Scammers are masquerading as government departments or major companies in an effort to dupe people into parting with their bank details., according to a new study.
Research by Which? found there are a range of frauds, varying in their sophistication.
In one of the "phishing" scams, the consumer is sent an email which looks as though it comes from a government department. In fact, it is designed to solicit personal information.
Which? members monitoring scam communications received two versions of this type.
One claimed to be from HMRC and said the recipient was due a tax rebate, and others claimed to be from Government Gateway. The genuine Government Gateway website is used to access government services, such as those for tax self-assessments.
The two versions had a document to download (likely to contain a virus) or a link to follow asking the person to fill in their details. The more sophisticated versions used the relevant government department logo.
Which? offered advice for spotting this kind of scam:
Look out for poor English, including spelling and grammar.
Check that the email address is genuine and compare it with the sender's address.
In another scam, those behind it use big-name brands for their phishing - they masquerade as a popular service or shop. The companies most commonly mimicked were Amazon, BT, Apple iTunes, Paypal and TalkTalk.
Common communications were to say the consumer's account had been frozen, that they had ordered something they had not, or there was a security alert on their account. All gave a link to a website asking for personal details.
When researchers clicked through to see where they would end up, they found fake websites which cleverly mimicked the originals. When a person fills in the relevant details (for example to verify their iTunes account), they inadvertently give the scammers access to the relevant account or their bank details. People are advised to check URLs to spot a fake.
Scams involving the use of the names of banks feature the scammers saying there has been unusual activity on a bank account or card. The person is told they need to verify their details - if they do, they give the scammers access to their accounts. The companies most commonly spoofed were Barclays, Lloyds and Santander.
The companies, government departments and banks which are used have nothing to do with the scams.
Other kinds of scam include fake lotteries and competitions, fake gift cards and fake debt collection.
Some 25 Which? members were asked to log all the scam calls, mailings and emails they received in the course of a month, and the total number recorded was 477.
A Which? spokesman said:
Most scammers got in touch by email, but 5% used phone calls - and this figure excludes the many silent calls the panel also received.
The consequences for those who do fall for scams can be devastating. Experts from trading standards said one victim had lost £60,000 on fake competitions and another had lost £9,000 to a bogus lottery scheme.