malware.
- Never verbally provide your full PIN or password or any system access /challenge codes over the telephone - beware of imposters making vishing calls.
- Never provide access / challenge codes to third parties, even if they claim to be from your Bank or the police. Your log-in credentials are for you and you alone - don’t let a hoax caller rush you into releasing them by using social engineering tactics.
- Don’t be rushed into making a decision. It is sounds too good to be true it probably is.
- Only purchase goods and services from legitimate retailers and take a moment to think before parting with money or personal information.
- Don’t assume everyone is genuine. It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
- If someone claims to represent a charity, ask them for ID. Be suspicious of requests for money up front. If someone attempts to pressurise you into accepting a service they are unlikely to be genuine. Check with family and friends before accepting offers of help if you are unsure.
- For advice on scams call Citizens Advice Consumer Helpline on 0808 223 11 33
- To report a scam call Action Fraud on 0300 123 2040
- Contact your bank if you think you have been scammed.
Remember that fraud can happen at any time and catch you off-guard so ensure you are always vigilant. If you do see something that doesn’t look right and think you may have been defrauded, don’t delay, it is far better to be safe than sorry.
Measures taken at Handelsbanken Wealth Management to ensure your accounts stay safe
Should we receive an email or telephone call from a client or third party to discuss any account(s) or provide any instructions, we always undertake the necessary verification checks. This may include asking you to confirm your full name, date of birth, address, type of accounts that you hold with us etc.
If an email sets out an instruction, such as a withdrawal request, or some change to a client’s data, then we would always contact the individual on a telephone number that we already hold on file to confirm this instruction. We will never change a client’s address, banks details or authority instructions without speaking with the client beforehand.
Get Safe Online is the UK’s leading source of information and advice on online safety and security, for the public and small businesses. It is a not-for-profit, public/private sector partnership backed by a number of government departments, law enforcement agencies and leading organisations in internet security, banking and retail.
For more information and expert, easy-to-follow, impartial advice on safeguarding yourself, your family, finances, devices and workplace, visit www.getsafeonline.org.
If you think you have been a victim of fraud, report it to Action Fraud at www.actionfraud.police.uk or by calling 0300 123 2040. If you are in Scotland, contact Police Scotland on 101.
- Financial Conduct Authority: www.fca.org.uk/scamsmart
- Get Safe Online: www.getsafeonline.org
- Take Five: www.takefive-stopfraud.org.uk