Projects providing practical help to support people tackle the growing risks posed by online crime will share a £500,000 fund aimed at ensuring a digitally secure and resilient Scotland.
Organisations including Scottish Union Learning and Community Enterprise, will use the money to provide workshops aimed at tackling scams and internet safety, deliver training to upskill under-represented groups into careers within cyber security and provide digital advice in different languages.
The projects will be targeted at specific groups, including disabled people and those with specific learning needs, minority ethnic groups, people living in areas of social deprivation or in rural or remote communities and those for whom English is not their first language.
Since 2019- 20 cyber crimes (crimes committed using the internet) have risen with an estimated 14,890 cyber-crimes recorded by Police Scotland in in 2022-23 almost twice the level in 2019-20 (7,710). This £500,000 fund is part of £1.16 million invested by the Scottish Government in 2023-24 to improve preparedness to withstand, defend against, manage, and recover quickly from cyber incidents.
Justice and Home Affairs Secretary Angela Constance said: “Cybercrime such as fraud and data theft can have a devastating impact on people, communities and businesses.
“The Scottish Government is committed to building cyber resilience within all our communities and this funding will enable many more people across the country keep themselves safe and secure when going online by supporting them to gain practical knowledge and skills to recognise and avoid cyber-attacks.
“We will also continue to work closely with Police Scotland and the National Cyber Security Centre to ensure Scotland’s public sector is resilient to cyber threats.“
Online safety is increasingly important, even for popular platforms like WhatsApp. With over 2 billion users worldwide, WhatsApp has become a favourite target for fraudsters and tactics have become more ingenious and effective than ever.
The majority of users are vulnerable when online, making it an irresistible platform for scammers. Cybersecurity experts from VPN Overview have compiled their top tips on how to recognise WhatsApp scams and how to prevent them:
What is WhatsApp fraud (friend or family emergency scam)?
WhatsApp fraud is a form of fraud in which cybercriminals pretend to be a victim’s acquaintance and then ask them for money. Currently, most of those criminals pose as a friend or family member and ask for financial help because “they urgently have to pay a (high) bill” or “they have an emergency and urgently need some money”.
Usually, the perpetrators pretend to be in a hurry, most likely to entice their victims to take immediate action. That is why this type of fraud is also referred to as a friend or family emergency scam. Sadly, on average victims loose thousands of dollars to WhatsApp scams. Age also seems to be a factor, with most of the victims being over 50 years old.
In most cases the phone number used by the criminal to commit WhatsApp fraud is unknown to the victim, yet the attached profile picture is familiar. Consequently, the victim thinks that he or she is indeed communicating with a friend or family member.
However, criminals can easily copy a photo from other social media platforms, such as Facebook or Instagram. The same applies to other information that can be used to mislead the victim. Like the vocabulary an individual may use, or certain events the individual may have posted about online (“Should’ve asked you for help when we were in that bar yesterday…”).
What are the tell-tale signs of WhatsApp scams?
Scammer creates a sense of urgency and pressures you to pay quickly.
Scammer contacts you from an unknown number.
Scammer informs about a number change and quickly talks about money.
Poor English is used in their messages.
Scammer does not want to be called.
Scammer asks for money to be transferred to an unknown account or uses an app that hides account numbers.
Tips to prevent WhatsApp fraud
Check if the number is correct if someone asks for money.
Check the language and communication style of the message.
Call the number or contact the person in a different way to verify the story.
Do not let the fraudster pressure you; think logically.
Ask the scammer a question only your friend or acquaintance would know the answer to if suspicious.
Secure voicemail with a personal code.
Never send a verification code without questioning.
Set up “2-Factor Authentication” on WhatsApp.
Remember that the tips provided above are not only important to protect yourself. If criminals manage to hijack your WhatsApp account, they can easily scam your contacts and possibly take over the accounts of your friends and family as well.
I’ve been a victim of WhatsApp fraud, what can I do?
If you have been a victim of WhatsApp fraud, it is important to remain calm and report the incident to your bank and the police.
Depending on the circumstances, it may be possible to reverse the payment, but individuals must act quickly. Wire transfers are harder to recover, and online payment services or apps can complicate the process.
Even if a refund is not issued, the bank will investigate the fraud claim to protect customers and prevent future fraud. Reporting scams to WhatsApp and AnyScam is also recommended, and national help groups for victims of fraud can assist individuals in dealing with the process and preventing future fraud.
The busiest time of year for shopping is fast approaching and there are many deals to be had. However, it’s important to keep ourselves safe from hackers and scammers that target online shoppers.
Online safety expert Chris Bluvshtein at VPNOverview.com gives his top ten tips for keeping yourself safe while shopping online during the holidays.
Stick to websites you know
You might be tempted by a Google link promising an amazing deal but before you click, look at the name. If it’s not something you recognise, don’t go there. Hackers can use similar names to high-street brands to trick you into giving up your data so double check the site is the one you know. Google also tells you if you’ve visited the site before so it’s worth taking your time and checking for those details.
Check the URL bar
Every website should have a valid security certificate and you can tell by the little padlock icon next to the URL. If a website doesn’t have one of these then don’t give your bank details or valuable information.
Check your bank statements
You might not even be aware of your details being stolen until it’s too late, but by making it a habit to check your account and statements you’ll be able to catch any suspicious activity early on. Your bank will have information on any time limits they have for fraudulent purchases, so be sure to keep an eye on your statements.
Use a password manager
The safest thing you can do is use a unique, randomised password for all your accounts. But instead of writing those down on post-it notes or in notebooks, use a password manager to keep them all in one place. Password managers lock your information behind a master password and many of them autofill the website logins for you, keeping you safe from keylogger attacks.
Don’t shop on public Wi-Fi
You might be tempted to hop onto your favourite shopping site while having a coffee at your local cafe, but that public wi-fi connection is extremely dangerous to use. Public Wi-Fi rarely has safety protocols such as passwords in place and hackers can piggyback and steal unsecured banking details and sensitive information without you knowing.
Use mobile payments
Apps like Apple Pay and Google Pay can protect your banking details so if a website accepts them, it’s best to use them instead of your debit card.
Use a credit card
If something is high value, don’t use your debit card to pay for it. Consumer law in the UK means that you could get refunds or claim your money back if your card is stolen. Credit cards also have more protections than debit cards.
Set up a temporary bank account
By opening an online only bank account such as Revolut or Monzo, you can control the amount of money you have access to with transfers from your usual account. This way, even if your details are compromised, the hacker can’t do anything to your real bank account.
Use a VPN
A VPN protects your data from prying eyes. Everything you send is encrypted so even if a hacker can see you on a network, they won’t be able to access your sensitive information. VPNs connect you to a remote server and hide your IP, using one along with any of our other tips can make your online shopping super secure.
If it seems too good to be true, it probably is!
Be careful with any adverts for amazing deals. You might never get the item or there could be hidden dangers. This old saying still rings true with online shopping.
Lisa Webb, Which? Consumer Law Expert, said: “Fraudsters are always on the lookout for new ways to part people from their hard-earned cash and unfortunately, the Black Friday sales are no exception.
“Scammers can easily set up fake websites so if you see a good offer from a company you don’t know, look online for reviews and do your research to make sure it’s genuine.
“If you think you’ve paid money to a scammer, you should report this to your bank and Action Fraud.
You may be able to claim back your money through the chargeback scheme if you used a debit card or use a section 75 claim if you paid by credit card and the value was more than £100.”
The Charity Commission is warning charities against the risk of online fraud, as a new survey found around one in eight charities (12%) had experienced cybercrime in the previous 12 months.
This follows earlier findings indicating that the pandemic prompted increasing numbers of charities to move to digital fundraising and operating, exposing them to the risk of cybercrime.
Most concerningly, the survey highlighted a potential lack of awareness of the risks facing charities online, with just over 24% having a formal policy in place to manage the risk. Similarly, only around half (55%) of charities reported that cyber security was a fairly or very high priority in their organisation.
The warning comes ahead of Charity Fraud Awareness Week, which begins tomorrow on 17th October 2022. The campaign raises awareness of fraud and cybercrime and brings the charity sector together to share knowledge, expertise and good practice.
It is run by the Charity Commission and the Fraud Advisory Panel and a partnership of charities, NGOs, regulators, law enforcers, and other not-for-profit stakeholders.
The Charity Commission’s new survey explored charities’ experiences of online cyber-attack. It found that over half of charities (51%) held electronic records on their customers, while 37% enabled people to donate online.
A greater digital footprint increases a charity’s vulnerability.
The most common types of attacks experienced were phishing and impersonation (where others impersonate the organization in emails or online). For both attacks personal data is often at risk.
There are lots of simple steps that can be taken to protect against cyber harms including changing passwords regularly, using strong passwords and two factor authentication, updating training and policies, making back-ups of your data using the cloud and making sure antivirus and all other software is patched to the latest version.
Many useful tools and resources will be available to help charities reduce their vulnerability to these crimes throughout Charity Fraud Awareness Week.
The survey also confirmed that there is an under-reporting of incidents when they do occur, with only a third (34%) of affected charities reporting breaches. It’s important that charities get in touch with the Commission where there has been a serious incident, even where there may be no regulatory role for the Commission. This helps the regulator to identify trends and patterns and help prevent others from falling victim to fraud.
Amie McWilliam-Reynolds, Assistant Director Intelligence and Tasking, from the Charity Commission said: “Online financial transactions, and online working generally, present a great opportunity for charities – whether in engaging supporters, raising funds, and streamlining their operations.
“This was demonstrated in particular during the pandemic, when the longer-term move away from cash to online fundraising accelerated. But online financial transactions and the collection and storage of personal data also harbour risk, and we are concerned that some charities may be underestimating that risk, and are therefore exposing their charity to potential fraud.
“We hope that projects like Charity Fraud Awareness Week help raise awareness among trustees and charity staff of the risks they may face, and of the advice and guidance available to support them in protecting their charity from fraud.
“Preventing and tackling fraud is not a ‘nice to have’. It is vital that every penny given to charity makes a positive difference, especially during these straitened times, when donors, charities, and those they support face mounting financial pressures.
Sir David Green CB KC from the Fraud Advisory Panel said: “Fraud is the UK’s most commonly experienced crime and much of it is committed online. Therefore, it is essential that charities take the security of their systems, information, people and money seriously.
“Simple cyber security measures can make a big difference which is why we’ve collaborated with UK police forces to offer a series of free cyber-security focussed events during this year’s awareness week.”
Charity Fraud Awareness Week 2022 will feature online events, talks and useful advice from anti-fraud experts, designed to help the third sector and charitable organisations tackle the problem of fraud and cybercrime.
HM Revenue and Customs (HMRC) is today warning customers not to share sensitive personal information online to avoid their identities being used to commit tax fraud.
HMRC is aware that criminals are attempting to obtain customers’ Government Gateway logins and other personal details, enabling them to register for Income Tax Self Assessment and submit bogus tax refund claims before pocketing the repayment.
Individuals, ranging from teenagers to pensioners, are being targeted on social media platforms by fraudsters seeking to ‘borrow’ their identities. In return, the individual is promised a cut of the tax refund ‘risk-free’.
Handing over sensitive personal information to criminals like this, even inadvertently, risks individuals involving themselves in tax fraud, and having to pay back the full value of the fraudulent claim.
Customers should therefore only deal with HMRC directly or through their tax advisor in relation to their Self Assessment tax refunds.
Simon Cubitt, Head of Cybercrime, HMRC said: “People need to think extremely carefully before they involve themselves in an arrangement like this, because if something looks too good to be true, then it almost certainly is.
“Those who get involved risk becoming the victim of blackmail, threats of violence and wider abuse of their personal information, as criminals seek to exploit them further.
“I urge anyone who may be aware of these dishonest attempts to recruit individuals into criminality, to report it us by searching ‘Report Fraud HMRC’ on GOV.UK and completing our online form.”
In addition to their Government Gateway credentials, customers may also be asked to provide details of their bank account, passport, driving licence, address, date of birth, and National Insurance number.
HMRC is working with other law enforcement agencies and social media companies to tackle criminality on online platforms.
Last month (10 February), HMRC made coordinated arrests of four individuals aged between 16 and 33 in Hertfordshire, Bristol, Derbyshire and Buckinghamshire as part of an investigation into suspected Self Assessment repayment fraud and money laundering offences. Investigations are ongoing.
Recorded crime remains at one of the lowest levels in nearly 50 years, according to the latest annual statistics.
Official figures show that the total number of crimes recorded by Police Scotland in the past year was 246,511 – one of the lowest levels of recorded crime since 1974.
Overall, that figure is down by five crimes from the previous year. However, taking into account the 20,976 crimes recorded under Coronavirus related legislation, compared to just 107 towards the end of 2019-20, other crime categories have collectively decreased by 8% in the past year.
Between 2019-20 and 2020-21 recorded crime fell in four key areas:
non-sexual crimes of violence decreased by 4%, from 9,316 to 8,972. This includes the recording of 1,641 crimes under the Domestic Abuse (Scotland) Act 2018 in 2020-21, the second year this legislation has been in place
sexual crimes decreased by 2% from 13,364 to 13,131
crimes of dishonesty decreased by 19%, from 111,409 to 89,731, the lowest level since 1971
fire-raising and vandalism decreased by 10% from 47,731 to 42,964. The recording of these crimes is at the lowest level seen since 1975
The National Statistics Recorded Crime in Scotland 2020-21 bulletin – which includes a new chapter on cyber-crime – estimated that 14,130 cyber-crimes were recorded by the police in Scotland in 2020-21, almost double the 2019-20 figure.
Part of this increase may be due to the significant impact of the Coronavirus (COVID-19) pandemic, including behavioural changes such as increased online shopping.
Justice Secretary Keith Brown said: “By all main measures crime, including violent crime, is now considerably lower than it was a decade ago, with fewer victims.These statistics show how crime in areas like vandalism and dishonesty – the sorts of crime that affects peoples’ everyday lives – has fallen, with levels not seen since the 1970s.
“There is still work to be done as the figures on cybercrime show – which is why we have this year published a prevention, awareness and enforcement strategy to make Scotland an inhospitable place for scammers.
“And while COVID-19 has no doubt had an impact on the figures, recorded crime was on a downward trend beforehand and through the measures we recently announced out in our Programme for Government – we will continue to make Scotland a safe place to live.
“It sets out how we intend to transform the way in which justice services are delivered, moving away from the use of custody for those who don’t pose a risk of serious harm, while protecting the police resource budget in real terms for the entirety of the Parliament.
“Overall, these very positive trends are testimony not just to the hard work of Police Scotland but to the vital support the Scottish Government has put in place to enable officers to do their jobs effectively.”
Police Scotland is asking people to be aware of an email scam currently circulating where fraudsters are threatening to publish online footage of victims.
The scam involves emails being sent to people with the suspect claiming to have video footage of the recipient watching pornography. The suspect is then demanding payment in bitcoin, threatening that failure to do so will result in the video being published. This is known as sextortion.
Sixteen reports were made to Police Scotland overnight on Thursday 9 April 2020, with the latest number rising to 96 reports by Tuesday 14 April 2020. The reports have been from people across every police division in Scotland.
Detective Inspector Michael McCullagh, of cybercrime investigations, said: “These type of scams aren’t unusual however this particular suspect or group has used a similar method and wording in every email and in greater numbers than we normally see.
“The emails show current or legacy passwords belonging to the victim, making the threat seem credible. This is a tactic used by criminals to alarm potential victims.
“Awareness is crucial to avoid becoming a victim to this type of crime and I would encourage people to recognise this. Don’t make any payment, don’t reply to the email and take measures to enhance your security such as changing your passwords.”
Further details on this type of crime and how to protect yourself can be found here:
In a step to stop scammers in their tracks and keep the public’s money safe, senior politicians, security specialists and Police Scotland joined Royal Bank CEO Ross McEwan in Edinburgh to present a united front in helping to keep Scotland safe from the growing impact of fraud and cybercrime.Continue reading Stopping the scammers: united front to tackle fraud
