In 2017, according to Norton Security, there were 18 million victims of email fraud (phishing) in the UK, each one of those had to spend an average of 15 work hours dealing with the aftermath. ActionFraud estimates the average loss at £600.
Here at Reassura we spend quite a lot of time looking at other people’s suspicious emails and so you would think that when I received one it would be very easy. Well, not always….
Last Wednesday I received this personal email:
Now on the positive side, it was addressed to me personally and had my membership number on it.
On the negative side it had some of the classic phishing email giveaway signs:
- The email address it came from was quite complicated email@example.com, fraudsters often use a legitimate organization’s name in the email address.
- They are asking me to update my bank details online, fraudsters love sending fake emails asking for bank details
- There is a link which when you hover over is again quite complicated and difficult to immediately see if it is the genuine site.
So, having established that it’s a fake, I called Vitality and warned them of the scam, and how worryingly it had my policy number on it, did they have a data breach?
Imagine my surprise when they turned around and said, its not a fake, but a genuine email and would I be kind enough to update my bank details.
So, what did I learn from this?
- Any unexpected email from a complex email address should be looked at further
- Any email asking for your bank details or giving a change of bank details for someone you’re paying should be looked at further
What does look at further mean? Sometimes the only solution is to call the organization or individual that sent it. When you do this always find their number from Google or a directory, never use the number on the email.
For more tips on how to avoid Phishing Fraud please read the Reassura Guide to Phishing.
And remember, Reassura’s Fraud Advisors are trained to helps members avoid fraud. Call 0800 888 6400