Cybersecurity essentials : How to spot a scammer

While we do everything we can to keep your Cashplus Account secure from cybercrime, we can’t keep every aspect of your online identity safe all the time. To help you stay one step ahead of the fraudsters there are some simple things you can do to avoid common, but ever more advanced, scams.

If you’re worried about something fraudulent in your Cashplus Account or think you may have been a victim of cybercrime, get in touch with our specialists straight away on 0330 024 0924 or email them at [email protected].

If you’re looking for help and advice to keep your business safe from cybercrime, take a look at our dedicated business cybersecurity page.

Among the most common ways scammers steal personal information like usernames, passwords and banking account details is through fake emails. Increasingly harder to spot, here are some tell-tale signs to look out for:

  1. Bad spelling and grammar and poor punctuation.
  2. Pixelated or low-quality images and brand logos.
  3. Impersonal greetings and salutations (such as, ‘Hello customer’) – Cashplus will always call you by your first name in every email we send.
  4. Strange looking or incorrect links and URLs – you can always hover your cursor over the link to see it in full and check its validity. If you’re ever in any doubt, never click on a link in an email and instead just type the address manually into your web browser.
  5. Unfamiliar attachments – especially if they have strange looking or double extensions (like docx.docx). Never ever click on an attachment from a sender you don’t know.
  6. Any emails asking for any personal information, whether that’s your name and address or your bank or login details. Never click through from an email to confirm your account details.
  7. Email aliases – if anything looks out of place in an email, click on the sender’s email address to see it in full and check they’re not using an alias to make it look legitimate.

Safety tip: if you’re ever unsure about whether an email has come from us, don’t open any attachments or links in the email and instead forward it to our Cybersecurity experts.

Phone scams

It can seem amazing that in this day and age phone scammers are still having success. But their tricks are getting increasingly sneakier, for example they may know some of your basic personal details before they call you, which helps build trust and make them sound genuine. A sense of urgency to do what they say quickly is also a giveaway that something’s up. Here are some of the more common and more successful phone scams to watch out for:

  1. The bank scam – someone calls pretending to be from your bank saying there’s an urgent problem with your account and you need to provide account details like your card number and PIN, or even transfer your money to a ‘safe account’. Cashplus will never ask for any personal information over the phone or ask you to move your money, and neither would any bank.
  2. The compensation scam – perhaps the most common scam of all is the company calling to offer compensation for a car accident you may or may not have been involved in. Whether you’ve had a crash or not, never engage with these callers but instead call your own insurance company on the number in your policy.
  3. The HMRC scam – when the tax man calls most of us sit up and listen, which helps make scams about tax refunds and unpaid tax bills all the more intimidating. HMRC will never call you to ask for account details, whether it’s to take or make a payment, and won’t leave a message asking you to call them back either. If in doubt, log in to the HMRC website and call them direct on the number provided.
  4. The IT scam – scammers are capitalising on people’s computer hacking concerns by pretending to be IT helpdesk callers from major companies like Microsoft. They’ll often urge you to download new anti-virus software because your computer is infected – which almost always turns out to be spyware designed to steal your personal and financial details. They may even have the cheek to charge you for the privilege.
  5. The number spoof scam – technology now allows scammers to mimic official phone numbers on your phone’s display, lending them credibility that they are who they say they are. If they ask you for anything out of place, just hang up. If you’re unsure, call the company in question using the official number on its website. 

Safety tip: a good way to avoid the perils of phone scams is to stop as many as possible before they call you. Registering free with the Telephone Preference Service can reduce (but not eliminate) your phone number’s exposure to cold and scam callers.

SMS scams

Text message alerts are also susceptible to scams, their brevity often making them easier to accept as genuine rather than question. As always, if you’re ever in any doubt then contact the alleged sender company directly through their official channels. Here are a few things to look out for:

  1. A clickable link – while many text message alerts may ask you to log in to your bank or online account, legitimate ones will direct you to log in by launching the app yourself rather than clicking a link.
  2. A request to call an unfamiliar number – if you don’t know the number, don’t call it. These can be high cost lines that charge incredibly high rates to connect you. If you’re not sure about how to contact Cashplus, you’ll find our phone numbers on our Contact Us page.
  3. A request for personal information – never send personal or financial information via text or through any links you’ve clicked on or calls you’ve made in response to a SMS.

Safety tip: if you receive a text message claiming to be from Cashplus but you’re unsure it’s genuine, just contact our Customer Services and we’ll verify if it is for you.

 

Web scams and passwords

A big reason to not click on links in emails or text messages is because they can direct you to websites that look entirely genuine and legitimate when in fact they’re forged copies of the real thing. Enter your log in information on such a site and it goes straight to the scammers to use and exploit as they see fit. Here are some ways to stay safe:

  1. Never log in to a website through a link provided to you either in an email or text message. Instead, manually enter the URL in your web browser.
  2. Make sure any site you’re using is secure – you can tell because the URL will start with https:// and feature a padlock icon next to it.
  3. Create better passwords – instead of a password, try creating a passphrase of three to five random words (and symbols if you can remember them) instead. Try something that’s easy enough to remember but long enough to be really hard to crack. The number of letters you use may vary depending on the password character limit – it’s 8-20 characters with a Cashplus login. And it should go without saying, but don’t use old favourites like maiden, child and pet names, important dates or favourite sports teams. Be creative!

Safety tip: create a new and unique password or passphrase for every site you log in to. Then if one website is hacked or your login details compromised, your other website accounts will stay secure.

For trusted and expert guidance on all aspects of your cybersecurity, we recommend the National Cyber Security Centre

 

 

This content was created on 21st February 2020

Terms and Conditions apply, including applicants being resident in the UK & aged 18+ and, if relevant, businesses being based in the UK. For full website terms including information on Cashplus, Mastercard and use of Trademarks, please see our full legal disclosures at https://www.cashplus.com/legal/. **Credit facilities are provided by Advanced Payment Solutions Ltd (APS) and are subject to the AFL Cashplus e-money account being in good standing and applicants aged 18+. APS is authorised and regulated by the Financial Conduct Authority for consumer credit activities (Registration No. 671140). ♦Calls to 03 numbers cost no more than a national rate call to a 01 or 02 number and will count towards inclusive minutes in the same way as 01 and 02 calls. Calls may be recorded.