Advice around some of the fraud types that are circulating at the moment.
DVLA Used in Phishing Campaign:
Online resources, namely Which?, have identified a phishing campaign where threat actors are impersonating the DVLA to steal personal information by claiming that the victim has unpaid vehicle tax. Many of the emails also use the Gov.uk logo to appear genuine.
Urgent Warning Issued to Those With an Amazon Account:
An urgent warning has been issued to anyone with an Amazon account by consumer rights experts. It comes after a wave of reports about customers being sent fake text messages from fraudsters claiming to be from the company. The fake texts say there has been an 'attempted log in' and asks customers to follow a link to secure their account. One of the texts reads: "Amazon: We detected a login into your account from a new device on 27/09/2022 at 15:10:08 UTC. If this wasn’t you, you can terminate that session via: [https://checkup-amazon.com]." Another text can say: "From Amazon - A new login has been attempted from IP address: 82.966.81.27 (Ipswich). If this was NOT you, secure your account immediately. [amazon-logins.com]." It says that when individuals entered their details, they were taken to another "convincing" fraudulent webpage asking for a name, date of birth, mobile number, home address and email address.
Dropper apps on Play Store targeting over 200 banking and cryptocurrency wallets:
Researchers at ThreatFabric have discovered five malicious dropper Android apps within the Google Play Store, distributing banking trojans such as SharkBot and Vultur. The malicious apps have been downloaded over 130,000 times and can steal financial data and performing on-device fraud. Google has increased its security features in the Play Store to stop malicious apps being hosted, however this is an increasing popular attack vector and researchers state that malicious apps are constantly evolving to avoid Google’s security measures
Scammers Targeting Customers with Misleading Christmas Deals:
As the cost-of-living crisis continues and members of the public worry about funding for the upcoming Christmas period, fraudsters are reportedly increasing efforts to steal money on online shopping websites. Many of these deals are “too good to be true” and victims are left with either nothing or with a product that is not what they paid for
Potential for British Gas Reward Scheme to be Exploited by Fraudsters:
British Gas has announced that they will offer an incentive to customers for off-peak energy use. There is the potential such a scheme could be exploited by fraudsters, with them targeting individuals with phishing and smishing messages. This could include members of the public being requested to fill in their personal information to enable this incentive to be released to them. These credentials or personal details could then be used by threat actors to perpetrate further frauds.
Deep Fake Technology Use Identified:
AI created synthetic audio-visual impersonation, also known as ‘deep fakes’, have been an emerging technological trend over the last few years. In recent months, reporting to Action Fraud indicates that deep fakes are being used as part of social media account takeover. Within Cyber NFIB codes in 2022, there are 32 reports in which suspects have used deep fake technology to impersonate a victim as part of a fraud or cyber offence committed on social media sites. Within these reports, there are two primary ways in which deep fakes have been used: creation of deep fake pornography to ‘sextort’ a victim; creation of a video in which a victim appears to promote a fraudulent investment opportunity. In both of these situations, deep fakes are used to enhance the credibility of the extortion/fraud. Using deep fakes to enhance an existing fraud is similar to an emerging fraud identified by the FBI named ‘business identity compromise’ (BIC). This refers to the use of deep fakes to impersonate members of an organisation, either for the purpose of CEO/mandate fraud or to cause reputational damage to the organisation. A UK firm has, in 2019, fallen victim to precisely this form of attack; an audio deep fake of the CEO was used to commit CEO fraud.
Missing Cost-of-Living Payments From DWP Could Be Exploited By Fraudsters:
A survey carried out by BirminghamLive has found that 13% of eligible people were yet to receive the £326 payment due in July, and 34% have not received the £150 disability payment due in September. In addition, 53% say they have not yet had the £66 first instalment of the £400 energy rebate from electricity firms16. While the Department for Work and Pensions stated that they were continuing to manually process payments where the automatic payment bounced back or was not processed is the potential that those who are desperate for these funds could be targeted by scammers or be influenced to commit fraud themselves.
UK anti-fraud efforts have failed and need ‘wholesale change,’ lawmakers say:
In a report published last week, the House of Commons Justice Committee stated that the British government’s response to fraud needs “a wholesale change in philosophy and practice’. The report detailed how law enforcement agencies and other stakeholders have structurally failed to stop digital crimes and lack adequate resources to address the issue, stating a 25% increase in reported fraud cases, more than half of which are driven by cybercrime. The committee noted that only 2% of police funding is dedicated to combating fraud despite it accounting for 40% of reported crime.
Supermarket Gift Card Scams (Monday 3rd October and Tuesday 18th October 2022):
277 reports for the reporting period were sent to recipients purporting to be from the most popular supermarket chains in the UK.
The scam offers recipients a gift card voucher in exchange for personal information by participating in an online survey. This Protect alert is relevant and timely, especially with the ongoing cost-of-living crisis.
These emails display the subject header: “Supermarket gift card for you £1000 for your next grocery!” and features a link for recipients to click and claim their gift card. It’s a phishing email that provides an opportunity for offenders to collect and steal personal and financial information.
These emails look authentic and convincing especially as they contain hyperlinks and brand logos.
This phishing scam uses the same MO seen throughout the year, but with a slight change in the title of the email subject header, content, design template and wording.
The email address used by offenders to send out the emails was email@example.com, which is a “uk” domain email address. This email address is also connected to other phishing themed attacks, such as, “GET A CHANCE TO WIN DYSON V11”, purporting to be from Argos. A high volume of reports were also reported as related to this latter campaign.
Report to Action Fraud: