Wendy and Helen S
Updated May 2016
Scams no longer target just the easily-duped. They still come in letters, texts and calls, but more crooks are now looking online for the chance to get their hands on your hard-earned cash.
This guide explains what to look out for, how to protect yourself, and what to do if you're a victim of a scam.
In this guide
What are scams?
Scams are fraudulent schemes that dupe people into parting with their personal details and/or cash. They've been around for as long as we can remember, but they're no longer confined to shady door-to-door salesmen or dodgy second-hand car dealers.
Scammers now frequently target people through emails, online banking systems, text messages and online transactions. While fraud is becoming ever more sophisticated, people are still getting caught out by traditional scam letters and phone calls. So you need to be wary.
Some scams are obvious. Someone emails you to say a distant relative has died, and there's no one but you to inherit their $100 million fortune - all you need to do is pay £500 upfront to release the funds. But some scams are a lot less obvious, and a lot more intelligent. This guide's aimed at helping you spot them.
What to do if you've been scammed
Below is a need-to-know checklist of what you should do.
If you've already responded to a scam, end all further communication immediately.
Call your bank and cancel any recurring payments.
Report the scam to the police through Action Fraud on 0300 123 2040, or report a scam anonymously on its website.
Speak to the Citizens Advice consumer helpline on 03454 040506 or the Financial Conduct Authority's helpline on 0800 111 6768.
How do I know if I've been scammed?
You've got unexplained transactions made to your bank account.
Additional financial products pop up on your credit report that you don't remember taking out.
Bank statements meant for your address aren't delivered - this could be a sign of ID fraud.
You're rejected for credit when you've got a good credit history. It's worth checking your credit reference file on a monthly basis to see if someone is making false applications for credit in your name. See the Credit Check guide for full info.
Can I get my money back?
Your first port of call is the company or person that took your money. It may be worth seeing if you can get your money back from them - though if it's a scam, this route's unlikely.
If you bought something costing £100 or more on a credit card, you may be able to claim it back under a little-known law: Section 75. Once you've paid using a credit card, the card provider and retailer are locked into a legally binding contract, so if the retailer can't or won't refund you, you can raise the dispute with your card provider.
You won't be covered under Section 75 if you used a debit card or spent less than £100 on a credit card, but you could try to claim your money back under the Chargeback scheme. It's a voluntary agreement by your debit or charge card provider to stand in your corner if anything goes wrong. It's not as effective as Section 75, and rules vary between providers.
16 tips on how to spot & avoid scams
Scammers continue to find more creative ways to get your cash. This guide can never be completely comprehensive with all the latest scams but we aim to help you to learn what to look out for. The stories around the scams may change, but what you should do to spot and avoid them doesn't.
Have you ever heard of the email from a Nigerian prince wanting you to share his fortune? The person stranded overseas needing £1,000 to get home which they'll pay straight back? Or the lottery you've won in Spain - even though you don't live there, and have never entered a lottery there?
The best way to prevent scammers from getting their hands on your hard-earned cash is to know how to protect yourself in the first place. Here are our top tips on how to avoid scams. They aren't all failsafes, but they can help you think before you act.
Rule-of-thumb: Mistaking the genuine for a scam is nowhere near as bad as mistaking a scam for the genuine.
Fake tax refunds, and other scams to watch out for
Every year, millions of people fall for scams sent through the post, by email, phone, text, in person or online. Don't be fooled by professional-looking websites and marketing materials.
Scammers are good at making their scams look authentic. If you're asked to send money to someone you don't know or have won a competition you didn't even enter, stop!
A perennial favourite is the email telling you you're due a tax rebate. HMRC will never email you with this information, and have produced guidance on what's genuine HMRC communication, and what's fake.
If you get a fake email, either delete it, or report it to HMRC.
Scams currently common in the UK
There are 1,000s of ways scammers try to catch you out. Common methods include:
Pension 'liberation' (more info in our Release Pension Cash guide).
- Vishing - where scammers tell you they're from your bank and there's been fraud on your account, asking you to call them back, but instead they wait on the line and then get you to hand over bank details.
Miracle cures or miracle weight-loss pills - ketones are common, and appear on many people's Facebook pages.
Fake bank or Apple emails saying you need to re-verify your account details.
Investment scams (the FCA has a site helping you to spot investment scammers - ScamSmart, which includes a database of dodgy companies to avoid)
Deceptive prize draws and sweepstakes.
Fake court summons emails (more on this at Action Fraud).
- Job scams - the Metropolitan Police's Safer Jobs site has advice for jobhunters, employees, employers, plus it lets you report suspected scams
You can find out more about financial scams on the Financial Conduct Authority's website or for scams in general, see the Metropolitan Police's Little Book of Big Scams, or the Citizens Advice website.
Your bank will never email you asking for your PIN or password
If you get an email or text from your bank about fraud, ask yourself whether or not that's the usual way you receive contact from your bank. Think about whether it's sensible for the bank to make contact in that way. The British Bankers' Association's Know Fraud, No Fraud campaign highlights eight things your bank will never do, including calling or emailing to ask you for your full PIN or any passwords.
Banks will also never send someone to your home to collect cash, bank cards etc. Get clued up on the full 'Things your bank will never ask you to do' list.
Get free antivirus software
Web viruses don't just ruin your computer. They can help steal money or even use PCs to commit crime. Some even lie dormant, waiting to be activated - as was the plan with 2014's GameoverZeus virus. To help prevent viruses keep your web browser up-to-date and your PC backed up with free anti-virus software. See our guide on Free Antivirus Software.
Watch out for poor grammar or dodgy spelling
Be vigilant if an email from a 'retailer' or 'bank' is badly-worded or littered with spelling mistakes. Banks and retailers will spend time crafting any emails they do send, and they're likely to proof them too - so bad grammar, dodgy spelling and poor punctuation are likely to be picked up before any emails go out.
But phishing emails aren't likely to go through such a rigorous process.
When is bbc.co.uk not bbc.co.uk?
Not all links are genuine. By 'hyperlinking' text you can make the link say anything. For example, where does this link - www.bbc.co.uk - go? To the BBC, right? Hover your mouse over it and read what it says at the bottom of the screen – though sometimes even that's foolable.
Similarly, where do you think www.moneysavingexpert.1.com goes? Well, it's not to MoneySavingExpert. For web addresses, it's what's before the .com or .co.uk that counts - so this would go to 1.com (which doesn't exist). It's worth looking out for this in web addresses, as it's so easy not to notice extra characters in the web address. Always look where you're clicking.
For more, see Martin's Spam Spotter Rules blog.
Beware phishy links asking for your password
Phishing is a type of spam email where scammers try to reel you in with the hope that you've got a connection to the company they're pretending to be from.
Most of us receive plenty of these each year, such as "your bank security is broken, click here" or "we need your help to retrieve funds", or "your subscription's about to run out".
The emails disguise attempts to steal your passwords, bank codes and money. Often they'll ask for bank or credit card details. Sometimes they'll ask you to download viruses onto your computer. There'll be some sort of link in the email. It often looks real.
When you click on it, it'll probably take you through to a professional-looking website – a mirror image of the real thing. You’ll be invited to put your password in – at that stage, you'll be parting with your cash.
They'll mine for your personal details to build a better profile of you, and could use this to commit identity fraud, taking out mortgages, loans and credit cards in your name.
NEVER click on a link and enter your password - no matter how genuine it looks. If it looks like a genuine security concern, call your bank or visit its published web address. See our top tips to see how genuine-looking links can catch you out.
To ensure you're not caught out:
Never, ever, ever, ever, EVER open an attachment unless you're 100% sure of its contents. EVER.
Stop 'vishing' scams. Call 'em back if they want personal info
If anyone calls claiming to be from a bank, insurer, utility provider, etc, NEVER give your personal or password details (for example, your mother's maiden name or place of birth). Say you'll call them back, but find the number independently.
Don't rely on caller IDs, or anyone drawing attention to them. Scammers can clone numbers, so it may look like the number your bank uses to call you. Plus, if you can, use a different phone to the one you were called on - so if you're called on your landline, use your mobile.
In one sophisticated scheme, the scammer told the victim their account had been hacked into, and encouraged the victim to phone their bank. The catch was that they didn't hang up after the initial call. They stayed on the line and played a dial tone while the victim called their bank and thought they were speaking to a bank employee.
The victim was then told to type their PIN into their phone keypad, thinking it was safe to do so, and was instructed to hand over their card to a 'bank courier' who collected their card. The scammers then had both their bank card and PIN.
To read more on this scam, commonly called 'vishing' (voice phishing), read our Called by an 'anti-fraud team'? news story.
Be wary if you've been asked to pay upfront
You should never have to pay to access prizes or funds due to you.
Worse still, if they send you a cheque and ask you to wire the money over as a stop-gap for fees and taxes, the cheque will most likely bounce and you'll be left out of pocket.
Reputable search engines won't necessarily return reputable sites
Bogus websites are often set up to cash in on popular products, or payday loans, so be wary if it's an unfamiliar site.
Don't think that because it appears on a reputable search engine, it's a reputable site. Always check first, especially with sponsored links as these pay to appear at the top of search engines' lists - on Google, this'll have a small yellow box marked 'Ad' to tell you it's paid for.
One recent example is payday loan brokers who come up in search engines when people searched for "credit union loans". Check where the link's going before you click. If you've clicked, and it looks dodgy - just don't proceed.
Be careful of urgent deadlines
Nothing needs to be done immediately. Even if your account has been hacked, simply call the number on your bank statement. If you're being asked to hit a deadline, something dodgy is probably going on.
Shred everything and protect bank details
Never give your bank account details or PIN to someone you don't know. It's also wise not to have an easily guessable PIN - so don't pick 0000 or 1234!
If there's an unauthorised transaction on your account, contact your provider straight away. The Lending Code has guidance on how banks should help with credit card problems, though they don't have to help if there's proof you've been negligent.
In addition, shred or burn all financial documents, including envelopes, as a branded letter from a bank shows you have a relationship that could be taken advantage of.
Watch out for companies that address you as 'Dear Sir or Madam'
Genuine companies should know who they are targeting with emails. "Dear Customer" may sound polite, but that or any variation of "Dear Sir/Madam" or "Dear Valued Customer" should set off alarm bells.
Many banks will now put something on their emails to identify you - and to reassure you that they know something about you. You'll be addressed by name, and they may put the name of your account or your postcode on the email - information scammers aren't likely to have.
Be social media-savvy
Social media and online banking means you'll probably have multiple passwords on the go. You should try to change your passwords regularly, and make sure they're complex enough so they're difficult to guess.
A complex password uses more characters and a combination of letters (upper and lower case), numbers and symbols.
Don't use the same password for multiple accounts - this decreases the chance of someone else being able to access several accounts belonging to you. Plus - don't write passwords down.
It's also a good idea to limit the amount of personal information you publish on social networks - so don't put your address on Facebook, and then announce to the world you're going on holiday for two weeks.
Don't text away your fortune
Legitimate marketing messages should identify themselves in the text or in the sent-from number. If not, they're breaking regulations and can be considered spam. Spam texts usually message you from a random 11-digit number and will ask for you to reply - DON'T!
Spam texts are likely to be generic, citing that you're owed accident compensation, a PPI refund or a tax rebate. Some even trick you by asking you to text 'STOP' back to the number to be removed from the mailing list, but that's often just a ploy to see that you're a real person and not an unused mobile number.
If you do get a spam text, forward the text to your network provider for FREE, simply by forwarding it to 7726 (spells SPAM), making sure it includes the sender's number. For full info on how to spot and stop scam texts, see Stop Spam Texts.
Help if you care for an elderly person
Anyone can fall for a scam, but the elderly are often hit hardest as they can be over-trusting or afflicted by illnesses such as dementia. Many can lose their life savings, get into debt or have health problems.
If you care for an elderly person, look out for the warning signs. Are they receiving a lot of junk mail or phone calls from strangers, or have they become secretive when discussing finances?
If you're concerned, visit ThinkJessica, a site which shows how some elderly people can become serious victims of scams.
Be wary of numbers starting 084
Since numbers starting with 084, 087 or 09 became premium (this just means calls to these numbers are charged at a higher rate) most reputable companies have stopped using them. In their place scammers have started using these numbers to trick people out of money.
The most common scam leaves you with a missed call - in most cases the phone won't have rung for long enough to answer - and when you call back you're hit with a huge bill. Even if you don't actually call back your bill could sometimes still show that you've made a call lasting anything up to 12 hours - also resulting in a massive charge.
Another scam involves text messages - the scammers will pretend to be from your bank and warn you that a dodgy transaction is about to take place and you need to call an 084 number to stop it. Calls are usually held in a queue before cutting off but you'll still have to pay a hefty bill. So if you get a text that includes your "bank's" number, always find the number independently before you make a call.
15 safer shopping tips
The best way to protect yourself from anything going wrong is to research before you buy. This is easier said than done, but a few quick, pre-emptive strikes can make all the difference:
Check the company's registered
All limited companies are listed on the official Companies House site, the Government's register of UK companies (though this doesn't include sole traders). Be wary if its records show a PO box address or just an email.
Get full contact details, including a street address, or fixing problems could be a nightmare. You can also find out who registered the website, and when, on the Whois database, or study the site's worldwide web ranking on Alexa.
Anything in the top 100,000 means it's reasonably big – a good, though not foolproof, indication of legitimacy.
Stop junk mail, calls, texts and cold callers
While they aren't always scams, junk mail, calls and emails offering miracle diet pills can be annoying. So can 'get rich quick' schemes. It is best to remove temptation and research companies you want to approach for goods or services.
If it's definitely a scam letter, then you can either send it (with a covering letter) to "Freepost, Scam Mail", call 03456 113413 or email email@example.com. Phone or email, and Royal Mail will send you a scam mail report form, and a prepaid envelope so you can send it back with examples of the scam mail.
You can stop legal junk mail in minutes. But occasionally, it'll contain a cracking offer, so bear in mind stopping it may not be MoneySaving.
Grab customer references
If you're dubious about handing over your dosh to a firm, ask for references from happy customers and preferably speak to them in person. Many kosher companies will be happy to do this.
Always read terms and conditions
Even if you don't read the legalese, always at least read the standard terms and conditions before you sign. Plus always ask questions beforehand if there's anything you don't understand, in writing or by email if possible.
Check delivery dates and prices
Always get a price breakdown in writing and ensure it includes VAT. If the delivery date is important, check it, and all costs, before going ahead with a purchase. It's useful to take a copy of online orders. If you've had a late delivery, see our Delivery Fightback guide to see what to do.
Google for complaints
The internet is a powerful tool to find other consumers' experiences. Easiest of all, do a quick Google search for the company name next to the word ‘complaints' or 'reviews' for example, "Delboy Ltd complaints".
Always take one-off complaints with a pinch of salt. It could be a competitor, someone malicious or a customer with a grudge. Realistically, how often to you go online to rave rather than rant? Look for trends instead.
Any botched jobs or missing orders should quickly show up. You could also ask a question in the MSE forum.
Pay by credit card
Pay by credit card for something costing over £100 such as flights, kitchens, or sofas, and Section 75 laws super-charge your consumer rights. Unlike debit cards, cheques and cash, pay in full or part (even just £1) on a credit card and by law the lender's jointly liable with the retailer. Though watch out for fees.
This means you have exactly the same rights with the card company as you do with the retailer, so if things go wrong, you can simply take your complaints there instead.
It's important you ALWAYS REPAY IN FULL each month, so there's no interest cost. See the Section 75 guide for a full explanation and take a look at Cashback Credit Cards for how to earn cash on top too.
Protect purchases under £100
Section 75 doesn't apply to purchases under £100, but there's still an option which can help. It's not a legal protection but it's a good secondary back-up.
Spend on Visa, Mastercard and Amex credit cards (under £100) and most debit and charge cards (any amount) and if the goods don't appear within 120 days, or are faulty, you can ask your bank whether they can reclaim the cash from the seller's bank.
Is it a trade association member?
If a company is a member of a trade association, it probably has to stick to a code of practice. What's more, the trade association may be able to help if things go pear-shaped. See more in the Who's Who section of the How to Complain guide.
Tips for buying abroad
If you're clicking for bargains from abroad, scour delivery times and costs. An easy rule of thumb is that the charges for delivery, customs and VAT can add about 30% to the list price, so unless it's over 30% cheaper it may be best to stick with the UK. Read the Cheapest UK Online Shopping article for a full how-to.
You should also check the items are compatible at home, for example, that a DVD bought from overseas will work on your player.
Plus, if you're buying regularly overseas in non-sterling currencies, make sure you're paying in the cheapest and safest way. More in the full Cheap Travel Credit Cards guide.
Know when you have cancellation rights
Buy in a store and you're unlikely to have cancellation rights. But many people are surprised to learn you've more rights buying at home, online or by telephone/catalogue from an EU-based business.
Buy something online or in your own home, and you've a legal right to send most goods back within 14 days for a full refund (including outward delivery costs), even if there's no fault. This won't apply to perishable or personalised goods.
You'll usually need to pay for the return delivery (unless the seller doesn't say this in its T&Cs). You also have a right to cancel financial agreements within 14 days. Read the Consumer Rights guide for more info and exclusions on all of these rights.
However, ordering online is balanced by the fact that there's automatically a time gap between ordering and delivering – when the company has your money. So if it goes bust in that time, these cancellation rights don't help.
If you've no statutory cancellation rights the store's policy may still allow some – although you may not get a full refund, depending on long it's been since your order or until delivery. Check the terms and conditions.
Make sure your payment's secure
When you pay for a purchase, always check the site is secure. Although it doesn't guarantee the site isn't a scam, any data you enter is encrypted so it's harder for others to intercept.
It's really easy to tell as the web address will start with "https", rather than just "http". Look for a security padlock on your browser (usually next to the web address).
What happens if a company goes bust?
Quite simply, its customers are immediately transformed into creditors. This hits hardest if you've ordered goods or tickets, and not had delivery, as then you're simply one of a line of people trying to get your money back out of the company's assets, and you usually get back much less than you paid. Even if you've had delivery, if the company you bought from goes under and there's a problem with the goods, it can mean you've no comeback.
Sometimes there's no protection
Ultimately, there's always a risk that something can go wrong, and you've no protection. If the above routes don't apply, you have to make a decision about whether you're willing to take the risk of parting with your cash. Don't be overly scared of this. Every day we all make transactions based on trust, and this is part of that, but do balance the amount you're spending against the risk.
Test your knowledge
Now that you know all about scams, try this quick Citizens Advice quiz to see how you'd fare if you received scam emails. It gives you examples of some scam situations, and tests how good you are at spotting them. Still feeling unsure? Cyberstreetwise is a Government-funded scheme that helps you create your own cyber crime to do list.