Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Action Fraud. Show all posts

Scammers Targeting WhatsApp Groups in UK

 

When businessman Mohammed Yousaf received an urgent plea for assistance from one of his oldest friends, he rushed to the rescue.

The 56-year-old received a WhatsApp message from the account of a man he had been friends with for 50 years. It began with the greeting 'Salaam', followed by the message: "Please, I need a little assistance from you..." 

Mohammed was concerned about his friend and inquired how he could help. He was told that his friend was attempting to send £800 to an account, but it did not function, and he was asked if he could make the payment instead, with his friend reimbursing him the next day. What transpired was a fraud that terrified Mr. Yousaf and cost him £800. Unfortunately, he's not alone. 

Last month, men in East Lancashire were warned of blackmail fraud after scammers posing as Eastern European gang members sent threatening requests for payment. Police said men in Accrington and Blackburn were pushed into giving over substantial sums of cash after getting disturbing messages and video calls of someone carrying a pistol. 

Action Fraud, the UK's national reporting centre for fraud and cybercrime, reports that fraudsters are now targeting group chat participants in order to exploit WhatsApp users. The fraud often begins when a member of the group receives a WhatsApp audio call from the fraudster, who pretends or claims to be another member of the group. 

This is done to earn the individual's trust, and the scammer will frequently use a phoney profile image and/or display name, giving the impression that it is a genuine member of the group. 

The fraudster will inform the victim that they are providing them a one-time passcode that will allow them to participate in an upcoming video call for group members. The perpetrator then asks the victim to reveal the passcode so that they can be "registered" for the video conference.

In reality, the attacker is asking for a registration number to migrate the victim's WhatsApp account to a new device, allowing them to take over the account. 

Once the fraudster has gained access to the victim's WhatsApp account, they will activate two-step verification, making it impossible for the victim to regain access to their account. Other members of the group, or friends and family in the victim's contacts, will then be messaged, urging them to wire money immediately because they are in urgent need of assistance. 

According to Detective Superintendent Gary Miles, head of the City of London Police's National Fraud Intelligence Bureau, WhatsApp remains a key channel of communication for several people in the UK, but fraudsters continue to figure out ways to gain access to these platforms.

Gmail and Facebook Users Advised to Secure Their Accounts Immediately

 



In a recent report by Action Fraud, it has been disclosed that millions of Gmail and Facebook users are at risk of cyberattacks, with Brits losing a staggering £1.3 million to hackers. The data reveals that a concerning 22,530 individuals fell victim to account breaches in the past year alone.

According to Pauline Smith, Head of Action Fraud, the ubiquity of social media and email accounts makes everyone susceptible to fraudulent activities and cyberattacks. As technology advances, detecting fraud becomes increasingly challenging, emphasising the critical need for enhanced security measures.

The report highlights three primary methods exploited by hackers to compromise accounts: on-platform chain hacking, leaked passwords, and phishing. On-platform chain hacking involves cybercriminals seizing control of one account to infiltrate others. Additionally, leaked passwords from data breaches pose a significant threat to account security.

To safeguard against such threats, Action Fraud recommends adopting robust security practices. Firstly, users are advised to create strong and unique passwords for each of their email and social media accounts. One effective method suggested is combining three random words that hold personal significance, balancing memorability with security.

Moreover, implementing 2-Step Verification (2SV) adds an extra layer of protection to accounts. With 2SV, users are prompted to provide additional verification, such as a code sent to their phone, when logging in from a new device or making significant changes to account settings. This additional step fortifies account security, mitigating the risk of unauthorised access even if passwords are compromised.

Recognizing the signs of phishing scams is also crucial in preventing account breaches. Users should remain vigilant for indicators such as spelling errors, urgent requests for information, and suspicious inquiries. By staying informed and cautious, individuals can reduce their vulnerability to cyber threats.

In response to the escalating concerns, tech giants like Google have implemented measures to enhance password security. Features such as password security alerts notify users of compromised, weak, or reused passwords, empowering them to take proactive steps to safeguard their accounts.

The prevalence of online account breaches demands users to stay on their tiptoes when it comes to online security. By adopting best practices such as creating strong passwords, enabling 2-Step Verification, and recognizing phishing attempts, users can safeguard their personal information and financial assets from malicious actors.



Rise in Fake Life Insurance Emails, Action Fraud Warns

 


Over the past few weeks, a surge in fraudulent emails impersonating reputable life insurance companies has prompted over 800 reports to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. The scam emails are cleverly crafted to appear genuine, but they contain malicious links leading recipients to harmful websites designed to steal personal and financial information.

To help the public follow through this growing threat, Action Fraud has provided guidance on handling suspicious messages. Recipients are advised to independently verify the authenticity of an email by contacting the alleged sending organisation directly, using official contact details obtained from the organisation’s official website. This precaution is crucial, as scam emails often provide fake contact information that leads directly back to the fraudsters.

Action Fraud emphasises that legitimate banks and official sources will never request personal information via email, a tactic frequently employed by scammers to harvest sensitive data. To further combat these fraudulent activities, the public is encouraged to forward any suspicious emails to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk. This service plays a pivotal role in the UK’s defence against the growing threat of email-based fraud, providing the government with a means to track and respond to these malicious activities.

In response to the increasing number of these incidents, it is essential for individuals to remain a step ahead and take proactive measures to protect themselves from falling victim to such scams. Understanding that fraudulent emails pose a significant threat, the public is urged to exercise caution and follow the provided guidance to verify the legitimacy of any communication from financial institutions or life insurance companies.

This warning comes as scammers continue to adapt and refine their tactics to exploit unsuspecting individuals. Action Fraud stresses the importance of public awareness and education to counter these evolving threats effectively. By disseminating this information through official channels, such as news blogs and other media outlets, the hope is to empower individuals with the knowledge needed to recognise and avoid falling prey to such scams.

As a responsible member of the online community, everyone has a role to play in staying informed and helping others stay safe from cyber threats. By adhering to the guidance provided by Action Fraud and reporting suspicious emails promptly, individuals can contribute to the collective effort to combat fraudulent activities and protect personal information from falling into the wrong hands.

Action Fraud's guidance provides a valuable resource for individuals to navigate these potential threats effectively, and the public is encouraged to remain vigilant and report any suspicious emails to contribute to the ongoing efforts against email-based fraud.