id
 |
Impersonation scams |
An impersonation scam is where a fraudster convinces their victim to make a payment, or give personal or financial details, by pretending to be someone else.
The different types of impersonation scams include: Whatsaap, bank, police, CEO, Amazon (other big retailers), HMRC, Royal Mail etc.
Examples
Bank impersonation - Taking advantage of their victim’s trust, fraudsters claim the victim’s bank account is at risk and ask them to move their money to a ‘safe account’. They may ask their victim to download an app to help move the money safely, but the victim is actually handing account access to a criminal.
Police Impersonation – When pretending to be a police officer, the fraudster will usually tell their victim they need their help with a police investigation involving their bank, then similarly ask for money to be moved to another account, to help ‘catch’ a criminal.
CEO Impersonation – Although ‘CEO fraud’ is a less common impersonation scam, it has the highest average amount lost of any impersonation scam. The fraudster pretends to be a senior member of staff at a company and contacts the victim (typically a member of staff at the same company) and asks them to make an urgent payment. This could be an invoice they claim needs paying, but they’re unable to make themselves, or they might ask the victim to purchase multiple gift cards for other staff members, under the guise of a ‘bonus’ or ‘treat.’
Whatsapp (Family) – A WhatsApp family and friends impersonation scam is when a scammer pretends to be your friend or family member. The message will have a generic opening such as "Hello Mum" or "Hi Dad". They'll claim that they've lost their phone or their phone is damaged and that is why they're messaging from a different number. They'll then claim that they urgently need money to pay for a new phone or to pay a bill.
Large Retailers (Amazon) – In the knowledge that many consumers regularly shop online, fraudsters will pretend to be from the likes of retail giant Amazon. Victims will be contacted and told there is a problem with their account, or perhaps that they’re due a refund, then asked to fill in a form, click a link or download some software – ultimately all ways to gain access to the victim’s personal data.
id
 |
Romance scams |
Romance scams are where fraudsters target individuals looking for love, using fake online identities often with fake photos and information on social media and online dating apps.
The fraudster will gain the individual’s trust over several weeks or months until they believe they are in a genuine loving and caring relationship.
The fraudster will have numerous, seemingly plausible excuses for why they cannot meet in person or show their face on video calls. Common excuses include working away in the armed forces or that their line of work involves international travel. They may propose marriage and make plans to meet in person, however that will never actually happen.
Eventually they will ask for money, claiming family issues, medical bills, unexpected legal fees or needing money to arrange travel to meet up in person. The initial request for money may be small, however generally this will increase over time.
Often the fraudster will also tell the individual how to make payment. The fraudster wants to get the money quickly and in a way that makes it hard for the individual to get it back. They will ask for the money to be wired through a company like Western Union or MoneyGram, put on gift cards (like Amazon, Google Play, iTunes, or Steam) and give them the PIN codes, sent through a money transfer app, or transfer cryptocurrency.
id
 |
Purchase scams |
Purchase scams are where fraudsters list fake or non-existent items for sale on social media and online marketplaces. Their adverts look genuine and often fraudsters will create fake websites and will take images from genuine sellers’ to convince the victim it is the real deal. The victim will make a payment, but for products which do not exist and will never arrive.
id
 |
Doorstep scams |
This often comprises of a friendly but concerned tradesman or salesman knocking on someone’s door, offering a service or product which you don’t really need but they require immediate payment for. They may never return to do the work or alternatively, may return but request more money than was originally quoted.
id
 |
Deepfakes |
A deepfake is a video of a person in which their face or body has been digitally altered using artificial intelligence (AI) so that they appear to be someone else, typically used maliciously or to spread false information. Fraudsters are using deepfakes of celebrities and influential role models to promote dodgy financial products and investment opportunities.
AI is becoming more commonplace, which is creating new opportunities
id
 |
Spear phishing |
Spear-phishing is a type of phishing attack that targets specific individuals or organizations typically through malicious emails. The goal of spear phishing is to steal sensitive information (such as login credentials) or infect the targets’ device with malware.
Fraudsters who use spear-phishing attacks carefully research their targets, so the attack appears to be from a trusted sender of the victim. A spear phishing email uses social engineering techniques to urge the victim to click on a malicious link or attachment. Once the victim completes the intended action, the fraudster can steal the credentials of a targeted legitimate user and enter a network undetected
id
 |
Quishing |
Quishing, or QR phishing, is a cybersecurity threat in which fraudsters use fake QR codes to redirect victims to malicious websites or prompt them to download harmful content.
QR codes are being used to order in bars and restaurants or for concert tickets and the like which provides fraudsters with new opportunities to steal data.
The goal of this attack is to steal sensitive information, such as passwords, financial data, or personally identifiable information (PII), and use that information for other purposes, such as identity theft, financial fraud, or ransomware.
id
 |
Recruitment scams |
It is common for individuals to use internet job sites to search for new employment, often making their CV and personal details available to anyone. These individuals are then contacted by fraudsters purporting to be from a genuine company, offering a fake job role. Upon acceptance, the victim is often asked to pay a small admin fee towards their onboarding, which often escalates into repeat and increased payments. This can also result in money being stolen from the individual’s bank account directly if they have provided this for salary purposes.
id
 |
Advanced fee scams |
Advance fee scams are when fake companies ask for an upfront fee in order to receive a prize/service or high-value goods, which never materialise.
id
 |
Investment scams |
Investment scams can often fall under 3 main categories:
- An individual partakes in an entirely fabricated investment.
- A genuine investment is manipulated by a fraudster to ensure any money is paid directly to them.
- A fraudster poses as a representative of a genuine investment firm in order to appear more trustworthy however it is a ruse.
In all 3 scenarios, the aim is to entice victims to invest in a product or scheme which results in the fraudster making a profit. Increasingly, the investments appear in unregulated markets such as Art, Wine and Whiskey and Jewellery/Gold.
The main take away is: if something looks too good to be true, it probably is.
id
 |
Pension scams |
The aim of pension scams is to trick you into handing over your pension savings. This could involve you transferring your pension pot into a non-existent or high-risk scheme or being persuaded to release some or all of your pension pot.
Scammers often try to tempt their victims with offers of better returns, one-off opportunities or early access to their pension savings. These offers turn out to be empty.
