Recognising bogus emails, websites and other communication

Posted 23/09/2019

Spam emails from unknown senders trying to phish for sensitive information are not uncommon in the age of technology. To phish is to fool people into giving information over to what they believe is a reliable person working for their best interests. The Nigerian Prince scam emails may be one of the better-known examples, in which an email claims that the receiver is entitled to a fortune provided the sender first sends an initial ‘fee’. Rather than requesting a response, some fake emails will have links leading to a website that asks for the information.

The dangerous fake companies are those who have a legitimate seeming email addresses and websites, or base their email address on an existing company that has nothing to do with the bogus email. HMRC is one such company that is faked, and individuals may receive emails or phone calls from a person claiming to be working for HMRC to collect unpaid taxes or to send over a refund. HMRC never sends out communication emails. If a phone call has been received it is advised that no details are given until the individual’s tax account with HMRC has been checked either online or by calling HMRC directly.

The trouble with scammers is that the fake websites appear in a Google search as a regular company. By being available in a Google search, the scam websites can be stumbled upon by an individual without a bogus email. The website may likely offer what would be a good deal if it was an actual seller to entice people to give their bank or card details. Spelling mistakes in the text, a padlock missing from the URL box and only a form to fill out within contact details are some traits of false websites to look for.

Once the scam sender has the details they request – passwords, bank account details – they will use these to hack into the individual’s accounts to steal money or hold accounts to ransom. Some senders gain access of the receiver’s computer and stored information if a certain link or file is opened, and businesses can find their software being held for ransom too. These emails will use a variety of email addresses that will be unknown to the receiver but will often look like a legitimate sender. Companies advise their workers that if in doubt about an email, pass it along to the IT team or server hosts to look in to and do not open anything contained within the email. If a business’ information is compromised it can mean that sensitive information falls into the wrong hands so no risk should ever be taken.

HMRC has a part of its website dedicated to tackling phishing. Email addresses can be passed over by an individual if they receive a false, misleading email so that HMRC can track the sender down. All email addresses can be grabbed from the sender information, copied across to the HMRC web page and sent for investigation.

Tags: fake email, bogus email, fake website, scam, scammers, phishing