How can I avoid scams?
When you are looking for a website, do not type the website address in the bar at the top – type it into Google’s search bar instead. Google’s top result will be much more secure and valid because Google cares about its reputation and will always list the most verified, most visited, websites first.
The reason for this is because attackers will often create scam sites with a common spelling mistake in the domain name so that if you type it in wrong you go to their site instead. They will copy, for example, Natwest’s site exactly so you think you’re on their website but you’re not – you put your bank details in – and the rest is history.
You can check if a site is secure by clicking on the icon in the address bar like this:
You can also install an extension called WOT (Web Of Trust). This is a community based extension that gives a little green, amber or red circle next to every webpage. You can click on this circle and read comments from other people on whether the site is legit or not. Obviously green means the site is safe – this is all voted for by the public on the web.
If somebody calls you and says: ‘Hi we’re from BT or SKY or your mobile company’ however legit it can sound, chances are it is not and even if it is, the safe option is to say to them: “I will ring the company myself,” and you can Google the company and find the correct contact number on their website – or on Google itself.
If you type in the company name like ‘Natwest Contact’ you should get the correct phone number. The risk with trusting random people who ring you even if they know your name is that they can also steal more details from you by saying: “Can you confirm the name on your account,” or confirm your phone number – and then they have more of your details without even doing anything.
A lot of companies now are asking for parts of a password or pin – random digits instead of the whole thing, which is much safer because you are never telling the person your whole password or pin you are only saying part of it and an attacker would never ask for this unless they rang multiple times and asked for different parts of your pin. Which I why, again, it’s important to ring the phone number yourself.
Emails or social engineering scams are the most common and it’s as easy as clicking on a link on an email. Again, the key here is awareness – pause a second and double-check the email address the email came from. If the email address looks correct – type it into Google to check. Same with the link – type it into Google first. Even better – ask Google about what it is they are asking you to do. For instance, if it says your TV licence is due for renewal, search Google for TV licence renewal and go through the process yourself.
Please also be aware that scammers are getting increasingly clever and doing what we call spoofing – where they take a domain name and send emails from any domain they want so you might think its from This is quite rare as it’s hard to do but it’s something to be aware of.
Something else to be aware of – if someone you know has had their emails breached or hacked into – you can receive emails from what looks like from them – but isn’t. So just take a second to read the email and make absolutely sure not to click on any links. Type them into Google first.
If in doubt – ring us 01948 840102 – advice is free #StaySafeOnline