Skip to main content

Whatever you do, don’t click on the link!

Posted by: , Posted on: - Categories: Fraud, Scams

During International Fraud Awareness Week, Neil Freebury, our Head of Intelligence, talks about fraud and the importance of not clicking on that suspect link.

Brenda, were we expecting a package? They sent me a link…

Mobile phone call from an unknown numberAs Head of Intelligence for the Insolvency Service, I attend meetings every week where I hear awful stories about ordinary people who have been financially ruined by fraud.

The fraudsters don’t care who they target. Every couple of days on my phone or computer, I receive unsolicited emails and texts inviting me to “click on the link”. Some are simply marketing emails, but many are phishing attacks.

A few of the recent ones I have received are:

your parcel is being held at our warehouse due to an unpaid delivery fee you can fix this by visiting the website

"GOVUK You are now eligible for the government funded £400.00 energy bill rebate. To complete your account application please visit here"

"Last chance to register for your free ticket worth £999 to the Government …. Conference at the [Very Glamourous and all expenses paid] Hotel

Phishing, smishing, vishing – its all gobbledygook to me

But what exactly happens if you click on that link? Malware is introduced onto your device which will permit cybercriminals to steal anything on it.

If you bank on your phone, they will control your bank accounts and apply for multiple high value loans in your name. They may also lock you out of your device and charge you ransom to get it back or expose your most intimate data on the internet.

phishingPhishing (sending malware links by email), Smishing (by text), and vishing (seeking personal data by voice messages) are principal methods of cyber intrusion and account takeover. Some of my friends have fallen victim to these attacks, and I constantly hear of major companies where one employee simply clicked on a link in an unsolicited email and lost the company millions or had their computer systems locked out for days.

Some of you will have enjoyed the recent Lazarus Heist podcast on BBC Sounds. The eponymous “Heist” was an attack on the Bank of Bangladesh in which the group stole US $1 billion by infecting their central computer system with malware and ordering it to pay accounts in other countries.

How did they infect the computer systems? They simply sent phishing emails to employees, several employees clicked those links the virus was introduced, and the attackers spent weeks silently spreading infection through the internal network until they were able to control accounts and payments. Clicking on the link was the immediate cause of the loss of $US 1 billion dollars.

Protect yourself

As my text messages show, the cost of living is now a major focus for phishing, vishing, and smishing attacks. Re-mortgage offers will be coming out shortly if you have not received them already.

If you think any of the offers are genuine and want to take them up, look up the underlying business and check its website or contact them on the number you have found independently.

Never click on that link – it could cost you $1 Billion Dollars!

And make sure that you know what to do with suspicious emails and check out the National Cyber Security Centre - our frontline defence against these attacks.

You can report suspicious activities:

How the Insolvency Service tackles fraud

fraud investigation

We’re a government agency on the front-line putting a stop to fraud.

We investigate solvent companies where we receive intelligence of bad practices before petitioning the courts to shut these unscrupulous companies down; we can apply to remove rogue directors from the corporate arena where there is evidence of misconduct; and we are a prosecuting authority, bringing criminal cases to court.

We work in partnership with a range of government bodies and other partners in the prevention fraud space. Our work is vitally important, putting a stop to companies and individuals that think they can defraud innocent people of their money.

And here are just a few examples of our successful enforcement action:


Further information


Sharing and comments

Share this page