Martin Lewis: Could you spot a scam?
It’s Citizen’s Advice Scam Awareness month. And the timing is crucial after it was revealed TSB’s meltdown meant 1,300 TSB customers had money stolen by fraudsters. Scammers are getting more professional, and they love to target the most vulnerable. So our Money Saving Expert Martin Lewis is here to explain what to look out for and how to protect yourself.
What type of scams are there?
Scams are fraudulent schemes that dupe people into parting with their personal details and/or cash. They've been around for as long as I can remember, but they're no longer confined to shady door-to-door fraudsters – they target people through emails, online banking systems, phone calls, text messages and even FAKE ads on social media with my face on it.
And now more people are falling victim to scammers posing as professionals from financial and legal services. Such cons now account for a fifth of all scams reported to Citizens Advice’s Consumer Service.
How can I prevent myself from being scammed?
Here’s my five rules to help…
Never give personal details if they call, text or email. The classic scam is fraudsters sending messages or emails asking for your details to break into your accounts, claiming to be from a bank, insurer, HMRC, me (yes people call as Martin Lewis) or even the police.There are three types …
a) Phishing – This is where scammers send you a spam email from a company it hopes you have a connection with e.g. your bank saying something like "your bank security is broken, click here" or "we need your help to retrieve funds. It’ll then take you through to a professional-looking website – often a mirror image of the real thing, and it’ll ask you to put in your password or personal details in.
Never, ever, EVER click a link in an email or open an attachment unless you're 100% sure of its contents. It’s worth noting a very common one is a HMRC email promising a refund – HMRC never do this by email – so if you get one it’s a fake.
b) Smishing - SMS-phishing – it’s the same as phishing but a text is used instead of an email. Even if the text number looks genuine, always call it back using an official number you have found elsewhere, and never text it back.
c) Vishing – voice-phishing. This is where someone calls you claiming to be from a bank, insurer, utility provider, etc asking for personal details, like your password or mother’s maiden name – again NEVER EVER give it.
An increasingly common trick is where they call, ask you to call your bank back, but play a dialling tone, tricking you into thinking they've hung up. Yet you're still talking to them.
Instead, say you’ll call them back – if they are legit they won’t mind. Even if they give a number to call back, don’t dial it. Go and find the official number for that institution and call it a bit later, or preferably from another phone, as often the scammers stay on the line and play a dial tone while you call tricking you into thinking you’ve actually called the right place.
Don't fall for fake deals on WhatsApp & Facebook and other social media. I constantly hear of many bogus offers popping up in people's feeds and messages, eg, Alton Towers and Ryanair giving away free tickets on WhatsApp.
The key here is to know the source. Is the person giving you the information trustworthy, and is the source trustworthy too? Go to where you know it’s legit and check it. In other words even if it looks legit, never just click without separately checking.
And of course as you may have heard me say before I DON’T DO ADS– my face has been plastered all over the internet, over 1,000 ads on Facebook alone wrongly claiming I’m endorsing binary trading, PPI companies and more. NOT ONE of these scam ads is genuine - don't be fooled. And please pass on the message to anyone you think may be fooled by these ads.
What to be wary of when it comes to scams and offers.
- Anyone rushing you – you never need to make a decision straight away- Anyone asking you to pay in an unusual way (such as vouchers)- Look out for poor grammar or dodgy spelling in emails and if they start the email with “dear sir or madam” – this often means it’s not from a legit company- Never send money to someone you have never met- Walk away from job ads that ask for money in advance- Genuine computer firms do not make unsolicited phone calls to help you fix your computer (and generally I’m not too in favour of any cold calling)- Any ads for crypto currencies on Facebook are scams, as it has banned those ads, so if they get through they’re not legit.- Persuasive sales patter – just say no thanksEnsure you've antivirus software installed on your computer. You can get free software which, while not quite as effective or full of features as paid-for programs, still keeps on top of threats. The top free ones are Windows Defender, Microsoft's Security Essentials and Avast Antivirus Free. Remember to update these regularly. And ensure your computer firewall settings are on and set to a high-enough security level.5. The safest way to pay for anything is via credit or debit card. These two forms have protections. Credit cards are covered by Section 75 of the consumer credit act which means if goods cost £100 to £30,000 then by law the credit card is jointly responsible. All other plastic transactions are covered by Visa, MasterCard and Amex’s chargeback rules. This way if you pay and it’s a scam you have a route to try and get your money back through the card firm.
Pay by bank transfer, cash, cheque, or vouchers and there’s little protection.
How do I know if I’ve been scammed?
There’s a couple of things you can check. First have a look at your bank account and credit card statements. Are there any transactions on there that look suspicious or you don’t who they are to. Also monitor how often you’re getting your statements. If they aren’t being delivered when they should, this could be a sign of ID fraud.
You should also check your credit file regularly – at least once a year normally, but if you think you’ve been scammed, then once a month, with all three credit reference agencies if possible, which you can do for free - Experian with Martin’s free credit club, Equifax with Clearscore, and Callcredit with Noddle - to see if someone is making false applications for credit in your name. Look for any financial products you don’t recognise applying for. Also take note if you’ve been rejected for credit when you've got a good credit history.
If a company has been hacked and your data’s been stolen – as in recent years with LinkedIn, Equifax and Uber – the website HaveIBeenPwned? ('pwned' is geek-speak for being made a fool of - it's pronounced 'poned') allows you to check if your accounts have been compromised. Enter your email address and if there’s been a breach, it’ll tell you what data was compromised – eg, email address, password, date of birth, etc. If this happens change your passwords immediately.
What do I do if I’ve been scammed?
Here’s a checklist of things to do…
1) If you’ve already responded to a scam, end all further communication immediately.
2) Then call your bank and cancel any recurring payments.
3) Report the scam to the police through Action Fraud on 0300 123 2040, or report a scam anonymously on its website.
4) Speak to the Citizens Advice consumer helpline on 03454 040506 or the Financial Conduct Authority's helpline on 0800 111 6768.
5) If you’ve had ID fraud then contact the fraud prevention service CIFAS, and ask it to put a 'protective registration' flag on its National Fraud database. It costs £20 and for two years it alerts all lenders who are members of the database (which is most) to carry out further checks before approving credit applications. However, don't use this lightly. Getting Protective Registration will slow up any credit searches, including the ones you do.