23 September, 2020
Since the property market reopened in May following lockdown, conditions have been ideal for buying, selling or renting a home.
But unfortunately it isn’t just buyers and sellers who have returned to the market – so have criminal scammers, seeking to take advantage of people transacting in the property market.
With the stamp duty holiday ending on 31 March 2021, property sales need to be agreed soon to allow the necessary time for a purchase to go through.
Many buyers and sellers are feeling the pressure as we now head into the autumn to ensure they find the right buyer or property in the next few months but be careful because buying in haste may expose you to scams unnecessarily.
So, what are some of the most common scams we see that you should be aware of and how can you best protect yourself?
Pharming, Phishing, Vishing and Smishing
These may sound a bit like outdoor countryside pursuits, but these are the names given to some of the most common styles of online fraud being seen at the moment.
Pharming is the re-direction of users to a fake website, impersonating a genuine one. Sophisticated scammers produce website replicas which can mirror image the genuine site, lulling internet users into a false sense of security.
They can then use this fake website to steal personal or financial information or download malicious software onto your computer.
– Always type in the address manually, avoid following links
– Be aware for any details which make the website appear ‘off’, double check the address in the address bar after arriving at the site and make sure it’s spelled correctly to see that it matches the site you should be on, be alert if the website asks for information which it doesn’t normally
– Check that the website has a lock icon in the address bar. This indicates that it is a secure website. Clicking on the lock should display an up to date security certificate and the address should start https
– Use security software to ensure the sites you visit are trustworthy.
In a typical phishing attack, scammers send fake emails to thousands of people in what’s one of the most common forms of online fraud. Essentially, attackers are looking for victims to reveal personal data to them.
They might try to trick you into sending money, steal your details to sell on, or download malicious software to your computer. They could be trying to get your bank account or card details, phone number, or login details to certain websites.
Their ultimate aim is to usually find a way to access your online bank account or e-wallet to give them the opportunity to withdraw funds to their own accounts.
These types of scams work on social engineering – emails will be sent out that play on the recipient’s emotions. Examples include suggesting you’ve won a large sum of money, sending out ‘time-limited’ too good to be true offers to products, or including attachments or hyperlinks which contain viruses.
Phishers are able to send emails imitating the ‘Mail From:’ line, adding a layer of seeming legitimacy to their fraudulent activity.
– Only ever open emails you know to be from a reliable source.
– Check very carefully sender addresses, they are often very similar to genuine ones, but will have a very small difference in spelling; and hover your mouse over the email address, that way you will see the real address it has been sent from not whatever address the scammer has spoofed.
– Never send personal information over email.
– Don’t open attachments or click on hyperlinks without double checking them first. In particular the file extensions .exe, .msi, .bat, .pif, .com, .vbs, .reg, and .zip extensions most commonly install malicious software.
Similar to phishing, but done via a phone call. Vishers (a combination of voice and phishing), will often call posing as a manager from your bank, building society or even a member of the police.
Vishing uses verbal scams to trick people into doing things they believe are in their best interests. They may try and panic and frighten you into trusting them so you hand over your information without being able to think it through too much.
For example, they may say that large sums of money are currently being moved out of your bank account and they want to check that it is you.
Obviously, it won’t be. They will reassure you that they can stop and reverse this instantly by confirming a few details with you such as name, address, password, bank account details etc.
This type of scammer is becoming increasingly sophisticated and the fraudsters can use technology to spoof any number to appear on the caller ID display on your phone such as your bank. They may also suggest, if you seem hesitant, that you hang up and call them back on a number they provide.
– Never give out personal or financial information over the phone. Your bank, building society or credit card provider will never ask for you to provide full details and they will never ask for your full password.
– Don’t panic and believe what you’re being told, there will always be time to verify details. Hang up and call back on a number you know to be genuine. If possible, call them from a different phone line or from a mobile phone.
Smishing is fishing for information via SMS (or text messages), and most commonly involves being sent a text message that contains a malicious link or instructs you to make a phone call to a specified number.
This has become one of the fastest growing personal security threats as more people become wary of emails and so more diligent in checking attachments and links, but tend to trust text messages more.
Once again tricksters use social engineering to either panic or win people over and like vishing they can mimic who the message is from, making them appear to be genuine.
Messages will often claim to be from your bank asking you to text or call back, this often leads to extortionate charges being applied to your phone bill. They can also contain malicious links, or may ask you to reply, providing personal or financial details.
Indeed, criminals are now using the publicity around Coronavirus as a chance to pose as a genuine organisation, including banks, police officers, government or health service providers. Often the criminals are pretending to offer help and guidance, or claim they are dealing with an issue as a result.
– Never respond to a text providing personal details, even if it appears to be genuine
– Recognise threats of financial issues or offers that seem too good to be true for what they really are
– If in doubt, call the correct number of the organisation or individual from whom the text claims to have been sent, to check its authenticity
– Remember that even if the text message seems to come from someone you trust, their number may have been hacked or spoofed.
If you are feeling under pressure to complete your purchase, sale or rental, you may act hastily, show less caution than normal, or pay less attention in order to hurry things up.
But while everyone wants an efficient transaction, don’t let that come at the cost of your new home or your money.
Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.
Challenge: Could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Protect: Contact your bank immediately if you think you’ve fallen for a scam and report it to Action Fraud.
This article was first published on OnTheMarket.
|CookieConsent||https://www.clc-uk.org/||Stores the user's cookie consent state for the current domain||1 Year||HTTP|
|_ga||https://www.clc-uk.org/||Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||1 Year||HTTP|
|_gat||https://www.clc-uk.org/||Used by Google Analytics to throttle request rate||Session||HTTP|
|_gid||https://www.clc-uk.org/||Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||Session||HTTP|
|collect||google-analytics.com||Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.||Session||Pixel|
|GPS||youtube.com||Registers a unique ID on mobile devices to enable tracking based on geographical GPS location.||Session||HTTP|
|VISITOR_INFO1_LIVE||youtube.com||Tries to estimate the users' bandwidth on pages with integrated YouTube videos.||1 Year||HTTP|
|YSC||youtube.com||Registers a unique ID to keep statistics of what videos from YouTube the user has seen.||Session||HTTP|