Clickinga money
hashtagwon’tearn
youcashbutcould
landyouinprison
Never click or
tap a link in
an email or
text message,
even if the
source looks
officialMostbrowsersnowofferbuilt-inphishing
protectionbutdon’trelyonthataloneTakecarewhen
subscribingtoa service
thatalreadyhasyour
paymentdetails44 5 - 18 February 2020
Moneyhashtags
Late last year, Santander revealed that
social-media hashtags were being used
to lure (mostly young) people into
becoming money mules. This is where
a person lets criminals use their bank
account to transfer money associated
with illegal activity, usually in exchange
for a cut (bit.ly/hashtag494).
What’stherisk?
Theappealofeasymoneyisn’tdifficult
tounderstand.Santander’sresearch
foundalmosta quarter(23%)ofadults
wouldbetemptedtoclickona money-
mulerecruitmentpost.Unfortunately,
goingaheadwitha transactioncould
resultin a criminalrecordandevena
prisonsentenceofupto 14 years.
Howtoavoidthem
Thesearethetop 10 ‘moneymule’
hashtagsidentifiedbySantander,which
youshouldneverclick:
#Moneyflipsuk #Mflipssss
#Deetsandflips #Deetsandflipping
#legitmoneyflips #flipsanddeets
#PayPalFlip #RealMoneyTransfers
#UkFlips #EasyMoney
There are
many more, but
the bottom line
is that you
should never
provide your
bank account
details to
anyone unless
it’s someone
you fully trust
(such as your
accountant),
and report
any dubious
hashtags like
those above to the site you saw them on.
Phishing URLs
Spoof emails are designed to look like
they come from a legitimate service,
such as your bank, PayPal or any other
site where you might have an account,
like Amazon or eBay. They use the
same logos and typically come bearing
bad news – suggesting you need to
change your password as the result of a
breach, or log into your account to
check something or verify your identity.
What’s the risk?
When you click a phishing link inside a
spoof email or other type of message
(such as an SMS), you will be taken to a
fake but often convincing version of the
site where you will be prompted to log
in, thereby handing over your username,
password and other requested details to
the scammers.How to avoid them
Watch out for emails that aren’t
addressed personally to you – official
messages will contain your name, not
just “dear sir” or “valued customer”.
Even if the email does include your
name and personal details, it doesn’t
mean it’s trustworthy, as scammers are
increasingly resorting to targeted
attacks known as ‘spear phishing’.
Watch out for spelling or grammar
mistakes – that’s usually a big red flag.
Also, never visit a site via a link in an
email or text message – always type
what you know to be the proper
address into your web browser and use
the HTTPS address.
Most decent anti-malware software
includes phishing protection, as do
browsers including Chrome, Firefox and
the new Edge, but don’t rely on these
tools and services exclusively to keep
yourself safe. If you receive a suspicious
text on your phone that purports to be
from your bank, contact them directly
via the company website or Twitter
account and ask for verification that the
message is real. Don’t click any links or
call any numbers in the text itself until
you are sure it’s genuine. You can report
phishing emails to Action Fraud via its
dedicated web page at bit.ly/fraud494.Unwanted subscriptions
Subscription services such as Apple
Music, Audible and Amazon Prime are
becoming increasingly popular, often
luring you in with a free trial and the
promise of other benefits.What’s the risk?
It’s easy to forget to cancel a free trial
before it ends and find yourself being
charged for the service, and it’s often
harder to end a subscription than it is to
begin it. Continuous payment authority
(CPA) gives the subscription company
permission to take money from you
whenever they feel it is owed. They can
change the amount being charged, too,
and don’t have to tell you when they will
be taking a payment. Be careful what
you click to sign up for, especially if the
site already has your card details (such
as an Amazon-owned service).How to avoid them
When you sign up for a subscription,
check the terms and conditions, and
find out
whether other
people have
had problems
cancelling. Set
a calendar alert
on your phone
or PC the day
you start the
trial, so you
have plenty of
time to cancel
before you’re
charge d. To
quit Amazon
Prime, go to Your Account, Manage
Prime Membership and select ‘Do not
continue’ or ‘End membership’. If you’ve
already paid, you may be entitled to a
refund.Fake pet adverts
If you’re looking for a pet, you should
always choose to adopt rather than
shop for one, but if you’re committed
to buying an animal online, beware of
fake posts advertising non-existent
pets and pet accessories.What’s the risk?
The National Fraud & Cyber Crime
Reporting Centre (www.actionfraud
.police.uk) says that between March
2012 and April 2018, it received 5,066
reports of people who had been duped
into paying money for non-existentMONEY SCAMS