20 ways to stop scams

What are scams?

How to spot, avoid and protect yourself against scams

1. Beware fake adverts implying Martin endorses them (Quantum AI, cryptocurrency and more)

   Scam adverts suggesting Martin endorses a particular product or service are rife. We get reports about them every day, but often not before people have lost cash.

   Whether it's Martin's picture on claims management firms, scam binary trading ads, energy door-knockers using his name, cryptocurrency pop-ups, or yarns about Martin encouraging you to invest in the likes of Quantum AI, these all attempt to leech off the hard-earned trust people have in us. Don't touch the ads. 

   Martin's video rant below is quite old now, but his core message still stands.

   To learn more about this particular type of pernicious scam and how to report one you've come across, see our Fake Martin Lewis adverts guide.

   

   

   MoneySavingExpert.com founder Martin Lewis warns of LIAR Facebook and other ads that imply he or MSE recommend them

2. Always remember the old saying... 'If it sounds too good to be true, it probably is'

   If a product is the cheapest you've ever seen, you're offered free advice or promised fast cash or unbeatable returns... it's probably a scam.

   You should always independently seek financial advice before making any changes to your pension or investing large sums of money.

   Some scam investment ads we've seen promise a monthly return worth £10,000s in exchange for investing just £200. This is, quite simply, preposterous.

3. Suspicious call from your 'bank'? Call 159

   There's a secure and easy telephone hotline that can help check if a suspicious call was genuine. The number is 159 and is operated by Stop Scams UK.

   So if you receive what you believe is a suspicious call from your 'bank', hang up immediately and dial 159. You'll be connected directly to your actual bank, which should then be able to advise whether the call was genuine or not.

   More than a million calls have been made to 159 since its launch.

   Warning. Suspicious calls take many forms. There are even cases of scammers pretending to be from anti-fraud departments. So don't just assume a call which appears to be from your 'bank' is legitimate – if unsure, hang up and dial 159.

4. NEVER divulge your PIN or password

   If anyone contacts you claiming to be from a bank or card provider, remember to never share your password, PIN or personal details. Say you'll get back to them, then either call 159 or find your bank's number independently.

   Don't rely on caller IDs either. Scammers can clone numbers, so it may look like the number your bank uses to call you.

   Also be on your guard out if you get a text or email from your bank, particularly if it's about fraud. Ask yourself whether these are the usual ways your bank contacts you. Alarm bells should ring if the sender's name looks off – for example, 'H S B C' (spaces between letters) or 'tsb' (all lower case letters).

   Ultimately, the most important thing to remember is that banks never reach out asking for your PIN or passwords. If unsure, hang up and call 159.

   Watch out. Some scams work by telling you your account has been hacked. You're then encouraged to share your PIN or password, or even move money to a 'safe' account (in reality the scammer's account), for security purposes. Watch out for these.

5. Don't click links in suspicious texts or emails

   

   Even if you're curious, avoid clicking links contained in suspicious texts or email. Similarly, don't call the phone numbers listed in a suspicious message.

   You may have heard of the terms 'phishing' and 'smishing'. The first is an email scammers send in the hope you've got a connection to the company they're pretending to be from. 'Smishing' is the same thing using a text message or WhatsApp.

   The message will read something like "your bank security is broken, click here", "we need your help to retrieve funds" or "your subscription's about to run out". In reality, it's an attempt to steal your passwords, bank details and money.

   When you click on the link provider, you'll often be taken to a professional-looking website – possibly a mirror image of the real thing. You'll then be invited to enter your password, at which point you risk compromising your identity and money.

   NEVER open an attachment unless you're 100% sure of its contents. EVER.

   A quick and easy way to report scam emails

   The National Cyber Security Centre has a suspicious email reporting service – all you have to do is forward suspicious emails to report@phishing.gov.uk.

   Once you've reported a suspicious email, the NCSC will analyse it and any websites it links to. If it believes it's malicious, NCSC may:

   • Seek to block the address the email came from.

   • Work with hosting companies to remove links to malicious websites.

   • Raise awareness of commonly reported suspicious emails.

   While the NCSC is unable to inform you of the outcome of its review, it has assured us that it acts upon every message received.

   The NCSC also has an online tool where you can report suspicious websites.

   And if you've received a scam text message, you can forward it to 7726 for free, which will report the message to your mobile phone provider.

6. Be careful of 'urgent' deadlines

   Portraying a sense of urgency is a common tactic of scammers. So if you're being asked to act before a deadline, something dodgy may be going on.

   MSE Kit almost fell for this trick when a surprise message from his Booking.com 'host' warned he had 12 hours to verify his details or his reservation would be cancelled. Read more about MSE Kit's brush with a Booking.com scam.

   If you find you're being told to act urgently, stop to pause for a moment and compose yourself. There isn't anything that needs to be done immediately.

   Even if your account has been hacked or you've been told about fraud, don't act rashly. Get in touch with your bank or provider via the appropriate channels.

7. Always check the URL link

   

   Beware: not all links are genuine.

   In the first instance, by 'hyperlinking' text you can make a link say anything. For example, where does this link – www.bbc.co.uk – go? That's right, not to the BBC.

   Similarly, where does www.moneysavingexpert.1.com go? Well, it's not to MoneySavingExpert.com. For web addresses, it's what's before the .com or .co.uk that counts – so this would go to 1.com (which doesn't exist).

   It's worth checking the URL even if the website looks legitimate. Take the image on the right-hand side, for example. It looks like it's from bbc.co.uk – the banner, font and colour scheme are all right – but a quick check of the URL at the top shows it isn't. In fact, it's a scam that's been doing the rounds.

   As it's easy to miss things, take a moment to check where you're clicking.

8. Watch out for poor gram-mar or dodgy speelling

   Watch out for emails and text messages that are badly-worded or littered with spelling and grammar mistakes.

   Banks and retailers will spend time crafting and proofing their messages, so bad grammar, dodgy spelling and poor punctuation are likely to be picked up. But scam messages aren't likely to be so rigorous, so grammatical mistakes are common.

   Delivery firm Evri is a regular target for scammers. Can you spot any signs that the message below from 'Evri' is bogus? Maybe its use of capital letters.

   If you use Evri, watch out and remember its 'three Ls':

   

   • Language. A message from 'Evri' with poor grammar, spelling and odd phrasing should ring alarm bells.

   • Lack of a personal greeting. This doesn't just mean lack of a 'dear customer' or 'hello' at the start of a message. Messages from Evri typically contain personal information – such as a tracking number or delivery address – so if this is missing, it may be a scam.

   • Links. Be wary of links or buttons urging you to pay a 'redelivery fee'. This is something Evri doesn't charge.

   See the Evri website for more tips on 'Evri' scams.

9. Look for online reviews to help you decide

   It's easy to find other consumers' experiences and this can be a really powerful tool, particularly if you're shopping or purchasing a service.

   Not sure if a firm is legitimate or not? Think something is a scam? Or have doubts about the level of service a firm will provide? Reviews can be a good steer.

   So do a Google, Trustpilot or Feefo search for a company and read the reviews.

   Take one-off complaints with a pinch of salt. But if there are reams of complaints or reviews are overwhelmingly negative, it could be a sign that something is amiss.

10. Google doesn't always return reputable sites

    

    Don't automatically assume a website is genuine just because it appears on a reputable search engine.

    Always check first, especially sponsored links as these pay to appear at the top of search engines – on Google, a sponsored link normally appears at the top of a search page and will be clearly labelled as an 'Ad' to tell you it's paid for.

    Remember: check where the link is going before you click.

11. Common scams to watch out for

    There are many types of scam out there. Some have been doing the rounds for years, while others have only emerged more recently.

    Here is a list of some of the most common types of scam:

    

    • Bogus calls. Claiming to be from the Government (or even MSE) talking about Reclaiming bank charges.

    • Pension 'liberation'. See our Release pension cash guide for more about pension liberation scams.

    • Text messages claiming to be from Royal Mail, Post Office and other delivery services (such as Evri and DPD). Asking you to click on a link and pay a fee so that a parcel can be delivered.

    • Text messages saying you've been left a voicemail. To access the 'voicemail', you're prompted to click a dodgy link in the text.

    • Miracle cures or miracle weight-loss pills. Ketones are a common example.

    • Fake bank or subscription emails. Asking you to re-verify account details.

    • Messages from 'Amazon' or 'Prime'. Asking you to provide payment or account information (Amazon never sends messages like this).

    • Investment scams. The FCA's ScamSmart can help you to spot investment scammers and has a database of dodgy companies to avoid.

    • Deceptive prize draws and sweepstakes / get-rich-quick schemes.

    • Job ad scams. See JobsAware if you've been the victim of a work scam.

    • 'Parking fine' text messages. Including some which use the branding and website of the Supreme Court to appear legitimate and threatening.

    • Driving lesson / driving test scams. Using platforms like Facebook, Instagram and WhatsApp, scammers convince wannabe drivers to part with money up front to reserve lessons or test slots that don't exist.

    • Property rental scams. Scammers advertise properties for rent that they don't own or have access to. Property hunters are typically told to pay one month's rent up front to 'secure' or view the property.

    • Computer-generated Martin Lewis videos. Watch out for these, as they're scarily convincing. We've seen them on various platforms, including YouTube.

    • Messages from the 'Financial Ombudsman' or 'Financial Conduct Authority' asking for personal details. Neither the Ombudsman nor the regulator will ever contact you out of the blue asking for such information – the Ombudsman will only be in touch if you've got a case with it already.

    For more on common types of scam, see the Take Five and HSBC websites.

12. Be wary if you're asked to pay up front

    Be cautious if you're asked to pay up front, particularly by someone you don't know or have met on social media, for example for sports or music resale tickets.

    Won a prize or competition? You should never have to pay up front to access the funds. Similarly, if you're asked to wire money over as a stop-gap for fees and taxes, you likely won't see that cash again.

    Be suspicious of any 'loan' where you need to pay a fee to receive the money, as it may be loan fee fraud. If in doubt, urgently check the lender is FCA authorised.

    A good way of protecting yourself is to always exercise caution where there is:

    - A requirement to pay an upfront fee.
    - Pressure to pay this fee quickly.
    - A request to pay in an unusual manner (vouchers, bank transfer, etc).

13. Watch out if a company uses 'Dear Sir or Madam'

    Genuine companies should know who they are targeting with emails, texts and letters. So while 'Dear Sir/Madam' may sound polite, it should set off alarm bells.

    Many banks will include something in their communication to identify you and show they know something about you. They'll likely use your name and may include your account number or postcode – info scammers aren't likely to have.

14. Be savvy when online and using social media

    

    If you're on social media or are signed up to any forums where you can share messages, limit the amount of personal information you publish online.

    For example, don't share your address and then tell the world you're going on holiday for two weeks.

    Exercise caution if engaging with people on social media you've not met in person. And be mindful genuine accounts can get hacked too, so watch out for this as well.

    Use messaging services like WhatsApp? Be on your guard

    A favoured hunting ground of scammers is messaging services like WhatsApp, so be alert. Common tricks attempted on WhatsApp include:

    • Pretending to be a family member or friend. Typically by claiming they've changed their number or are in need of help or money.

    • Claiming there's a job offer or that you've won a prize. Even if you've not applied for a job or entered any competition...

    • Account takeover. Never share verification codes if you're asked to do this by someone over WhatsApp, even if you think you know the number or person.

15. QR codes can be hijacked

    

    QR codes are everywhere, from pub and restaurant tables to train station platforms and flyers on the street.

    While they can help with accessing websites and paying bills, beware that scammers have been known to piggyback off legitimate QR codes and create bogus ones.

    By engaging with a bogus or compromised QR code, you risk revealing personal and financial details to scammers. One woman at a York train station lost £13,000 after scanning what she thought was a genuine QR code (the original had been plastered over with a fake) and finding herself on a scam website.

    So while QR codes are normally legitimate and safe to engage with, it's wise to:

    • Check the URL looks legitimate. When scanning a QR code, check that the preview URL tallies with the destination you expect to be taken to.

    • Look for signs of tampering. Does the QR code look like it's been placed on top of another QR code, or the original removed?

    • Be wary of low quality-looking websites. If a QR code takes you to a web page that is full of low quality images and typos, it may not be legitimate.

    • Be cautious of unsolicited messages with QR codes. If in doubt, contact the company and ask whether the message was legitimate.

    • Don't scan or open QR codes from strangers. It seems obvious, so avoid it.

16. Know how to spot fake deals and promos

    Scores of people are fooled every day by bogus offers, promos and competitions, particularly on social media (including messenger and streaming platforms).

    On Facebook, Instagram and WhatsApp, you can flag suspected scams and misleading ads. See Meta's how to report an ad page for more.

    Here are some ways of telling what's legitimate and what's fake:

    '£80 supermarket vouchers for everyone!'

    When there are stonking deals and we include them on our site or in the weekly email, we will have checked they are thoroughly legit.

    But if Lidl is giving away £80 vouchers to everyone or 100 free flights with British Airways, it's probably too good to be true...

    There are genuine competitions out there, but companies are unlikely to give every person who enters such a lucrative prize.

    

    Close

    Look out for spelling and grammar mistakes

    Scam ads are often littered with spelling mistakes. Genuine offers from a major company would undergo quality and spelling checks.

    One ad was supposedly giving away a "Rannge Rover".

    Sometimes mistakes are more subtle. One scam we found said: "Congratulation! You have won 2 free British Airways Ticket!"

    Close

    Scan images for inaccuracies

    We've seen people fall for Easyjet hoaxes in which supposed round-trip tickets are up for grabs due to last-minute cancellations.

    The scam advert below came with images of luxurious business class seats – but Easyjet doesn't even have a business class section...

    To get genuinely cheap Easyjet deals, see our Easyjet tricks guide.

    

    Close

    Check if the account is verified or has lots of followers

    With Facebook, Instagram, TikTok and YouTube, the profiles of companies, brands and celebrities will be labelled 'verified'.

    Verified status usually means a company's or individual's social media account is legitimate because it has been confirmed by the respective social media platform. Yet plenty of companies aren't verified.

    If that's the case, look for details which may indicate an account is genuine – lots of 'likes' or followers, for example.

    If in doubt, look up the relevant company's website, as many tend to link directly to their official social media accounts from there.

    Close

    Are links going where you'd expect?

    When you click one of these scams you'll often be taken away from one website to another, so it's important to check what the URL is.

    Legoland giving out free tickets? You'll be taken to Legoland.com. But in one scam, you are taken to Legoland.com-everythingfree.com.

    Close

    Look for warnings on legitimate company pages

    Major supermarkets have fake voucher giveaways circling the web, so legitimate social media pages will normally post warnings about them.

    If you 'like' or 'follow' the real pages, you can easily check what's legit.

    

    Close

    Beware fake WhatsApp promos

    Companies use apps like WhatsApp and Messenger to send news and offers to customers. But scams can appear on these apps too.

    Here's an 'Alton Towers' scam on WhatsApp from a few years ago (note the weird 'o' in the URL, a tell tale sign it was a scam):

    @altontowers anyone else getting loads of WhatsApp messages about this? pic.twitter.com/9fxbcahI2c

    — nicky (@nicwin71) 5 June 2018

    Close

17. Be wary of 084, 087, 09 numbers and spam texts

    

    As numbers starting with 084, 087 or 09 are charged at premium rates, most companies don't use them. But scammers use them to trick people out of cash.

    The most common scam starts with a missed call, and when you call back you're charged a fortune. If you call back, expect to be placed on hold indefinitely, passed between numerous 'departments' or treated to unending recorded messages.

    Another involves text messages. Scammers pretend to be from your bank and warn fraud is about to take place and you need to call an 084 number to stop it. Calls are held in a queue before cutting off, but you're still left with a hefty bill.

    Legitimate companies should identify themselves in text messages. If they don't, it's breaking regulations and the text can be classed as spam. If you get a spam text, report it for free to your network provider on 7726.

    Unexpected charge on your phone bill?

    If you've noticed a charge on your phone bill but are unsure whether it's fair or something more sinister like a scam, take steps to clarify the situation.

    Where the charge looks like it's from a legitimate company, you can decide on the appropriate next step – perhaps challenging the charge if you think it's unfair. But if it's the result of a scam, cease communication with the scam and report it.

    Need help identifying an unknown phone charge? See PhoneCharges.org.

    Quick question:

    Why do these phone numbers cost so much to call?

    Calls to 084, 087 and 09 numbers are charged at premium rates. A call to one of these types of number is made up of two parts:

    - An access charge. This is paid to your phone company (like EE).
    - A service charge. This is paid to the organisation you're calling.

    While the access charge ranges between 8p and 67p a minute, the service charge to the organisation you're calling (maybe a scammer) can be even higher – up to £3.60 a minute for some 09 numbers.

    For more information see Ofcom's call costs guide.

    Close

18. Use Citizens Advice's scams checker

    Fraudsters continue to refine their methods, so it can remain difficult to distinguish between what's legitimate and what's a scam – even if you're scam-savvy. There are extra resources out there though which can help you spot a scam more easily. 

    One of these is Citizens Advice's online scams checker tool.

    Simply answer a short set of questions, like where you found the 'scam' and what, if anything, it asked of you. Based on your answers, the tool will give tailored advice and hopefully make it clearer whether you have been targeted by a scam.

19. Shop more safely by giving yourself protection

    

    Even if something turns out not to be a scam, it's worth giving yourself extra protection when shopping as issues can arise with legitimate retailers as well.

    So consider these tips before buying something:

    💪 Always read the terms and conditions

    You should always read the terms and conditions before signing up to something – if there aren't any terms and conditions, this should ring loud alarm bells.

    💪 Pay by credit card for added protection (Section 75)

    Pay for something costing over £100 on a credit card and Section 75 laws will bolster your consumer rights, as by law the lender will be jointly liable with the retailer. This means you've the same rights with the credit card company as you do with the retailer, so if things go wrong you can take your complaint there instead.

    See our Section 75 guide for more information.

    💪 Separate protection for purchases under £100 (chargeback)

    Section 75 doesn't apply to purchases under £100, but there's still an option called 'chargeback'. While not a legal protection, it's a good backup to Section 75.

    So if you spend less than £100 on Visa, Mastercard and Amex credit cards – or any amount on most debit and charge cards – and there's an issue with the goods, you can ask your bank if it can reclaim the cash from the seller's bank.

    See the full details of how it works in our Chargeback guide.

    💪 Using PayPal? Mark as 'goods and services'

    Neither Section 75 nor chargeback usually work if you pay via PayPal, but you can give yourself some protection by marking a payment as 'goods and services'.

    Doing this means if something goes wrong, you might be able to claim the money back through PayPal's buyer protection scheme. Though as this is a PayPal policy rather than a statutory right, it's up to PayPal whether or not to reimburse you.

20. Homeowner? Set up a property alert

    It might sound fanciful, but one homeowner in Luton had a nasty surprise when his property was sold by scammers without his knowledge.

    While not common, it's a warning of what can happen if you're the victim of identity fraud. There are a few things you can do to mitigate this risk:

    Eng/Wal – sign up to HM Land Registry's property alert system

    Choose up to 10 properties to monitor and you'll be notified any time a search or application is received by HM Land Registry in relation to one. You don't need to be the owner of the property to monitor it (so you could do it to help out elderly friends or relatives). Sign up at HM Land Registry property alert.
    
    You can only monitor homes that are registered with HM Land Registry.

    Eng/Wal – add a 'restriction' to your property

    Alternatively, homeowners can prevent HM Land Registry from registering a sale or mortgage on their property without a certificate from a solicitor or conveyancer.
    
    To do this, a restriction needs to be added to the deeds of the property. This involves either you or a solicitor filling out an application form and sending it to HM Land Registry. Again, the property will need to be registered at HM Land Registry.

    More information on how adding a restriction works at Gov.uk.

    Northern Ireland – register an 'inhibition' on your property 

    Similar to adding a restriction to the deeds of a property in England and Wales, an inhibition prevents the Land Registry in Northern Ireland from registering a sale or mortgage on your home without your permission, or without first giving you notice.

    You can apply for an inhibition by filling in a fairly straightforward application form and paying a fee. Your property must already be registered with the Land Registry.

    More details about how it works can be found on NI Direct.

    Scotland – there's no equivalent action

    In Scotland, there's no equivalent of a property alert system or restriction/inhibition. But it's unlikely your property will be targeted because of how land registry works.

    See Registers of Scotland for more info on how property owners are protected.

    Quick question:

    What if my property isn't registered with HM Land Registry?

    Most property and land in England and Wales is registered with HM Land Registry. This includes any property or land that's been bought or mortgaged (including remortgages) since the 1990s.

    A minority of homes are unregistered. These are more at risk of property fraud, so consider registering it if yours isn't already. Don't wait to register until you sell up – this can hold up a sale.

    Registering can seem daunting as there are a number of steps involved. If you're feeling brave you can do it yourself, or you can get a solicitor or conveyancer to help (though this will cost more).

    Full details on how to register a property can be found on Gov.uk.

    Close

Protect yourself against identity fraud

Ways to protect yourself against ID fraud

Some of the following tips you'll recognise from the stop scams guidance above:

• Don't have a PIN or password that's easy to guess. Banks may not reimburse you if your PIN is easily guessable (0000, 1234, etc). See strong and unique password help.

• Destroy important documents. Don't just throw them away whole as they can salvaged from rubbish bags. Tear up important documents or use a shredder to be sure. 

• Avoid sharing too many personal details on social media. Such as your date of birth, address, even your mother's maiden name.

• Register on the electoral roll if you move home. Being registered at your new pad makes it harder for fraudulent applications to be made using your previous address.

• Set up a postal redirect when you move home. The less post that turns up at your previous address, the less chance a criminal has of accessing it. See redirect your post.

• Use Wi-Fi carefully. Have a strong password for your home Wi-Fi so criminals can't access it. And avoid signing into sensitive accounts when using public Wi-Fi networks.

• Check bank statements and online banking regularly. To look for unusual activity.

• Keep an eye on your credit report. If someone is making false applications for credit in your name, it will appear on your credit report. See our Check your credit report guide.

• Consider adding a password to your credit report. By adding a password to your credit file – sometimes referred to as a 'notice of correction password' – lenders will need you to confirm that password each time a credit application is made in your name. You can add a password to each of your Experian, Equifax and TransUnion credit files.

• Protect your phone. Ensure your phone and any sensitive apps on it have PINs or passwords to access them. And see our Tips to protect your phone from thieves guide.

What to do if you're the victim of ID fraud

If you think your identity has been stolen you should take prompt action to sort the issue out. Head over to our Help, I've been scammed! guide for step-by-step help.