With growth of digital services, and greatly increased online activity this year we’ve grown so comfortable with using the internet and giving out personal details online, whether its to order an Uber, Deliveroo or do some online retail therapy, it’s easy to forget there are people out there who are up to no good. While the majority of sites and apps are legitimate, unfortunately digital scams are amongst the most prevalent types of crime in the UK.
To make sure you and your personal data remains safe, we thought we’d refresh you with the do’s and don’ts of online safety.
Beware of being baited in to a phishing scam
Phishing emails are one of the most common online scams. Phishing scams aim to trick you into handing over sensitive information or open attachments/web-links to malicious content and come in the form of emails, phone calls and text messages. Scammers will contact you, disguised as legitimate businesses, claiming you need to provide or confirm personal details. They may also attempt to obtain your IT account details.
How do I spot and avoid them?
- Check the sender address directly matches the official email address
- Watch out for poor grammar/spelling
- Be wary of threats demanding you take action immediately
- Don’t open attachments or links from a suspected scammer
- Report all phishing emails to IT Services
Emails from outside the University
IT services are also taking steps to help warn you against potential phishing emails. Soon all emails sent to your University email account from outside of the University will come with a message warning you to take care. The message will appear at the top of the email and will look like this:
The change will be to all University email accounts on Microsoft 365 (formerly known as Office 365), which is all students, and the majority of staff.
The introduction of the warning message will ensure that everyone is aware and cautious of emails coming from outside the University, making it easier to spot malicious emails claiming to be official University communication.
If you receive a suspicious email, do not click on any links and do not reply, but let IT Services know by sending the phishing email as an attachment to firstname.lastname@example.org.
If you’re worried you’ve been scammed, phone the IT Support Centre immediately on 0161 306 5544 (available 24/7).
For phone calls:
Avoid calls from unknown numbers
If you answer, take the caller’s name and tell them that you’ll call them back. A legitimate caller should have no problem with this, but only call a number that can be found on an official document, not the number they used to call you.
Search the number online. Lots of websites actually log spam numbers based on other people’s reports.
Don’t be pressured into giving any information immediately even if they say it’s urgent.
Avoid fake shopping websites and formjacking
The Internet is a great thing! And has been pretty invaluable over past few months. Nowadays you can pretty much get anything delivered straight to your door. However, you may be tricked into buying products from a fake website which doesn’t deliver what you purchased or provides you with counterfeit goods.
Another common scam is now formjacking – a new cyberthreat that steals credit card information. This can happen when a legitimate e-commerce website is hacked (without the owners knowing), allowing cybercriminals to redirect you to different URLs in the payment process that look similar but actually steal your information.
How do I spot and avoid them fake websites?
- Always check the domain name. Fake websites may use the brand or a product name in their domain to trick you into believing it’s legitimate e.g. http://www.discountadidas.com
- If the prices seem too good to be true, then they probably are
- Look out for the returns info and policy. A legitimate website will give you details on how to return an item or delivery FAQ’s
- Read online reviews to find out other customers’ experience with the company
How to spot formjacking?
- As you enter the webpage to put in your card details double check the URL to make sure you are still on the exact same website you came from.
- The URL will often have only been changed very slightly – like adding or taking away a single letter – so check carefully.
Don’t be a money mule
Students can sometimes be tricked into money laundering, an illegal activity in which they are given money and then asked to transfer it from their bank account to another whilst gaining a small fee for doing so. You may be roped into doing this in a number of ways, for example being offered a job as a ‘Mystery Shopper’ or ‘Payment Processing Agent’. If you’re caught doing this, you could face a prison sentence of up to 10 years, as well as being put at risk of ID fraud even if you didn’t know that what you were doing was illegal!
How do I spot and avoid them?
- Avoid and decline requests from people who want you to transfer their money from your account
- If you’re offered a job that you may be suspicious about, talk to the Careers Service so that they can look through it for you
- Don’t be pressured in to sign up to anything you do not fully understand
- If you do feel pressured, you can always contact the police for help and advice
Don’t forget to visit our the Student Support website for more info on scams and risks that you may be vulnerable to as a student. Visit our webpage for more information.