Avoid scams this Ramadan
We need to be more vigilant than ever against fraud, particularly about sharing our financial and personal information, as cyber-criminals capitalise on the huge amount of us that are now online. Using a single day as an example – Friday 20 March 2020 – City of London police reported a 400% increase in coronavirus related fraud; 105 reports were sent to Action Fraud, the UK’s national reporting centre for fraud and cybercrime; and losses were estimated at £970,000.
Cyber-criminals are experts at impersonating trustworthy people, organisations and authorities. They spend hours researching you for their scams, hoping you’ll let your guard down for just a moment.
Here we explore the most common types of cyber-crime and what you should do to protect you, and your loved ones, this Ramadan.
Phishing scenario: you receive an email claiming to be from a trusted friend or authority. You are asked to provide your passwords or personal information such as your address, telephone number, or other data.
- Never provide sensitive personal information online, especially in response to an email you weren’t expecting
- Delete the email immediately. If you received it on your work email, inform your IT department
- Call Action Fraud on 0300 123 2040 or use their online portal to report any concerns.
Checklist for identifying phishing emails
These simple checks can reduce the likelihood of falling for a phishing attack:
- Check the email greeting. Phishing emails tend to start with generic phrases like: 'Dear Friend’, or your email account name, like 'Dear abc123'
- Check the sender’s address. Cyber-criminals often change the display name to make it look more like the company or organisation they are pretending to be. A scam email will have a strange email address behind what looks like a genuine display name e.g. "Your Friend@ramadan.co.uk". Right-click on, or hover your cursor over the sender name to see the email address behind it
- Check links in the email. Right-click on or hover your cursor over any links in the body of the email. If the link address doesn't look like an official site address or is different from the text description, don’t click on it.
Vishing (or Voice Phishing) scenario: You receive a call claiming to be from a trusted friend or authority. You are asked to provide information such as bank account details, card details, three-digit security numbers, PINs, online banking username and passwords or telephone banking security passwords. You may receive several calls so that the cybercriminal can gather all the information they need (different calls asking for different numbers in your PIN, for example).
- Never provide sensitive personal information over the phone, especially in response to an email you weren’t expecting
- Hang up, a genuine caller will call back, or
- Ask for the name and the company name of the person you are talking to, then ring back via the number from the website (do not use a number they provide) and ask for that person.
Smishing (or SMS Phishing) scenario: You are sent a text message with a link asking you to click a link or call a number. It is a trick to get you to provide your personal details or download a malicious software to your mobile device via a text message.
- Never open a text message that you weren’t expecting
- Never click on link or call a number before verifying the sender
- Delete the text message if you’re suspicious or confirm it is not from a valid sender
- If you received it on a work phone, inform your IT department
- If you received it on your personal phone, mark it as spam and/or call your provider.
Malware (or malicious software) Scenario: You clicked on a link in a Ramadan spam email you received, and now pop up screens you don’t recognise keep appearing, sometimes asking you to make payments. You may even find you are limited from accessing your system.
- Never click on links in spam email or on pop up screens, and be careful when downloading free software
- Ensure your security protection is up to date – prevention is always better than cure
- If a work computer has been infected, inform your IT department
- There are free tools to help you remove malware from your personal laptop and device. Here’s a list of the top 10 in 2020, from a reputable technology publication, although it is not specifically endorsed or recommended by Al Rayan Bank.
Online shopping scam scenario: you are buying Eid gifts from a retailer who sent you pictures and links to a website, which seemed genuine. However, now the seller wants you to send money directly to their bank account and not via a secure payment method, such as PayPal.
- Never follow a link in an unexpected email and always check the spellings in the URL
- Always research an online seller and insist on a secure payment method – reputable sellers will want you to do this too
- If paying by card, look out for a small padlock symbol in the address bar (or elsewhere in your browser window) and a web address beginning with https://
- If you’re buying a high value item, such as a vehicle of piece of jewellery, insist on seeing the item – even if this means waiting until after the current restrictions are lifted.
Cyber-crime costs the UK billions of pounds every year, and when you consider the scale of the problem, it can be easy to feel overwhelmed. However, you can protect yourself from most cyber-attacks in just 3 easy steps:
- Choose strong passwords and don’t reuse them for multiple logins
- Install security software such as anti-virus and two-factor authentication. This kind of software is often available for free
- Keep all security software and operating systems updated (they can be set to update automatically)
If you’re approached by potential scammers or think you may be a victim of fraud, call Action Fraud on 0300 123 2040 or use their online portal to report any concerns. This could help protect both yourself and others at risk.
There is also further information on our website here.