Fake Irish Water emails and six other common online scams
Fake emails looking for personal details, the ‘chief executive scam’ and the Wangiri fraud are among the most common cons going. Don’t say you weren’t warned
Illustration: Getty Images
You would almost feel sorry for the scam artists who chose Irish Water as their phishing bait. Bogus promises of tax back or fake offers of cheap electricity or the lure of free holidays somewhere lovely are one thing, but how many of us would race to give the State’s most toxic utility more information?
The scammers hoped there would be loads of us when they targeted Irish Water customers as recently as last week with a hoax email seeking confidential details. The email looked pretty legit, as emails of this nature are designed to do. It claimed Irish Water was performing annual account maintenance and needed more information from recipients, who were asked to follow links that would take them to a dodgy site.
Although the utility being used as bait was new, the phishing scam is anything but. It is among the most common frauds around, and you really should not allow yourself to be caught out. A good rule of thumb is to ignore all emails seeking personal or financial data: no reputable company will ever ask for it.
The other rule of thumb is to make sure that if you do follow a link in an email, always, always, look at the address bar of the website you are taken to. It will quickly reveal the bona-fides or otherwise of the correspondence.
Also, never open an attachment from a dubious source. And if you get an unexpected email from an acquaintance with some obscure reference to an attached document they think you might like to see, don’t open that either. It almost certainly contains a virus.
We came across a devilishly clever holiday rental scam recently. This one was targeted at tourists travelling to Ireland, but similar scams operate all over the world, so do not let your guard down. In an era of DIY holidays and Airbnb deals, people are used to sourcing accommodation directly from owners, but familiarity can lead to complacency.
This scam involves criminals setting up what looks like a kosher website offering holiday homes for rent. All the properties have proper descriptions, the pictures are bright and clear, the agency has a physical address and a landline telephone number and a personable person at the end of all the email correspondence.
The only problem is the scam website does not own or have any connection to any of the properties it has listed on the site. They take your booking, and you transfer money to their bank account, but when you arrive at your destination the address is either completely fake or it does exist but the people living in the property have no idea what you are talking about.
The easiest way to avoid being conned in this way is to use well-established, reputable sites. Never use Western Union any money-wiring service, unless you actually know the person you are sending the money to.
Never transfer money to a stranger’s bank account. Having the Bic and Iban number of a person you are dealing with might seem more secure than wiring money but it is not. Criminals buy up dormant accounts on the dark web and use them to collect buckets of cash before transferring it to untraceable accounts. Before making bookings, google websites to see if anyone has had a negative experience of the site and run it through scam madviser.com. This service is not perfect but it will alert you to the dodgiest of websites.
And make payments using only PayPal or your credit cards. If you follow this advice, and things go wrong, at least you have some comeback. If you transfer money, you are on your own.
You’re not the boss of me
The chief executive scam is one of a new generation of scams that very carefully targets and exploits information gleaned from social networks to hit small and medium businesses and the people who work there.
Scammers use sources such as LinkedIn to find out who the chief executives and senior financial and admin staff are in particular companies. Then they send bogus emails from the bosses they have identified to key named employees instructing them to transfer money into certain bank accounts. A sense of urgency is injected into the mail as well as a demand for secrecy. The transaction is highly confidential, the recipient is told.
All sorts of psychology is at play here. The mail is addressed to a named individual and comes from a named employer. Staff are much more likely to act on the instructions of their boss than a random stranger or some Arabian princess with a suitcase full of oil money.
The FBI’s internet crime centre has been investigating “business email compromise” scams over the past couple of years. By its estimate, nearly 10,000 companies have been hit in the past two years, with cumulative losses of as much as €1 billion. And that is just what the authorities are aware of. Given the reluctance many people have about admitting they have been conned, it is likely the losses are much higher. And given the relative newness of the scam and its cleverness, more people are likely to be duped in the months and years ahead. Make sure you are not one of them.
‘Free trials’ and tribulations
This pernicious – if not always very costly – scam relies on our vanity and our love of free things. Ads on popular social networks and search engines frequently offer “free” trials of miracle creams or diet pills. The promises are big and bold, and unsuspecting victims pay a postage fee to get a free sample of a product. But buried in the terms and conditions is a clause that states that unless you cancel within a short time period, you will be billed every month for the full cost of the product.
Then there is the Wangiri fraud. This involves ne’er-do-wells leaving missed calls from mysterious numbers on your mobile, and when you return the call either your credit will be drained or your bill will be hit hard. Last week the calls were coming into Ireland from Somalia, which has the international prefix 252. When you call the number, the scammers will try to keep you on the line. They may create the impression you have a crossed line, with something juicy playing on the other end, or maybe you will be left on hold. The scammers profit from having you call their premium rate number. The easiest way to avoid being caught out is not to call international numbers back unless you recognise the number – or even the country. If the call is legitimate, the caller will probably call you back or leave a voicemail.
Free at last
There are all sorts of very unofficial websites that offer services they have no business offering and then charging people for the privilege. You never need to pay for a European Health Insurance Card. If you are organising a driving test, you don’t have to pay to make a booking. So beware of nonofficial websites that try to charge you “administration fees”. Always make sure you are on the official website of the organisation, and remember the first couple of rankings in search engines are often paid for.
Tickets to cry
Given the season that’s in it, there are sure to be a lot of offers of tickets to Euro 2016 games. Electric Picnic is sold out, so tickets will be much-sought-after. Take all offers with a pinch of salt and check out their legitimacy before parting with any money. If you don’t, you could end up with no tickets and no money.