It’s Christmas and it seems the email scammers are in full flow. At least three attempts to separate villagers from their money have been reported in the last week – and there are probably many more. The most popular scam involves iTunes Gift Cards. The email – which appears to come from a friend – says that the sender is stuck in a meeting and urgently needs to buy a Gift Card as a present. The email asks if the recipient could possibly buy the gift card on their behalf. Typically the scammer will ask for two cards at a cost of around £100 each.
If the recipient were to respond to one of these emails, the scammer will reply, encouraging them to act quickly. Urgency is crucial. The longer you have to think about what’s happening, the less likely you’re going to fall for their scam. If you should proceed to the point where you were to actually buy a gift card, the next email will ask you for the serial code on the back. Once in possession of this, the scammer will disappear forever.
But what do scammers want with iTunes cards?
iTunes gift cards are easy to sell on. The value of the card is linked to the serial code. Once a scammer has the code they can sell it to someone else without ever having to meet the buyer face-to-face. People on the “dark web” will gladly pay £30 for a £100 iTunes gift card. For the scammer it’s easy money and they can remain completely anonymous throughout the entire process.
What can you do to avoid falling into the trap?
If you receive an email which claims to come from someone you know but makes a very odd request, the first thing you must do is check the sender’s email address. This is always visible at the top of the email. This identifies where the email was sent from. The scammer may claim to be Joe Bloggs – but is it Joe Blogg’s real email address? A typical giveaway is an email address which is overly long and contains lots of punctuation. For example:
Note. scammers like using @gmail accounts because anyone can set one up for free without providing any identification.
Another thing to watch for is company names which come before the @ symbol. For example:
firstname.lastname@example.org – is probably real
email@example.com – is clearly fake
There are a lot of these emails around at the moment. For cybercriminals it remains a highly lucrative way of separating people from their money. If you receive such a message, stop and think before you respond. Check the email address. Look at the text for misspelled words and grammatical errors. If you have any suspicions, bin it immediately.