• Action Fraud is issuing a warning as reports show that fraudsters are registering domain names to look like they belong to UK university email addresses. 
   
• UK and European supply companies are being defrauded out of vast sums of money as a result of this. 
   
• Fraudsters imitating one university’s address lead to a total victim loss of over £350,000.

How the fraud works

This type of fraud, known as European distribution fraud, happens when a company from overseas (usually from Europe) delivers products to the UK, but isn’t paid for the goods or the cost of shipping.
 
Fraudsters are registering domains that are similar to genuine university domains such as xxxxacu-uk.org, xxxxuk-ac.org and xxxacu.co.uk. These domains are used to contact suppliers and order high value goods such as IT equipment and pharmaceutical chemicals in the university’s name. 
 
Suppliers will receive an email claiming to be from a university, requesting a quotation for goods on extended payment terms. Once the...

Continues, Read More...

Cyber criminals are sending victims their own passwords in an attempt to trick them into believing they have been filmed on their computer watching porn and demanding payment. 

There have been over 110 of reports made to Action Fraud from concerned victims who have received these scary emails. 

In a new twist not seen before by Action Fraud, the emails contain the victim’s own password in the subject line. Action Fraud has contacted several victims to verify this information, who have confirmed that these passwords are genuine and recent. 
 

The emails demand payment in Bitcoin and claim that the victim has been filmed on their computer watching porn. 

An example email reads;

I'm aware, XXXXXX is your password. You don't know me and you're probably thinking why you are getting this mail, right? 

Well, I actually placed a malware on the adult video clips (porno) web site and guess what, you visited this website to experience fun (you know what I mean). While you were watching video...

Continues, Read More...

• Action Fraud sees 12,372 cyber crime reports in six months.
   
• Hacking of social media and email accounts at the forefront of cyber crime impact.
   
• Protect yourself – use strong, separate passwords to avoid falling victim to hackers.

The City of London Police, the national lead force for fraud which runs Action Fraud, the national fraud and cyber crime reporting centre, has revealed that cyber crime victims lost £28 million between October 2017 and March 2018.

The cyber statistics are based on the 12,372 cyber crime reports that were made in the same six month period to Action Fraud. The City of London Police, which is a founding member of the Global Cyber Alliance, also runs Cyber Protect, its team dedicated to protecting the public and businesses from fraud and cyber crime.

The report also shows that with 4,796 reports, hacking of social media and email accounts was the primary reason for people reporting cyber crime to Action Fraud. These victims are believed to have lost a total of £11 million.

Unlike most other...

Continues, Read More...

Her Majesty’s Passport Office has teamed up with Action Fraud to raise awareness of the need to report lost and stolen passports.

Her Majesty’s Passport Office and Action Fraud have teamed up to urge people to report their lost and stolen passports to prevent unrecovered and unreported documents from being abused and used to commit identity crime or facilitate illegal travel across borders.

Almost 50 million people hold a UK passport of which just under 400,000 are reported lost or stolen each year. This represents less than 1% of all passports in circulation, yet despite the risks associated with lost or stolen passports, people are waiting on average 73 days before making a report.

Once a passport is reported as lost or stolen, HM Passport Office cancel it, and share the information within 24 hours with the National Crime Agency to record the loss or theft on Interpol’s Stolen and Lost Travel Document database.

By sharing the details of lost or stolen passports, law enforcement agencies including border and...

Continues, Read More...

How is Fortnite fraud happening?

Action Fraud has seen reports, made mainly by parents on behalf of their children, of fraudsters who are taking advantage of Fortnite gamers. In most reports, the gamer has seen an advert on a social media channel which claims that by following a web link and entering some information, they will receive free Vbucks (currency for the game). Fraudsters will ask the victim for information about their account which will then allow them to log in and create fraudulent charges. 

Fraudsters are targeting victims in many other ways. These include asking for people’s phone numbers in return for Vbucks to then sign the victim up to a premium rate subscription service, selling access to other people’s Fortnite accounts, and offering VBucks for free then actually charging for it. 

How is Steam Card fraud happening?

Action Fraud has seen a spike in fraudsters requesting Steam Cards as a way to gain upfront fees from unsuspecting victims.

Victims are being called by fraudsters, claiming to be from well-known...

Continues, Read More...

Action Fraud has received almost 300 reports in the past two days about fake WannaCry emails that demand payment from victims in Bitcoins. 
 

In reality the emails are just a phishing exercise to try and extort money. The emails claim that all of your devices were hacked and your files will be deleted unless you pay a fine to the fraudsters in Bitcoin.

Taking advantage 

• Between 1 April 2014 and 31 March 2018, 18,645 reports relating to rental fraud were made to Action Fraud.
   
• In the same period, victims reported losing £22,103,940 to rental fraud – an average of £1,396 per victim.
   
• Action Fraud is now warning potential tenants, and students in particular, to spot the signs of rental fraud when searching for a property. 

Rental fraud happens when prospective tenants are tricked into paying an upfront fee to rent a property. In reality, the property does not exist, has already been rented out, or has been rented to multiple victims at the same time. Victims will lose the upfront fee they have paid and are not able to rent the property they thought they had secured. In 429 cases, victims reported losing £5,000 or more. 

Fraudsters will often make contact with their victims online. The adverts will seem genuine and are often accompanied by photos and contact information. In some cases the victim will view the property in person, but in most cases the payment is made without prior...

Continues, Read More...

• Between 1 April 2017 and 31 March 2018, Action Fraud received 6,486 reports of ticket fraud. 
   
• In the same period, the total reported losses to victims were £3,344,835; an average of £568 per victim. 
   
• With lots of music concerts and sporting events taking place in summer, it is an opportunity for fraudsters to take advantage of unsuspecting fans.

How is this happening?

Earlier this year, Action Fraud warned football fans planning to travel to the World Cup to be cautious when buying tickets or accommodation because the event is likely to be targeted by fraudsters looking to take advantage of unsuspecting fans.

Action Fraud saw a spike in reporting in June 2017, in which 1,072 reports were made. This suggests that fraudsters are taking advantage of people during the peak season for ticketed events.

Fraudsters will pose as a website or agent for a music concert or festival, a sporting contest such as the World Cup, or a live comedian or performer. Victims will purchase...

Continues, Read More...

Nine people are to be sentenced after an investigation by Essex Police for ticket fraud involving 309 victims who were conned out of high profile sporting tickets. 

In 2014 and 2015 there were over 550 complaints to Action Fraud from people who had purchased tickets to events but never received them or a refund. 

In total the 309 victims lost in excess of £360,000 trying to buy tickets to the Rugby World Cup 2015, Formula One and the Mayweather versus Pacquiao fight.

Analysing reports 

The Action Fraud reports were assessed and analysed by experts within the National Fraud Intelligence Bureau (NFIB) who passed them onto Essex Police.  

The NFIB also sent the City of London Police’s Disruptions Team the evidence they needed to take a fake website selling Rugby World Cup 2015 tickets offline, which they did successfully. The fraudsters changed hosts and got it up and running again, but the City of London Police which runs Action Fraud, disrupted it again preventing further victims. 

Essex Police then...

Continues, Read More...

HM Revenue & Customs (HMRC) has saved the public over £2.4m by taking down websites that trick people into calling premium rate phone numbers for services that HMRC provide for free.

Fraudsters had been creating replica versions of HMRC’s website and directing the public to call premium rate numbers advertised on them. These numbers were simply call forwarding services that connect callers to HMRC, but at a significant price.

HMRC said that specific tactics and costs on each website varied, but the maximum cost of a call was £3.60 a minute, capped at £36 per call. HMRC’s own 0300 numbers are mostly free or charged at the national landline rate.

HMRC successfully challenged the ownership of these fraudulent websites and had them taken down. Analysis has shown that had HMRC not taken this action then the public would have lost over £2.4 million. 

Scams Awareness Month

This announcement from HMRC comes at the start of Scams Awareness Month organised by Citizens Advice which is running throughout...

Continues, Read More...