So I know we touched on scams and viruses of 2017 very recently, but once again the cyber criminals are ahead of the curve. Over the last 2 weeks we have seen a spate of particularly slick looking scam emails, which aim to gather your credit card information through fear. To help you avoid this and similar phishing emails that around doing the rounds right now, we’ve captured some images and information about how it works, and how to combat it.
There have been impersonation scams going around for a long time, with many high-profile organisations on the list to be mimicked. This particular campaign is sending out emails impersonating the DVLA, trying to scare victims into responding. Because many users are so clued up on recognising scam emails these days, the senders are reduced to imitating authority figures. I’ve taken the liberty of screenshotting one such email that landed in my inbox last week.
The subject line was ‘Failure of Notify Change Of Keeper –Final Warning N8198QMVZ’, and when opened in preview the email showed an official DVLA banner, along with a scary looking ‘final warning’ heading. Unfortunately, this phishing scam gives itself away within the first line with some pretty bad grammar. This is one of the most common giveaways of scam emails and always something to look out for. Little things, like ‘a’ when it should be ‘an’ or phrasing that doesn’t make any sense like ‘overthrowing’ a decision instead of ‘overturn’. The email gives you a reference number for yourself and one for the DVLA (again, suspicious, as official issues tend to use one reference number for everyone) and displays a large red box informing you that ‘you can be fined 1,000 GBP if you don’t tell DVLA’. Did you spot the missing ‘the’? The final nail in the coffin is the ‘from’ email address – which is listed as firstname.lastname@example.org - not very DVLA official is it?
Unfortunately, scams like this work by instilling the fear that we may be fined if we don’t act quickly. There have been a few going around targeting different offences – from speeding to parking tickets. These tend to work because people see that they have been caught speeding and panic, paying the fine automatically before it increases. In this case, scammers rely on this fear instinct to make you click the ‘pay’ link before you really read, allowing them to flood your system with malware. If you continue, they will ask you to input credit card details to pay the fine. Of course, there is no fine, and instead you have just handed them a lot of really nice information. Sadly this tactic has proven quite successful, and I’ve already spoken to a number of people who were very early fooled by it, only stopped by someone else pointing out that they had never been to the area they are being accused of speeding in.
It is important to remember that the DVLA will NEVER email you regarding an offence for your vehicle – not in the least because they don’t have access to your email address! If you have been caught speeding, your car license plate will bring up your registration, and they will send a letter to the address registered to you. So no matter how convincing the email might look, it is nearly always a scam. Thankfully, if you have firewalls and anti-virus in place, you should be protected from the worst of the malware – but that’s only half of their aim. If in doubt, don’t open any suspicious email and certainly don’t click on any links unless you are certain of where they lead. Always hover over the link with your mouse instead, and your email client will show you where that link leads. If you receive one of these DVLA emails, please follow the instructions issued by the DVLA here to report it, and then delete the email. For more information or tips on avoiding scam emails, get in touch with us today.