Protect Yourself from Scams

Learn about the different types of scam

Cybercrime is a very real and present problem with thousands of people falling victim every day. Scammers do everything they can to appear legitimate and often can be very convincing, so it's vitally important to learn about the different types of scams to protect you and your business.

We created this page because we're passionate about preventing cybercrime and keeping our customers safe. Please be aware that we are not professional consultants in the field of cybercrime/fraud. The information on this page is purely for awareness purposes only, therefore we cannot be held responsible for any cyber breaches or scams you may encounter.

 

Think you've been targeted?

If you think you've been a victim of a scam and it is connected to our business, email us immediately at internetsecurity@leisuretec.co.uk with details and attachments.

Our Cyber and Fraud Policy can be found in our Terms of Business.

Impersonation Scams

Impersonation scams are where someone pretends to be an individual, bank or organisation that you trust to try and convince you to send them money. They contact you via email, text message and phone calls and mask their real identity by changing caller ID, the sent-from email address or by labelling their text with a company. They can even contact you through a trusted organisation email account that has been compromised, making their request even more convincing.

Signs to watch out for

  • Didn't expect the message? Is the message and tone of voice out of character? Always be cautious as it's likely to be a scam.
  • Are they rushing you? Scammers will be very persistent and will rush or panic you. If you feel rushed, this is a sure sign of a scam.
  • Out of Hours? Are they contacting you outside of normal office hours, when the trusted individual wouldn't usually be working? If they have access to an email account, they will use this tactic to hide their email traffic.

Invoice Scams

Invoice scams are very common in B2B. A scammer will somehow gain access to a legitimate invoice, add their own bank details and resend the invoice to you, impersonating the trusted individual or organisation.

Less convincing examples are where they send a fake invoice from a masked email address but more convincing examples are where they email you through a compromised email account from a trusted organisation, or even a compromised account within your organisation.

How can you protect yourself?

  • Maintain good password practice to prevent your email accounts from being compromised.
  • Change of bank details, what? This already feels suspicious as it's not normal business practice to change bank details without formal notice.
  • Does the invoice look legitimate? Often the tampered information will look out of place and they don't follow the formatting for the rest of the document.
  • Does the bank look suspicious? Usually, they will use very obscure banks, one you've probably never heard of.

Still in doubt? Call the organisation on a trusted phone number to confirm the legitimacy. This should be standard procedure for all businesses when a vendor changes bank information.

Credit Note Scams

A customer invoices you for a credit/refund. Has your business got the necessary procedures in place for documenting and approving credit notes? This method is commonly used by scammers to defraud you of money by changing the bank details on the invoice.

Confirm the legitimacy of the refund request directly with your customer over the phone and never refund any money into a bank account that you've not used before. Refunds should always be refunded via the same payment method and the same account used to pay for the original order.

Refunds should always be authorised by a Manager or responsible control centre within the business.

Phishing, Smishing and Vishing

Phishing, smishing and vishing are when someone tries to scam you via email, SMS text or phone call. You receive communication that appears to be genuine but it has the malicious intention of trying to collect your personal card details,  account passwords or other sensitive information.

Scammers will often create authentic-looking emails impersonating organisations you trust. Through this email, they will pressure you into logging into your account via their bogus login page "to prevent your stored files being deleted" or because "someone has tried to reset your password". These are sure signs of a scam.

Other attempts might be more personal, where they pretend to be a colleague or manager (Spear-Phishing or Whaling) and trick you into parting with money. Usually, for this to happen, they already have some background on you (name, job, email), sourced either online or via another data breach.

How you can protect yourself

  • Always be wary of any unexpected texts, calls or emails
  • Look for the obvious signs that it's a scam: spelling mistakes, poor grammar, weird tone of voice, persistence, invoking panic, corporate branding
  • Don't be fooled by phone numbers or email addresses that look legitimate. Scammers can easily mask an email from-address or company phone number.
  • Never reveal personal info like your pin, account login details, passwords, or mobile activation codes
  • Where possible, hover (not click) over suspicious links with your cursor. If the URL looks suspicious, this is a sure sign of a scam.
  • Most importantly: If in doubt, call the organisation on a trusted number to confirm the communication's legitimacy.

Good Password Practice

There are some basic rules you must follow when creating and managing your passwords. Not only do you need to create a strong password that nobody can guess, you also need to manage your passwords in a way that they're secure across your various internet accounts.

A golden rule is that you should never use the same password twice. If one of your accounts is compromised, the hacker now has access to all of your other accounts that share that password. That's like using the same key for every lock in your house. Why would you do that?

Some password tips

  • Never use the same password more than once. Never ever. No excuses.
  • Never give your password to anyone. That's obvious though, right?
  • Never include keywords related to your personal life or your work
  • Always include lowercase, uppercase and at least 1, ideally 2 special characters
  • Longer passwords are better than shorter, complicated passwords

If you do use the same password for multiple accounts, change them. Change them now!

Malware

Malware is an umbrella term for any type of malicious software designed to exploit or disrupt any type of computer, server, client or computer network. Malware comes in all shapes and sizes: Viruses, Worms, Trojans, Ransomware, Bots, Spyware... Each is used in a different way but with one objective: to exploit you or your business for money.

One of the most common access points for Malware to get onto your company hardware is a malicious link in a phishing email. Stay vigilant and remember; if you weren't expecting the email or it just doesn't look/feel right, it's probably a scam!

We also strongly advise that you invest in the necessary anti-virus software for your company's IT infrastructure and for your personal computers.

Unsure? Take Five!

If you receive any of the suspicious communications mentioned above, just stop, take a step back from what you're doing and Take Five to think about it.

Take Five is a national campaign offering straightforward, impartial advice that helps prevent email, phone and online fraud - particular where criminals impersonate trusted organisations or individuals.

Are you Scam Savvy? Take the 9-question test on the Take Five website.

https://www.takefive-stopfraud.org.uk/

 

Thank you for reading this page!

We hope you found it useful. We created this page because we're passionate about preventing cybercrime and keeping our customers safe. We have not covered all types of fraud on this page, so it is important that you also do your own research on how to keep your business protected.

Please also be aware that we are not professional consultants in the field of cybercrime/fraud. The information on this page is purely for awareness purposes only, therefore we cannot be held responsible for any cyber breaches or scams you may encounter.

 

Think you've been targeted?

If you think you've been a victim of a scam and it is connected to our business, email us immediately at internetsecurity@leisuretec.co.uk with details and attachments.

 

Please read our Cyber and Fraud Policy in our Terms of Business.

Blog

Alpha Theta Omnis Duo - Product of the Month - July

Alpha Theta Omnis Duo - Product of the Month - July

This all-in-one system is expertly designed for ultimate portability, featuring built-in battery...
Read more
Excite AV Trusts in Cloud Electronics for Restaurant Upgrade

Excite AV Trusts in Cloud Electronics for Restaurant Upgrade

Along with a complex cabling infrastructure, Cloud’s 24-120 2-Zone Mixer Amplifier with 7 black...
Read more

News

Allen & Heath’s CQ Firmware V1.2 Takes Control to the Next Level

Allen & Heath’s CQ Firmware V1.2 Takes Control to the Next Level

Following the award winning and ultra compact CQ, Allen & Heath unveils the CQ firmware V1.2...
Read more
Martin Audio's Line-up gets even Stronger, with Third iKON Announced

Martin Audio's Line-up gets even Stronger, with Third iKON Announced

Martin Audio has announced the introduction of iK41, an advanced 4-channel power amplifier, to...
Read more