I'm Adam White, the information security awareness consultant here at Saga. I oversee education and awareness in all areas of information security, supporting colleagues and customers in security best practice and policy.
I’d like to share some of my top tips for staying safe online.
Safer shopping online
With ongoing Covid restrictions across the UK, many more of us will be continuing to choose to do our shopping online. Fraudsters can easily create websites that look just like official retailers, boasting incredible deals. However, often the products received don't match the description or, even worse, the products never even turn up. As you would do when you are shopping on the high street, always stick to stores you know and trust.
There are a lot of places to shop online, and many of these are safe and secure. If you find yourself shopping online at a store you're not familiar with, do some research first. To help identify a scam website, the most obvious thing to look for is the quality of the site itself. If the site appears unprofessional or is full of spelling errors, this can be an indication that things are not genuine. Make sure you keep an eye on your address bar at the top of the page to ensure the web address does not completely change, especially when you come to pay for your goods. Remember, if an offer appears to be too good to be true, it probably is.
Whenever shopping online, use a secure form of payment. One of the most secure ways to pay online is with PayPal. Avoid direct bank transfers to pay for any goods online. Always check that the web address begins with ‘https://’.
Attackers will send 'phishing' emails in the hope that people will enter their personal details. They may direct you to a fake website by trying to fool you into thinking something has gone wrong with one of your online services or you’ve lost or won money. Some emails may also have a link or file attached for you to click on or open. Opening these links or downloading the files may be harmful to your computer. If you see a suspicious email, don’t reply with your details or open any links or documents. Delete the email straight away. If the email claims to be from an organisation, phone them directly using the phone number found on their official website and ask them about it.
Scam phone calls
It can be hard to tell the difference between a scam and cold calling. Cold calls are phone calls from companies trying to sell you something, even though they have had no business with you previously. Cold calls aren’t usually illegal and don’t necessarily count as a scam, although they can be annoying, frustrating and even frightening.
Here are some of the typical tricks that scammers use, so you can be prepared.
Someone may call claiming to be from your bank telling you there’s a problem with your card or account. The caller will sound professional and may try to convince you that your card has been cloned or that your money is at risk. They may even tell you that money has already been taken from your account. They could ask for your account and card details, including your PIN. Scammers have also been known to advise transferring your money to a ‘safe account’ to protect it. This is a common scam, and your bank would never ask you to do this.
Similar tactics could be used by scammers claiming to be from HMRC or other financial institutions.
Computer repair scams or technical support scams
A scammer may call you claiming to be from the helpdesk of a well-known IT firm, such as Microsoft, or an internet service provider such as Virgin or Sky. They’ll tell you that your computer or router has a virus and will ask you to allow them remote access onto your computer to fix the issue. They may also ask you to download ‘anti-virus software’, usually at a cost to you, which then turns out to be spyware, used to get your personal details. It’s worth remembering a legitimate computer company or internet service provider will never contact you in this way.
This is a call from a company asking about a car accident you’ve recently been involved in and claiming you could be entitled to compensation. Some of these could be genuine companies looking for business, but others are scammers. Please don’t engage in these calls. If you have been involved in an accident, call your own insurance company on the phone number provided on your policy.
Scammers will try different ways to encourage you to part with your pension funds. These can include opportunities that are too good to be true or giving you false information.
- contact you out of the blue, either over the phone, text or email
- claim to know about ways that can help you get more than the usual 25% tax free
- offer high returns of over 10% from overseas investments or new or creative investments
- offer a ‘loan’, ‘saving advance’ or ‘cashback’ from your pension
- suggest you put all your money in a single investment (in most circumstances, a financial adviser will suggest you spread your money across different schemes)
- offer to send paperwork to you requiring an immediate signature
- say they can help you access your pension funds before the age of 55
- pressure you into making on-the-spot decisions
- only have a mobile phone number if you request contact details.
What should I do if I get a scam call?
Anyone can be a potential target for scammers, so it's important to be prepared in case you receive such a call.
Fortunately, there are things you can do to protect yourself:
- Don't reveal personal details. Never give out personal or financial information. This includes card numbers, expiry dates, security codes and PINs over the phone, even if the caller claims to be from your bank.
- Hang up. If you feel like you’re being rushed or pushed, or if the caller talks over you without giving you a chance to speak, end the call.
- Call them instead. If you're unsure whether the caller is genuine, you can always ring the company or bank they claim to be from. Make sure you find the number yourself, and don’t use the one provided by the caller.
- Don't be rushed. Scammers will try to rush you into providing your personal details. They may say they have time-limited offer or claim your bank account is at risk if you don't give them the information they need right away.