Blog

QR code scams

QR codes have become a popular way to open websites and pay for products and services. But not all of them are secure. Cyber criminals can use QR codes to steal personal and bank details. Here we tell you what you can do to avoid QR scams.

Quick response or “QR” codes are like barcodes. When we scan them with a mobile phone camera, a link to the information they hold appears.

In today’s digital world, QR codes are used to browse restaurant menus, to connect to public Wi-Fi, to pay for parking, and to redirect users to a website.  

For cyber criminals, the QR code fad creates an opportunity to steal people’s identities or hack into their bank accounts and make off with their money.

QR code scams

QRshing is a form of phishing. It uses QR codes to send users to a fake website that spreads malware or elicits confidential information. Cyber criminals posing as real companies send phishing emails with a QR code and ask users to scan it. Then, they attempt to obtain information or spread virus-infected files.

Another common scam is the false QR code stuck on top of an original one, like in restaurants and street advertising. False QR codes can even be found on parking meters, linking to a credible but fake payment site to steal money or credit card information.

Scams that use inverted QR codes are also gaining traction. Scammers first create a malicious code and then use it as a presumed payment method. But the code does exactly the opposite: it solicits money from whoever scanned it. Instead of paying the merchant for an item or service, the malicious QR code makes the merchant pay the scammer. This type of scam is also used to steal personal information and bank details.

How to avoid a QR scam

  • Before scanning a QR code, like in a restaurant or some other public space, check that it hasn’t been tampered with or got a sticker placed over an original code.
  • Installing anti-virus software to verify original QR codes that do not contain malicious links will help you avoid having a virus or other malware downloaded onto your mobile.
  • Double-check the preview of the QR code link. When you scan a QR code, a preview of the URL should appear. Make sure the website address is legitimate. Look for a padlock symbol and an address that begins with “https://”. Only those URLs are secure.
  • Think twice if the app or website you’re being directed to asks you to provide personal details. If it does, make sure it’s authentic.

Accessibility

Here are a few suggestions to help people who have problems with vision when trying to use their tablet or phone.

Siri – for iPad or iPhone

I have found the simplest feature to use is Siri, by holding down the home button for one second you can activate Siri and ask it to read emails or messages.

To have Siri start reading the Mail’s Inbox list say, “Hey Siri, check email.” Besides “check,” other variations you can use include “show,” “read,” “view” and “display”. You can also have Siri check for new email with, “Hey Siri, check for new email.” Siri will also read a list of emails in the Inbox from a contact, for example say, “Hey Siri, check email from Sam.”

When an email list appears Siri will announce a number if fewer than 25, or say, “You have at least 25 emails” if that number is 25 or more. Siri will then start reading the day or date, sender and subject of the first email in the list. Siri will pause and ask either, “Do you want to hear the next one?” or “Want to hear one more?” You can also specify how many emails to read from the list using a cardinal number, for example say, “Read 5 emails.”

In the pause after Siri asks if you want to hear another you can say, “Read it” to have Siri read the content of the last email read from the list. You can also specify an ordinal number from the email list to have Siri read its content, for example say, “Read the 6th one” or “Read the 3rd email.”

To dismiss Siri say, “Quit,” or synonyms or variations such as “cancel,” “bye,” “see you” or “so long.”

Voiceover – For iPad or iPhone

Since Siri is unable to manage or delete emails you’ll need to use another tool such as Apple’s gesture-based screen reader VoiceOver. It’s easy to use once you understand how it functions and what gestures to use to perform actions. It is transformative technology allowing a person with visual impairment full use of their device.

A few basic gestures:

Note, once an item is selected you can perform an action gesture anywhere on the screen to activate it, not just from directly over it.

  • Place a finger on the screen and drag it around. VoiceOver speaks each item under the finger. Lift the finger to leave that item selected. You can also tap an item once to select it.
  • Once an item is selected double-tap it to activate it.

Here’s how using VoiceOver might be used to read and delete email:

Say, “Hey Siri, open Mail,” then, “Hey Siri, turn on VoiceOver” and “Hey Siri, bye.” If Mail opens on the Mailboxes screen, slide one finger around and when Inbox is selected lift the finger and double-tap anywhere on the screen to activate it, taking you to the Inbox screen. VoiceOver will begin speaking the capsule of the first message in the list. If not, drag a finger to select the first message.

If you know you don’t want to have the full content of the email spoken, you can perform an action on it. With the email selected, from anywhere on the screen, flick one finger quickly up or down. Continue the flick gesture in the same direction until you hear the action you want to perform. With each flick of the finger the actions will cycle: Mark as Read (or Unread depending on state) > Flag > More > Delete > Activate (default) ↩. Double-tap to perform the selected action.

Drag one finger down the message list to select another email. To go to down another page in the list use a three-finger swipe up. Use a three-finger swipe down to go back up.

To have VoiceOver speak the content of a message, select the message and double-tap anywhere on the screen to go to the message screen. To speak the entire screen from the top use a two-finger swipe up. To speak the entire screen from a selected starting item, drag a finger to where you want to start and use a two-finger swipe down. Use a two-finger tap to pause speaking. Two-finger tap again to resume speaking.

To delete an email from the message screen, drag a finger to the toolbar at the bottom and select Delete. Double-tap anywhere on the screen to delete the message.

Speaking email – Android phone or tablet as well as iPad or iPhone

If you are visually impaired, Speaking Email might be perfect for you. The app reads out the contents of your inbox one email at a time, moving on to the next automatically. It skips over email signatures, disclaimers and other email-specific clutter – making for a smooth and seamless reading experience.

It is fully operable by voice commands for daily usage, such as checking emails, replying and managing mail. It can be set up to wait for your command at the start and end of emails. You can even tell it to “ignore” and emails from that person will be skipped over in future. 

More information or get a free trial here

How to protect yourself from social media scams

In the UK, one in every five minutes spent online is on social media platforms. They are where we catch up with friends, shop, job hunt, or even look for love with many of us using these sites/apps on a daily basis. Each day the average UK internet user spends 39 minutes on sites such as Facebook, Instagram, Tinder, WhatsApp and LinkedIn. Some of us may be spending even more time online as we find ourselves at home more often than we’d like to be. Unfortunately, some scammers are using the platforms that we know and trust to trick people into parting with their money.

We’ve compiled a list of the top four scams seen taking place on social media.

Purchase scams

Facebook, Instagram and Snapchat are all amazing ways for us to keep up with our friends and families, especially in the current climate. They’re also where many people find the latest clothing trends, phones, or games console for what appear to be competitive prices. But how can you tell if these goods really exist and are going to be delivered?

If you have to send money prior to receiving the goods, try and arrange to send it via a secure platform such as Paypal (and don’t use the friends and family feature if you are sending the funds to a stranger) or offer to pay a deposit before the item is sent. If a seller refuses, this may be an indication that it is a scam. If you’re looking at splashing some serious cash (such as for a car or holiday), we would recommend doing thorough research on the seller, such as checking to see if they have online reviews and also requesting to see documentation, such as an invoice before handing over any money. If the price seems too good to be true, then it probably is.

Impersonation scams

“Hey, I need a favour. I’m struggling to pay my rent. Would you be able to transfer £300 to me and I’ll pay you back on payday? ”

What would you do if you received this message via Facebook Messenger from a friend or family member? You’d want to help them if you could, but bear in mind that many social media platforms can be hacked, and fraudsters will reach out to contacts asking for money, appealing to people’s good nature. They may even read through previous messages sent by the hacked person’s account so they know how to mimic their tone of language, making their message seem even more convincing. The best way to avoid this scam is a good old fashioned phone call to your friend on a trusted phone number to confirm that it genuinely was them sending the request.

Romance scams

So you’ve swiped right on Tinder and found the perfect match for you! You have great conversations and spend weeks messaging back and forth. Then out of the blue, they ask you for £1,000 because they need to help a sick relative abroad with their medical bills.

This is just one scenario that a fraudster might use to try and persuade you to send them money. They may also play with your emotions by advising they are sick/in danger or try and convince you they are in love with you.

Scammers will often use pictures of models found on Google on their dating apps/website profiles to make them appear to be the ideal man/woman so if possible try and do a video call to make sure you are speaking with the person in the pictures. If they are avoiding phone or video calls with you, this could be an indication that they are not who they say they are.

Do some research on this person – you can check their Facebook, Instagram and Linkedin pages and if things don’t add up, this may also suggest you are not speaking to a genuine person. Anyone can fall for a romance scam, they are often complex and can take place over a long period of time, so don’t be embarrassed to express any concerns with a friend or family member.

Investment scams

’Get rich quick’ or ’double your money’ investment posts encouraging you to invest in foreign exchange (AKA Forex), cryptocurrencies and binary options are plastered all over social media, and are particularly prevalent on Snapchat and Instagram at the moment. These investments almost always don’t exist. Genuine investment companies would never approach clients over social media and would always be registered on the FCA register.

Best App to find bus times in London

I recommend the TFL Go app. As well as showing the bus stops in the immediate vicinity it has a journey planner function. Both of these are easy to use. Give it a try.

Get started on your journey with TfL Go

  • Use our live map to see your route – or search any place or address across London
  • Get live bus, train and tram times and the quieter times to travel
  • Get live updates on all bus, Tube, London Overground, DLR, Elizabeth line and tram lines
  • Check walking and cycling routes for all or part of your journey
  • Use step-free mode for planning accessible journeys. This includes information on toilet locations, platform access and live lift status

How to spot and avoid Christmas shopping scams this year

Christmas is a time when it’s so easy to get distracted – presents to buy, family and friends to feed and, often, it involves more travelling than the big fella with the beard. But when there’s so much going on, it’s easy to let your normal common sense lapse. Scammers know that all too well, meaning the holiday season is a prime opportunity for them

How to spot scam websites

Have you ever been on a website that just feels a bit off? Something about it that doesn’t feel right? One of the most prevalent scams during the Christmas season are fake websites. Scammers create sites that mimic well-known retailers, offering enticing deals and discounts to make you want to click. These scam websites can be very convincing. But interacting with them gives criminals either your personal details, your money or both.

While losing money is bad for obvious reasons, criminals stealing your personal details is no laughing matter either. If they get vital information, such as your name, login credentials or credit card number, they can use them for identity theft or sell these details to other criminals on the dark web.

How to avoid scam websites:

  • Stick to online shopping sites you know and access them only through their official websites.
  • Check the website URL (web address) for any mistakes.
  • If it’s an online store you don’t know or haven’t previously used, check their contact information and returns policy, as legitimate shops don’t hide them.
  • Search for reviews on trusted review sites. Watch out for exclusively positive reviews from profiles that sound fake, such as Amy113 and Tim231.

How to spot too good to be true deals

We’re all hunting for the biggest bargains this Christmas, especially with the cost of living. But our search for great offers can lead to taking bigger and bigger risks. While many Christmas shopping deals are genuine, some are just too good to be true. Scammers may advertise products at unrealistically low prices to lure shoppers.

But let’s face it, no one is going to sell a new iPhone for £100. Once a payment is made, the scammer disappears. Alternatively, you’ll get something totally different than what was promised. Another trick is to offer a discount for a very limited time. For example, saying a sale ends in just 10 minutes. This trick is used to make you buy fast and carelessly, so you don’t have time to validate the seller’s authenticity.

How to avoid too-good-to-be-true deals:

  • Be sceptical of deals that seem too good to be true, and very short-lasting deals.
  • Shop with well-known, reputable retailers.
  • If you do see a deal with a retailer you’ve never shopped with previously, do you know someone who has previously shopped there who could recommend them?
  • Like with fake websites, check trusted review sites and check social media for any complaints.
  • Use price-comparison websites to ensure the deal is consistent with the market price.

How to spot delivery scams

When time is short, online retailers are convenient. But while you might gain time in skipping the high street, you’ll often lose it again waiting for the deliveries to come. That can cause anxiety, especially if you need to head out on other errands, and scammers will seize on that apprehension. That’s why they’ll try their luck sending fake delivery notifications as a text message to your phone – even managing to mimic the company’s name in the sender line.

These scam messages seemingly come from the likes of FedEx, DHL, Evri or other well-known delivery companies claiming they have a package waiting for you. To arrange a delivery, they will ask you to install their app or click the link in the message. However, these apps or links are malware that may steal your bank credentials and eventually your money.

How to avoid delivery scams:

  • Verify the tracking number independently through the official carrier’s website.
  • If you need to arrange a delivery, do it from the carrier’s web page or on the phone.
  • Do not install applications outside of official app stores and have antivirus installed.
  • Never click on a link. Again, anything that needs to be verified can be done independently through official channels.
  • Be cautious when providing personal information in response to unsolicited delivery notifications.

How to spot email scams

Your inbox will be filled with emails this time of year from lots of high street or online retailers featuring great Christmas offers and deals. But amongst them will also be scam emails. Scam emails combine many of the tricks mentioned above and are one of the most common ways that scammers will use to try and steal your money and personal information.

They are disguised as coming from well-known brands and direct you to scam websites with enticing offers or delivery notifications. Another typical trick is to tell you that your payment or credit card was declined, and to change it, you just must enter your credit card number again. Scam emails can also lure you to download malicious attachments.

How to avoid email scams:

  • Always double-check the email sender’s address. Legitimate retailers use domain names that match their brand.
  • Be wary of unsolicited emails and don’t click on suspicious links. Instead, visit the retailer’s official website directly.
  • If an email says that your payment or card was declined, go to the service in question through their website, not the link in the email.
  • Don’t open suspicious attachments. If your antivirus warns you, do not skip the warning.

How to spot social media scams

We spend a lot of time on socials, and these platforms can be a great way at finding deals, discovering new products (#TikTokMadeMeBuyIt) or entering giveaways or competitions. But, you’ve guessed it, because these are popular online pastimes, scammers will try and lure you in on social media platforms, often through fake contests.

You’ll have seen these posts or received direct messages like these in the past. These posts promise free products or gift cards in exchange for personal information or sharing the post.

How to avoid social media scams:

  • Verify the legitimacy of the social media account or page before participating in any giveaway or contest.
  • Be cautious when asked to provide personal information in exchange for freebies.

It’s important to recognise that scammers are active all the year-round. While they may amplify their efforts during Christmas, they don’t take a holiday for the rest of the year. Whether it’s Christmas or any other time of the year, remember to remain informed, stay safe, and safeguard your financial well-being. Happy shopping, and may your online journeys always remain free from scams.

Don’t Get Tricked on Facebook Marketplace

Facebook is where people connect, and in recent years more people have been using Facebook to connect in another way: buying and selling with each other. This activity started in Facebook Groups and then Meta introduced Marketplace, a convenient destination to discover, buy and sell items with people in your community. Anyone with an active Facebook account can list or buy items with no hidden fees, however there has been a recent increase in people getting scammed when shopping for things like cars, tickets and clothes on Facebook Marketplace.

Fraudsters pretend to be genuine sellers

Social media and online marketplaces often fail to stop fraudsters from offering items for sale. Fraudsters may seem like other sellers, appearing friendly and giving away personal details to make you believe they’re genuine. All they want is for you to send money to their bank account. Fraudsters won’t let you pay by card or another way that protects your money.

Here are some things to look out for:

Is it too good to be true?
It’s not a bargain if it never turns up.
Do you have to pay right away?
A genuine seller won’t pressure you into a quick sale.
Can you meet the seller in person?
Look for things nearby so you can check the item before you pay.
Will they let you pay by card?
Never pay by bank transfer. Pay by debit or credit card to protect your money.

The most common items fraudsters sell

Fashion

Popular items like designer clothes and trainers are favourites for fraudsters to sell.

Can you pay by card? Is the item available elsewhere at the same price? If not, it could be dodgy.

Vehicles

The DVLA website lets you check a vehicle for free.

Before buying a vehicle, inspect it and have a test drive. The vehicle may be genuine but the advert could be fake.

Fraudsters often promise to deliver a vehicle or a vehicle part if you pay upfront.

Tech

Computers, game consoles and smart phones may be cheap for a reason.

Be suspicious if you can only pay by bank transfer.

Holidays

Avoid a holiday or rental nightmare.

Genuine companies are protected by ABTA or ATOL.

Be suspicious if someone wants you to pay outside a booking site.

Use your card to protect your money.

Tickets

Tickets for sold out or popular shows and events may tempt you.

Always pay by card or a payment service that offers buyer protection.

And only buy from ticket companies or sites registered with The Society of Ticket Agents and Retailers (STAR).

Online Banking – Keeping Safe

Spotting fraud and scams

While fraud and scams are not new, advances in technology give criminals more ways to attempt to access your money. Getting to know the techniques they use can help you protect yourself and your money.

Fraud or scam?

In everyday use, the words fraud and scams are used interchangeably. However, we think it’s useful to use clear definitions.

Fraud happens to you, scams happen with you.

Examples of fraud would be having your card skimmed, identity theft and computer malware which steals your details. In these cases, you’re not aware of what the criminals are doing and haven’t given your authorisation.

Examples of scams would be where a criminal attempts to convince you to send them money, give away access to your bank details or launder money. Scams actively involve you as the account owner and work through engineering a situation to make you believe it’s genuine, so you give your authorisation.

Below are some of the most common types of fraud and scams.

Remote access scam

Remote access scams attempt to convince you to allow them access to your Online Banking. These are often cold calls from scammers who say that they’re from telecommunication or computer companies or (for businesses in particular) an IT department or Technical Support.

The warning signs are:

  • a cold-caller says they can fix your slow computer or refund you money
  • an unexpected call from someone claiming to be from your IT department or Tech Support
  • the caller asks you to give permission for them to remotely access your computer
  • the caller asks for your banking or personal details.

These callers will ask you to log on to your Online Banking, to check it’s not been impacted by the fault, and then attempt to remotely access the computer to ‘help’ you with the problem.

Giving anyone remote access allows them to release malicious software and gain access to personal data.

Cash machine skimming

Using a cashpoint is easy, convenient and almost always safe. But sometimes criminals tamper with cash machines to steal your card information, or PIN.

Here are a few things to look out for when you use a cashpoint.

  • A device might be placed over the card slot which scans your card details, or a fake keypad may have been placed over the top of the real one. Look out for parts of the cashpoint machine that appear a different colour or material to the rest.
  • Tiny cameras the size of a pinhead can be drilled into cash machines which photograph you and your card while you take cash out. Look out for damage or possibly stickers that could be trying to cover up damage where holes have been drilled.
  • Someone could simply be looking over your shoulder while you’re taking out cash to try and see your PIN. Then they find a way to take your card by distracting you.

Keeping yourself safe at the cashpoint:

  • if the cash machine looks like it has been tampered with, don’t use it
  • when entering your PIN, cover it with your hand
  • look out for anybody standing too close or trying to distract you.

You can find an A-Z of fraud and scams on Action Fraud’s website

Recover photo accidentally deleted

On Android phone or tablet

Have you ever touched that bin by mistake when looking at a photo and then, maybe while being distracted, confirmed it? Here are a couple of methods to recover the photo on an Android phone or tablet, depending on how you deleted it.

Method 1

Go to Google photos then select Library on the bottom row, then you should see a Bin option at the top of the screen. Look in this bin to find your photo. If it is here then select it and tap on the Restore option.

Method 2

If the photo is not in the Google photos bin then it could be in the Recycle bin. Go to Gallery and tap the 3 lines at the bottom right then tap the recycle bin to see if your photo is here, again, select it and tap Restore.

TalkBack

Has swipe to unlock on your tablet or phone stopped working? Do you have green squares appearing and a voice? Maybe you pressed and held down the volume button by mistake instead of switching on. This has activated TalkBack mode. In theory pressing down the volume up/down buttons together for 3 seconds should turn it off again but if this does work then it becomes more difficult. Another way is to say “Hey Google”, then say “Turn off TalkBack”.

If this does not work then you will need to navigate to the TalkBack option in settings, accessibility but to navigate there with TalkBack switched on can be tricky. You will need to double tap within the green box to unlock the screen and navigate to settings. Use two fingers to drag the green box to accessibility, double tap it then navigate using 2 finger drag to talkback. In talkback you can double tap on the “on” button to switch it off.

Cloud storage providers

The concept of The Cloud is that instead of storing all of your data and computing power locally, you can outsource it to managed cloud service providers. You can run applications, save data, send email, and more using computing power that isn’t stored locally. For example, you may be running short on space on your computer or phone to store photos and large documents. The other benefit is that if your computer or phone is lost or destroyed somehow then everything will be saved and retrievable. Some cloud providers will give you free storage up to a certain limit.

Provided by Microsoft as part of Windows, 5GB provided free, very easy to sync files across different devices

A basic account provides 2GB storage, its easy to share files with others

Google Drive has strong file sharing capabilities, and more free storage space than most competitors—15GB, though that space is shared with Gmail

Apple’s service for providing cloud storage. Stored files can be hared with Apple devices

Prime members get 5GB of storage for “free” with Amazon Cloud Drive for file storage

Europe’s most secure cloud storage offers 10GB free storage