Fraud Focus – Delivery scams, phishing in online gaming, adware-infected apps and students targeted by fraudsters

Cifas, the UK’s leading fraud prevention service, is highlighting the latest fraud threats, and warning the public to stay vigilant of the ever-changing tactics that scammers are using to extract money and information.

Packlink delivery scam

Phishing and smishing messages claiming to be from delivery companies continue to target the public. The latest scam messages are impersonating Packlink , claiming that a customer’s chosen courier (UPS) has several undelivered parcels and owe an additional cost of £60 to have them delivered. People are told they only have seven days to respond using a link where they are prompted to enter their personal details.

Cifas is reminding the public to remain vigilant to unsolicited text messages informing them of undelivered or missed delivery packages, and never to click on links included in these messages. If the message purports to be from a known and trusted organisation, visit their website via search engine, making sure to use our Check a website tool to double-check the website is safe. If you believe you’ve received a suspicious text, forward it to 7726 for the National Cyber Security Centre to investigate. So far, 15,000 scams reported this way have been removed as of August 2022.

Phishing in online gaming

According to researchers at Kaspersky, most gaming-related malware is targeted at games frequently played by children, with Minecraft and Roblex the most popular. Researchers note that children are more likely to be targeted owing to them having much less knowledge of cybersecurity.

Parents are being urged to increase their security by adding parental controls to game purchases, and restricting purchases to verified, trusted platforms. Researchers noted that when downloading games from untrustworthy sources, players may receive malicious software that can gather sensitive data like login information or passwords from their device, potentially putting the entire family’s data at risk.

Electronic devices contain a wealth of information about individuals which can then be stolen by criminals and used to commit subsequent crimes, such as identity fraud, or to seize control of accounts and make unauthorised transactions. If you believe you’ve been a victim of this scam, report it to Action Fraud on 0300 123 2040 or Police Scotland by dialling 101. GetSafe Online has some great resources on how to stay safe playing games online.

Adware-infected apps

Researchers have found ten adware apps on the App Store allegedly engaged in ad fraud.

The apps were designed to generate revenue by impersonating legitimate apps and presenting a deluge of ads to iPhone users. Although the apps have now been removed from the App store, if previously downloaded, users are advised to remove them from their phones immediately, to avoid rapid battery drainage and increased internet data usage.

• Loot the Castle - com.loot.rcastle.fight.battle (id1602634568)
• Run Bridge - com.run.bridge.race (id1584737005)
• Shinning Gun - com.shinning.gun.ios (id1588037078)
• Racing Legend 3D - com.racing.legend.like (id1589579456)
• Rope Runner - com.rope.runner.family (id1614987707)
• Wood Sculptor - com.wood.sculptor.cutter (id1603211466)
• Fire-Wall - com.fire.wall.poptit (id1540542924)
• Ninja Critical Hit - wger.ninjacriticalhit.ios (id1514055403)
• Tony Runs - com.TonyRuns.game

Cifas is reminding iPhone users to only download trusted apps from known developers and to check smartphone bills regularly. Members of the public should consider running regular anti-malware scans on their devices to check for any malicious software.

Students at risk of being targeted by fraudsters

As the new academic year gets underway, Student Loans Company (SLC) are warning students to be vigilant of fraud and phishing scams. SLC is warning freshers and returning students to not be tricked into disclosing personal details or clicking on links in emails or text messages which could result in them downloading malicious malware. In the last three years alone, SLC’s dedicated Customer Compliance teams has stopped £1.2m being lost to fraudsters from students’ bank accounts.

Students are being reminded to stay alert to scams and ‘too good to be true’ offers and to think before they click on any links. Students should be mindful of the information they share about themselves online to guard against identity theft. More recently, Cifas has seen reports of fake tax rebates targeting students in an attempt to trick them into sharing their personal and financial information. Amber Burridge, Head of Intelligence for Cifas, said:

'Criminals are always trying out new tactics to snare consumers as the cost-of-living crisis shows no signs of abating. Quick to take advantage of parcel delivery as well as recent trends in gaming, fraudsters are also targeting students as the new academic year gets underway.

'Fraudsters continue to look for victims from whom they can steal money and personal information which can be used to commit further fraud. Stop and think carefully before parting with your personal or financial details, only a fraudster will try to rush or panic you.

‘Remember to only download or visit apps from trusted sources and developers and be wary of ‘too good to be true’ offers, especially at a time when household budgets continue to be squeezed.

‘No matter how an offer comes to your attention, there are very few occasions where there is a legitimate need to hand over your bank details. Think carefully before responding to unsolicited texts or emails, and always challenge requests for personal or financial information.’

Anyone who believes they have been the victim of a scam should contact their bank or financial service provider immediately and report the fraud to Action Fraud on 0300 123 2040 or www.actionfraud.police.uk.

ENDS

Notes to Editors

For more information, please contact
Ione Gyamfi
Press and Public Relations Manager
ione.gyamfi@cifas.org.uk
(+44) 020 4551 7956

Contact us at press@cifas.org.uk