Fraud / Phishing 

Internet Auction Fraud
Internet auction sites like eBay and Yahoo provide a useful service for the public.  However, like other areas of business, they have become the targets of fraudsters, with several thousand would-be traders falling victim every year.

These sites work as facilitators for transactions between sellers and buyers. Sellers post items for sale with terms and conditions set, and potential buyers make ‘bids’. The person who makes the highest offer within an allotted time wins.  Arrangements are then made between the two parties for payment and delivery of the goods.

Payment is often arranged through an escrow service.  These services hold the buyer’s payment in trust until the goods have been received and checked.  The buyer then authorises the escrow service to release the payment to the seller.

Internet fraudsters operate in a variety of ways including the following:

‘Invisible goods' fraud

The buyer sends the payment, but no goods are delivered and inevitably, the seller cannot be contacted, as false details were originally given.  Using a legitimate escrow service can help protect the buyer from this type of fraud.

Non-Payment fraud

Buyers can also fail to pay. This can happen where the seller agrees to payment after delivery.  It can also occur if a stolen credit card is used to make payment to an escrow service, and this is not discovered until after the goods are sent.
Please bear in mind that this is different from the case where there is no payment made as a result of a dispute between buyer and seller. This is a civil matter.

Phishing

Phishing is a type of identity fraud in which fraudsters ‘fish’ for your personal details.

A fraudster will make contact with you claiming to be from your bank, or another organisation which deals in financial transactions. Contact is usually made by email, although instant messaging and phones are also used. 

A typical message will inform you that you must update your account details. A link will be provided which, if clicked on, will take you through to a bogus site. If you reveal your information here, the fraudsters will capture it and be able to use your personal data to access your accounts.

Banks lose millions of pounds as a result of this type of fraud.

NO UK bank offering internet banking will ever contact customers or ask for personal information in this way. Do not be fooled.

Avoid Being Duped

Do not respond to unsolicited emails asking for passwords and account details.
Look at the address the message was sent from, but be aware that phishers can create fake entries.
Be wary if the message is not sent to you personally, but rather, is for ‘Dear Customer’.
Watch out for odd spellings, dodgy use of capital letters and poor grammar.
If you do follow the link – check out the site’s address and, if genuine, it will include a small padlock in the bottom of the browser window.

To log onto internet banking – open your web browser and type the address in yourself.
Protect your computer – use anti-virus software and keep it up to date.
Install and learn to use a personal firewall.
Download the latest security updates.

Most email sites have filters - the following should assist you to recognise any that pass the filters. 

1) Be wary of e-mails asking for your personal information.  
 
Any e-mail asking for your name, birth date, e-mail username, e-mail password, or any other type of personal information, no matter who the e-mail appears to be from, is almost certainly a scam.

If you have any reason to believe it may be legitimate, do not reply to the e-mail or click any hyperlinks; instead copy and paste the web URL or go to that company's website for contact information. Don't hesitate to contact the company's support channel to confirm legitimacy.
 
 
2) Carefully read e-mails that appear suspicious.  
 
E-mails that are poorly worded, have typos, or have phrases such as "this is not a joke" or "forward this message to your friends" are generally scam e-mails. Sometimes company names or brands are misspelled or inaccurate. 
 
 
3) Protect your Emaill password.  
 
Create a strong password for your Email account by using more than 7 characters and having a combination of upper and lower case characters, numbers, and special characters, like the @ or # symbols. It's also a good idea to change your password on a regular basis. 

If you receive a notification from your Email support team confirming your request to change your password and you haven't recently changed your password, that's a signal that someone else may be trying to gain access to your Email account, and you should immediately change your password.