Identifying types of fraud - FAQs

Identifying types of fraud FAQs

What are identity theft and identity fraud?

Identity theft:
Identity theft happens when fraudsters access enough information about someone’s identity (such as their name, date of birth, current or previous addresses) to commit identity fraud. Identity theft can take place whether the fraud victim is alive or deceased.

Identity fraud:
Identity fraud can be described as the use of that stolen identity in criminal activity to obtain goods or services by deception.

Fraudsters can use your identity details to:

• ● Open bank accounts
• ● Obtain credit cards, loans and state benefits
• ● Order goods in your name
• ● Take over your existing accounts
• ● Take out mobile phone contracts
• ● Obtain genuine documents such as passports and driving licences in your name.

It’s worth noting that stealing an individual’s identity details doesn’t, on its own, constitute as identity fraud. But using that identity for any of the above activities does.

The first you know of it may be when you receive bills or invoices for things you haven’t ordered, or when you receive letters from debt collectors for debts that aren’t yours.

What is phishing?

Phishing is an attempt to trick someone into giving information over the internet or by email that would allow a fraudster to take money from them and/or steal their identity.

What is vishing?

Vishing is the act of using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft.

Sometimes you'll be asked for your details there and then over the phone, or the fraudster may tell you to visit a fraudulent website.

It's important to note that some scammers will suggest calling the organisation in question back, possibly to make you feel more secure. However, the fraudster may stay on the line and trick you into thinking you're now speaking with somebody else. Therefore, it's important to call a number you know to be genuine on a different telephone or device to ensure this isn't possible.

What is smishing?

Smishing is when fraudsters obtain personal details of victims by SMS (text message). Texts will usually contain a link, which will redirect to a website that’ll either download a virus to your smartphone or ask you to input personal details.

What are copycat websites?

Unfortunately, fraudsters go to great lengths to try and trick people into parting with their hard earned money and that includes creating websites that look very similar to that of genuine organisations.

There are some things that they don’t get quite right though so if you find yourself visiting a website through an email or text message and you have a feeling something is wrong, make sure you do your research first. Here are some tips:

Spelling mistakes: These can be very small and even appear in the website address which could be easily missed - if you’re not sure, consider searching the internet for the exact name of the business you’re dealing with, and double check that you end up at a website with the same address.

Call the company: If you want some extra reassurance, call the company you think you’re dealing with. They’ll be more than happy to help you get to the right place and grateful for the report if the website you have found is a copycat.

Check for scam websites: Through Citizens Advice, you can check if something might be a scam online or if you’d prefer to speak to somebody, you can get in touch with a scams advisor.

If it’s a financial services provider that you’re trying to identify as legitimate, like a savings provider for example, you should always check the Financial Conduct Authority’s (FCA) register to make sure that they’re authorised to provide the service they’re offering.

The FCA register also provides a link to the firm’s official website which means you can be sure that you’re in the right place.

What will fraudsters say?

Fraudsters of this kind will often pretend to be from your bank – or any other company you do business with. They’ll usually claim there is a problem with your account or tell you that urgent action needs to be taken to ensure you’ll not be charged or have your account closed.

They’ll then either ask you for your details directly, ask you to follow a link or to download an attachment. Depending on the scam, these links may either download a virus to your device or lead to a website asking you to input your details which they’ll in turn steal.

Protecting yourself from fraud and cyber crime

To stop yourself becoming a victim of identity fraud, you can follow these tips to help keep your personal information safe:

• 1. Don’t give out personal information (name, address, bank details, email or phone number) to organisations or people before verifying their credentials
  
  Always question unsolicited calls, texts or emails requesting your personal or financial information
• 2. Make sure your computer has up-to-date anti-virus software and a firewall installed. Ensure your browser is set to the highest level of security and monitoring to prevent malware issues and computer crimes.
  
  Installing, or enabling, antivirus software on your laptops and computers will protect them from viruses and hackers.
  
  If you receive an email or SMS that looks odd – Don’t open any links or attachments. These can put a virus on your phone or computer.
• 3. Many frauds start with a phishing email. Remember that banks and financial institutions won’t send you an email asking you to click on a link and confirm your bank details. Don’t trust such emails, even if they look genuine.
  
  You can always call your bank using the phone number on a genuine piece of correspondence, website (typed directly into the address bar) or the phone book to check if you’re not sure.
• 4. Destroy and preferably shred receipts with your card details on and post with your name and address on. Identity fraudsters don’t need much information in order to be able to clone your identity.

What should I do if I suspect a call, text or email is fraudulent?

If you feel you may be a victim of a phishing, vishing or smishing scam, contact us (or the business in question) immediately to ensure no fraudulent activity has occurred and report it to Action Fraud. To alert us to any suspected fraud or scam, please email us at customer.security@krbs.co.uk or call us on 0800 077 8210 and we’ll be happy to help you.

If you have a call that you suspect is an attempt at fraud, hang up and call a number that you know is genuine from a different phone from the one you were previously talking on.

For more information on Fraud and how to protect yourself:

• ● FFA UK – Shopping online
• ● FFA UK – Banking online
• ● Action Fraud
• ● Citizens Advice
• ● Age UK
• ● Cyber Aware