We've already seen mince pies on the shelves and the garden centres are ablaze in festive lights, all before we’ve had Halloween or Bonfire Night. Christmas seems to come earlier each year, with retailers encouraging us to part with our cash months before the event.
But it’s not just reputable businesses who are after our festive pennies; this week we got our first seasonal email scam.
Cashing in on us sending and receiving more parcels around both Black Friday and Christmas, scammers are aware that this presents them with a golden opportunity to steal from unsuspecting people. Even if you aren’t expecting a parcel, around Christmas there is a high chance that someone has sent you something via a courier and this is where the criminals catch you out.
Sending an email with order details and/or an attachment you will need to activate in order to ensure you get your parcel, clicking through will either direct you to a rogue web page, or you will allow a virus to be downloaded onto your computer. The forms of attack take on many guises, but the end game is always the same – to con you out of your hard-earned cash.
How did we know that this email was a scam?
There were alarm bells ringing so loudly we could not ignore them, the primary warning being the senders address. Whilst the email purports to be about a shipment via the courier DHL the email senders address wasn’t from DHL but from a “company” called Bievision Global. A quick online search brought up no results for a company of this name.
These scams are becoming more sophisticated and it can be tricky to tell if they are genuine or not. We can’t say ignore them if you are not expecting a parcel as you may well have been sent a wonderful hamper as a present. But you can check things like the email address – and be warned, sometimes the senders address looks very similar to the real thing. So an email from DHL would probably be @dhl.co.uk but a scammer may insert a tiny change such as @dhl1. or @nameDHL.
If there are links within the email body hover your mouse over that link without clicking it and you will see the link's address – again be sure to double check if it closely resembles the genuine address.
The anti-virus we use ourselves and the one we recommend to our customers, is capable of detecting some scam emails before you've even had a chance to be taken in and will proudly announce it has saved your system from being infested with a virus. It may not detect every single bad email, but having decent protection on your computer is a must and some free software packages won't be up to the task.
We often have emails forwarded on to us by our customers to check whether they are genuine or not and can quickly tell them if they are OK or should be deleted without opening anything, so if in doubt ask before you do anything.
You can also search for the genuine company and contact them direct - never use a telephone number or contact details within the body of the email for this.
If you do accidentally open a bad attachment of click on a dodgy link, shut down your computer and seek help straight away. As embarrassing as it may be to have been duped, doing nothing about it is the worst thing you can do, so tell your IT company as soon as you can.