I’ve been sitting on the draft of this article since November 2022, after I saw Alexis Conran speak at the Humans Under Management conference.
Watching a recent YouTube video by fellow Financial Planner, James Shackell, has prompted me to dust off the draft and get it published.
Scams.
Unfortunately, they are nothing new.
For as long as people have owned something in this world, you can be sure there has been someone who’s willing - whether through outright theft or trickery - to get their grubby mitts on it.
With the advent of modern technology (especially AI) the possibility for new and convincing scams is seemingly endless - a real ‘Scammers Delight’.
We all have a digital footprint and live much of our lives online and on our phones. Online banking. Emails. Crypto. This account, that account. Passwords and passcodes.
Is this stuff actually secure?
How easy is it to be scammed?
The answers to those questions are worrying:
Not very.
Very.
For example, my personal email has been involved in 7 data breaches (which means the passwords I was using are now out there for potential scammers), whilst my partner’s has been involved in 17! You can check yours by clicking here.
There’s such a plethora of ways one can get scammed nowadays:
Romance scams.
Imposter scams.
SMS scams (e.g. sending fake EVRI links).
Spoofing.
Email scams.
Telephone scams.
Cyber crime.
Mum & Dad - Help!
Phishing/whaling.
Phone-grabbing.
The list goes on…
And this doesn’t even account for outright blackmail, which is also on the rise. Children are being specifically targeted online in sextortion campaigns by Nigerian gangs 🤬
With so many threats it can be hard to know how to protect yourself and your family.
The best place to start is with understanding the fundamentals of scamming tactics and prevention - which we’ll get into later in the article.
First, to set the scene, lets look at three modern scamming examples:
Spoofing.
Phone-grabbing.
Mum & Dad - Help!
Spoofing
This is a real world example, which James Shackell highlighted in his YouTube video - if you want more detail, be sure to watch his video.
A couple, ‘Fred and Jemma’, were scammed out of £75,000 - which was their deposit for a house.
How?
The scammers gained access to Fred’s email account and intercepted emails from his solicitor.
They spoofed the solicitor’s email (so it looks to have actually come from them) and corresponded with Fred in relation to transferring across the house deposit.
They then spoofed the solicitor’s phone number and called Fred to confirm the transfer of the deposit.
Fred had, understandably, thought he was corresponding with his solicitors and had even done the right thing of speaking to them on the phone prior to transfer.
The result, Fred and Jemma lost their life savings and are stuck in their flat.
Not only have the bastards scammers stolen their life savings, they’ve also ripped away their planned future and their peace of mind.
They’ve reached into Fred and Jemma’s life and inflicted untold mental and emotional strains on them and on their relationship. Who knows the knock on effects for Fred and Jemma moving forward.
Like all scams, it’s a heartbreaking story.
Phone-grabbing-snatching-stealing
Smart phones.
Bloody handy things.
And, as a result, also a prime target for mugs scammers.
Whilst the phone itself has a resale value, the real money is made from gaining access to our banking apps.
How?
First, they’ll look to get your passcode - either by ‘shoulder-surfing’ or by threatening you (if you’re unfortunate enough to get mugged).
Once they’re in your phone, they’ll try the same code on your banking app.
If that doesn’t work, they’ll search your notes for the code (a nice invasion of privacy on top of being a victim of theft).
If that doesn’t work, or if they can’t get into your phone, they’ll take out your SIM card and put it in another phone.
With your SIM card, they can get a code from your bank (via SMS or voice call) to reset your passcode and gain access to your banking app. If needed, they may also be able to find personal information on your phone to help them any answer security questions they may be asked (for example, your date of birth).
Once they’re in your banking app, they’ll look to drain your accounts with bank transfers or make expensive purchases (e.g. adding your card to an apple wallet).
Here are a couple of real world examples:
Nasty business.
Luckily, there are steps we can take to protect ourselves - more on that later.
Mum & Dad - HELP!
This is where nobheads scammers prey on a parent’s innate desire to help their children by creating a false emergency.
How?
They pretend to be your child and act distressed (which naturally sparks parental anxiety), telling you they are in a bad situation which requires money being sent.
They’ll either contact you via text or, more worryingly now, use AI to clone your child’s voice and call you.
They’ll give you a story about how their phone doesn’t work, which is why it’s not their number, and why they need money sending to a random bank account.
Concerned parents then send the money to ‘save’ their child from the situation.
Real world examples:
Businesses are also now getting scammed with AI. Senior management are being cloned on voice and video calls, leading to money being transferred out to scammers - one such scam led to a transfer of $25,000,000!!
Now we have a good idea of some of the modern scams out there, let’s start to look into how to protect ourselves - starting with the techniques used by scammers.
The Fundamentals of a Scam
Whilst there is a near endless list of how one can get scammed nowadays, the fundamentals of a scam typically stay the same.
‘Know thy enemy’.
-Sun Tzu
So, knowing the fundamental elements of a scam is the first line of defence.
Alexis Conran, the mastermind behind The Real Hustle, sets out the 5 fundamentals of a scam as:
Misdirection.
Time pressure.
Opportunity (AKA ‘good deal syndrome’).
Social compliance.
Social proof.
I’d recommend watching/listening to content with Alexis for more info on these.
I came across 2 & 3 a couple of times when working at Hargreaves Lansdown (HL).
A scammer would be putting pressure on a, typically older, client to transfer away their pension to secure a ‘great deal’. If the client went through with it, their pension would be gone. Transferred away to a scammer with no hope of return.
Scary stuff.
Luckily, there are a lot of barriers in place to stop this happening - at HL we’d raise it internally with the fraud department to handle.
Old(er) Folk
The reason old(er) folk are usually targeted for financial scams is due to the natural erosion of our cognitive function by time.
From the age of 60 our financial literacy (typically) declines, yet our confidence levels (typically) do not:
The result of which is an ever-widening gap between declining financial ability and stable financial confidence, which, unfortunately, is ripe for exploitation by scammers.
(If there is a hell, I imagine there’s a special place reserved for scammers. And within that special place, there is a sub-section devoted to the ones who target vulnerable people. Whilst all scams are awful, there is something particularly evil about targeting old and/or vulnerable people).
If you have older relatives/friends, as most do, it’s important they’re aware of the risks associated with these ever-evolving scams and how to safeguard against them.
Scam-proofing
To begin scam-proofing your life, Alexis suggests ‘ABCD’:
Assume nothing.
Believe nothing.
Challenge everything.
Delete if in doubt.
These are good, high level principles to live by in our modern world.
Here are more steps you also can take (this is a non-exhaustive list):
Turn on the SIM PIN on your phone to help stop banking app access scams (you’ll need to contact your SIM provider, as there’ll already be a PIN number).
Check whether your email has been compromised in a data breach by clicking here. It probably has and if you haven’t changed your email password recently, you probably should.
Never give away any sensitive information if someone calls you. End the call. Wait a bit. Find their number online and call them back (this is, unfortunately, what Fred should’ve done).
Remember, if it’s too good to be true, it probably is.
Be vigilant about who’s emailing you.
Avoid personal information in emails (where possible).
Don’t have sensitive data, such as passwords, saved in your phone’s notes.
Don’t have the same passcode for your banking app as you do for your phone.
Ideally, don’t have large sums instantly available via a banking app (because if you’re mugged, you may be threatened to give up your log in details).
Set up two-factor authentication whenever possible.
Be aware of your surroundings when using your phone (and cash points).
Don’t keep your phone and your bank cards together.
Don’t click on links sent via SMS or via email (caveat, I had to click a link in a NHS text message, which looked dodgy but was actually legit - I did some investigating on Google first).
Speak to your family - in person - about setting up a safe word in case of emergency contact (don’t do it via WhatsApp, as the scammer could then get hold of the safe word if they have one of your phones).
I appreciate this is all annoying faff; however, it could save you your life savings.
Speaking of faff, I’ve been meaning to switch on my SIM PIN for 2 years and it’s now back on my to-do list!
Think You’re Being Scammed?
If you think you’re being scammed call 159 immediately.
It’s a switchboard that’ll connect you to your bank’s fraud team.
Stay safe out there!
Thanks for reading,
Tom Redmayne
Chartered Financial Planner
If you enjoyed the article, please consider sharing it with someone else who’d also enjoy it or more widely on social media, it really helps:
Don’t forget to subscribe, so you can get future articles directly to your inbox!
This is not personal advice based on your circumstances.
All views are my own.