With the Royal Mail warning customers earlier this month that postage will be affected by striking workers, scammers have been seizing the opportunity to trick unsuspecting victims waiting for their parcels. Phishing attacks related to missed deliveries continue to be prevalent, making it vital to know what to look out for now more than ever.
The Royal Mail scam is simple, an email is sent out claiming that the person has missed a parcel or that it is being held. They are then redirected to a website that looks like the Royal Mail’s official site to arrange delivery.
They then have to enter their details on the site and depending on the version of the scam, they could either be asked to pay a small fee or call a premium rate phone number.
Jacco, computer security expert at Next Day Delivery, said: “This scam is known as a phishing scam and if you are waiting for a parcel or have ordered many gifts online this month then it’s easy to fall for.”
He continued: “The easiest way to tell if these emails are legitimate is to check the sending address of the emailer. You can do this on your computer or your phone by clicking on the person’s name.”
READ MORE: Martin Lewis scam ‘stealing money and personal data from thousands’
Verification code hijacking
Another common scam circulating is a malicious caller posing as a bank or another company with whom a person holds an account.
Mr Bulvshtein explained: “They’ll tell you there’s a problem with your account. They’ll then say that they’re sending a text message to you, with a code to prove your identity.
“By posing as an official company, they turn the tables on you. You’re put on the spot and expected to prove who you are. Actually, they’re the criminal, and they already have your password.”
He went on to say that the code the person might be handing over “will allow them to process a payment or log into your account” with two-factor authentication before warning that unfortunately, “many companies will no longer refund customers who willingly handed over a security passcode.”
Mr Bulvshtein suggested: “Be sure to use a password manager to create strong, secure, and unique passwords. Set up two-factor authentication on your essential, high-risk accounts, such as bank, credit, and shopping websites.”