10 foolproof ways to avoid being scammed
Follow these top 10 tips and you'll never get scammed.
With the January 31 tax deadline just a couple of weeks away, I was pleasantly surprised to find a message from HM Revenue & Customs in my inbox this morning, saying I was entitled to a rebate of £500. What a great start to the day!
All I have to do is click on the link to the Revenue's website, and fill out my details...
But hang on a minute: I don't normally file a tax return - so how come I'm due a refund? And why is it being paid before, rather than after, the deadline?
You've probably guessed that this email is a cunning scam, designed to make me disclose my bank details, National Insurance number, and whatever other information these particular fraudsters need to raid my bank account, take over my identity, and generally wreck my life.
Which is a shame, because I could have really done with that £500.
This type of con is no longer limited to emails supposedly written by Nigerian heiresses, who for some reason need your help to transfer millions of dollars out of their country.
Criminals are becoming much more sophisticated when it comes to phishing - the term used to describe sending fake emails designed to elicit our personal information.
As well as taking advantage of events like the annual tax-return deadline, fraudsters are also exploiting the latest internet trends to convince us their messages are genuine.
Recent months have seen the spread of emails or and other messages containing links to fake Twitter and Facebook sign-in pages. The aim is to get our login details and use our personal information to commit identity theft - where fraudulent loans are taken out in our names.
Users of eBay, PayPal, and pretty much every bank, have also been targeted.
But when most of us already get a lot of emails from these organisations, how do we tell the real from the fake - and how do we make sure we don't get conned? Here are lovemoney.com's 10 top tips:
1. Be sceptical
There is no such thing as a free lunch: so if someone you don't know has emailed to offer you a lot of money for no great effort on your part, be very suspicious.
A quick online search for some of the phrases in your message will, in most cases, quickly reveal it's a scam.
2. Don't click the link
It's pretty easy for criminals to set up websites that look just like your bank's home page, or the Facebook login. But to get to them, you have to click on a link in the fake email.
This link may look genuine, but it will probably take you to a dummy site. If you want to log in to your bank account or social networking site, type the address yourself into your browser: that way you can be sure it's the real thing.
3. Be cautious, not gullible
If you get a message saying there has been a security breach on your bank account, by all means give your bank a call to check. But use a number you can trust - and don't use the link in the email.
Check your bank account regularly for errors. If you have lots of different accounts, make sure you check them all. Sign up to online banking here at lovemoney.com to securely view all your transactions from different banks at a single glance. (We use the same levels of encryption as banks and credit card companies. For more information, read our security FAQs.)
4. Read your message carefully
Some criminals do not have English as their first language. Others might be more used to dealing with an American market. Either way, the writing style can offer a big clue to an email's authenticity.
And if your message does not address you by name, it is probably a con that has been sent to millions of others.
5. Protect your identity
If you are worried about criminals taking loans out in your name, you can tell the major credit-reference agencies - Experian, Equifax and CallCredit - to alert you whenever an application for a loan or credit card is made on your file. They can also let you know if your address is changed - an important step in many cases of identity theft. You can sign up for a 30-day free trial of this service via lovemoney.com. Find out more.
6. Be private
If a criminal gets access to one of your Facebook friends' accounts, they will also be able to get hold of your personal details. This could help them commit ID theft.
Think carefully about what information, such as address and date of birth, you share with sites like these.
7. Help companies fight scams
If you get a message that looks like a con, you can report it to help companies combat fraud. Organisations like PayPal and most banks have an address where you can forward any dodgy emails. If businesses know what criminals are up to, they can warn customers and improve their security systems.
8. Spread the word
Far too many people get taken in by phishing fraud: if you've been sent a scam email, warn your friends and family. Or better still, send them a link to this article. And if you know of any scams, please post about them using the comments box below, or ask a question on Q and A to see if others have come across them.
9. Use anti-virus software
Ideally you would never receive any phishing emails: some anti-virus programs will be able to filter out potentially harmful messages.
Other packages can warn if you are about to follow a dubious link in an email.
10. Manage your passwords
If you use the same password for your bank, your email, Facebook and eBay, you stand to lose a lot more if a criminal manages to get hold of it.
Use different passwords for different services - and change them regularly.
It might be a lot of hassle, but it's worth it.