Since the dawn of the internet, whenever an online messaging platform has gained popularity it has also attracted the attention of people who try to use it with malicious intent.
The FMB has received reports that some of our members have received enquiries from scammers, and we thought it would be a good idea to put together a general guide to avoiding scams on online platforms. We have taken all sensible precautions to remove automated bots / spammers from our Find a Builder messaging system, however there is little we can do to prevent scammers filling out our enquiry forms manually with false information. This guide is intended to help you recognise such instances, and to highlight some of the more common characteristics of a scam.
- Fake phone numbers
If you receive an e-mail where the phone number is a premium rate number - in a 0944 / 0843 / 0844 format – this might be a sign of a scam. Usually a person requiring building work would not have a premium number; they would instead provide a landline or a mobile number. If in doubt the best course of action is to Google the number and see if it shows up on any community websites that highlight scam numbers their members have encountered. These numbers may not seem particularly dangerous at first, but they can end up costing you a fortune in phone bills as they charge by the minute - on mobiles this can go up even further.
- Messages asking for e-mail communication only
Sometimes a scammer will attempt to communicate only via e-mail to avoid being identified as a fraud, or in order to send you a file infected with a virus designed to take over your computer and hold it to ransom. As a rule, you should not agree to communicating solely by email in the long run; if you receive an enquiry from someone requesting this who then sends you a file – do not open it. In the first instance perform a Google search of the e-mail address you are communicating with to see if others have been scammed through it. A good secondary action is to scan the file with anti-virus software before opening to make sure it is safe.
One obvious sign of a scam is inconsistencies in the information provided by the contact. A common example is when the e-mail address provided and the name of the contact are not the same; for instance an e-mail received from someone claiming to be John Doe, but with an email address of [email protected] would be a suspicious sign. A message coming from one e-mail address that asks you to contact another should trigger alarm bells.
- Double-check all links in emails
Phishing is the process whereby a scammer attempts to send you to a fake version of a trusted website in order to trick you into submitting personal information to them. A simple way to track phishing attempts is to check that the website you are looking at shares the same URL as the real, official website. Sometimes scammers create a link in an e-mail that seems to point to a bank’s website, but the web address you get to when clicking on it isn’t quite right; for example the bank’s name may be missing a letter, or may contain a misspelled word. These are red flags that should alert you to the fact that you are accessing a fake website.
- Never pay upfront
Another common request from scammers is requesting money upfront for good or services they have not yet rendered. If someone requests that you send them a small fee for something that seems too good to be true – it probably is. If they promise to reimburse the payment after you have made it – this is something to avoid.
Reporting a scam/phishing attempt or fake enquiry
If you have received any suspicious enquiry from the Find a Builder messaging service please forward it over to the FMB for us to investigate.
In general the best thing to do if you suspect a scam is to ignore it; don’t open anything they send and report anything you have identified as a potential scam to ActionFraud – National Cyber Crime Reporting Centre (https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime).
If you think you might have been a victim of an online scam – or have provided any personal login information to a party you regard as suspicious – please act immediately and report this to the companies that hold these accounts for them to change their passwords if required. Please make sure you change all your personal passwords as well, in order to avoid compromising accounts which might share similar login information.