Online scams and beyond

Fraud: spotting it & keeping yourself safe

As technology improves, so too do the methods fraudsters use to take advantage of it. Fraud comes in many guises and, in order to avoid any financial fraud taking place, we think it’s always worth being armed with the facts.

At Hodge, keeping your details safe is our priority. We make sure that the systems we use have the right controls in place so that your data is protected, secure and is only accessible by you when you need it.

We can’t always prevent something from happening, but with your help we can make sure the risk and impact to you is minimal – and that we respond quickly.


How to recognise fraud and what to watch out for

Financial fraud occurs when someone takes money or other assets from you through deception or criminal activity. Understanding the various types of financial fraud and how you can protect yourself is the first step to making sure you don’t become a victim.

There are many different types of fraud and there are countless ways criminals will try their luck.

Here are some of the most common online fraud techniques you should look out for:

Phishing emails

Phishing emails can appear very convincing, but there are a few things you can look out for which may reveal an email to be not quite what it seems, including:

  • Spelling mistakes or grammatical errors
  • Being addressed to Sir or Madam rather than you directly
  • Unusual email addresses – if you check the address, it may appear legitimate at first, but look closer, it may not be as legitimate as it first appeared. Hovering over the address with the mouse can sometimes show a different email all together.
  • They may offer something of value for free, for example lots of phishing emails currently claim to be from a local council offering money in line with the Government’s COVID-19 initiatives
  • There will often be a sense of urgency to create a sense of panic that you should respond immediately. You should never feel pressured to respond.

Credit or debit card fraud

Credit fraud is the criminal use of someone else’s personal credentials, as well as their credit standing, to borrow money or use credit cards to purchase goods or services with no intention of repaying the debt. This is especially common on the internet, particularly when the victim ‘thinks they are helping a friend in need.

If you do need to give information to a friend, you should at least confirm with him or her that he/she is indeed the one who sent the distressed message asking for financial aid. In real emergencies, you should try to contact that person via telephone to establish payment details.

SMiShing (SMS phishing)

This is carried out via text message. As with phishing and vishing, the fraudsters will impersonate a reputable company. The SMS will either ask you to open a link where you’ll need to enter your personal information or phone up a number and verify details with them.

Malware scams

Malware scams work by installing software on your computer that allows scammers to access your files or watch what you are doing on your computer. Scammers use this information to steal your personal details and commit fraudulent activities.

They may make unauthorised purchases on your credit card, or use your identity to open accounts such as banking, telephone or energy services. They might take out loans or carry out other illegal business under your name, or even sell your information to other scammers for further illegal use.

Fraudulent “Pop-up” Windows

These are a type of online fraud often used to obtain personal information.   They are the windows or ads that appear suddenly over or under the window you are currently viewing. Fraudulent websites or pop-up windows are used to collect your personal information.

Fraudulent websites, e-mails or pop-up windows will often:

  • Ask you for personal information (Account number, Social Security Number, Date of Birth, etc.).
  • Appear to be from a legitimate source (Retail Stores, Banks, Government agencies, etc.).
  • Contain prizes or other types of certificate notices.
  • Link to other real or counterfeit websites.
  • Contain fraudulent phone numbers.

What we’re doing to help protect you and your data, and prevent fraudulent activities

At Hodge, we make sure your personal data and money is kept as secure as possible by monitoring our systems constantly for any unusual activity. We may contact you if we become aware of anything suspicious. Remember, if you notice anything unusual or suspicious on your account(s) please let us know as soon as you can.

If you’re a victim of fraud, we’ll help you get the support and tools to keep your information and money safe in the future.

We’ll also keep you up to date with our latest security advice. Occasionally, you may see details on our website with hints and tips for you to improve the security of your data. This could include making sure you use strong passwords and asking you to update us if any of your personal details change.

It’s important to remember Hodge will never call, email or text and ask you to:

  • Reveal your PIN code, expiry date, the last three digits of the security code on the back of your card (CVV number), or anything else
  • Transfer money between accounts
  • Share account details including user IDs, memorable details or passwords
  • Tell them your Personal Security Number (PSN) for Telephone Banking.

What you can do to help prevent online fraud

To avoid becoming a victim of online crime you don’t need to be a computer expert. Developing a few good online habits drastically reduces your chances of becoming a victim of cybercrime, makes you less vulnerable and lets you use the web safely.

There are several steps you can take to protect yourself and your data:

Install anti-virus software

Your data and money can be stolen through malicious content on your device. Using up to date anti-virus software from a well-known, reputable company installed on your device helps to minimise the risk of it being accessed.

Sharing personal information

If you use social media, check the privacy settings so that personal data is protected. Make sure that you don’t share confidential information on social media such as your address or bank account information as this can often be viewed publicly. Take care when uploading photos to these sites too, for example, making sure your bank card or passport information cannot be seen.

Remember that people will make a lot of effort to get hold of your information, so always be careful.


You should never tell anybody what your passwords are, write them down or store them somewhere that can be easily accessed, this includes your mobile phone.

When creating a password, use a mix of upper and lower case letters, and include numbers and symbols. A passphrase is more secure than just a word. Perhaps think of a memorable phrase such as ‘ilovegoingonholiday’ and swap some of the letters around and add in numbers, such as 1lov3go1ng0nHo1idaY!, this makes it harder for anyone to guess.

We’ll never ask you to share your password with us.

If you believe you have been a victim of fraud at any point, please change all passwords and the email address linked to your Hodge account.

Secure internet connections

Ensure that you are using a secure Wi-Fi connection, ideally one that isn’t publicly accessible. Look out for the padlock symbol in your browser address bar, this confirms that your connection to the site is secure.

The padlock confirms the connection is safe, but it doesn’t tell you if the website is genuine. Check for spelling and grammar mistakes, or other signs that suggest the site is not real. Phishing sites will often use similar looking characters to imitate genuine sites.

Fraud and offline scams

Mobile messaging scam
Mobile messaging scams involve a message being send to you, often via WhatsApp, by someone pretending to be your son or daughter claiming they’ve lost their phone. Once you have the number saved, the scammer will tell you they need money after their ‘incident’, hoping you will hand over your financial details.

To avoid this scam, make sure you take time to think in these situations, remember scammers prey on peoples kindness in these situations. You could verify it’s the person by calling them directly, making sure you’re 100% sure the request is from someone you trust before you send any money or your financial details.

You can turn on your WhatsApp two-step verification to protect your account and make sure you’re happy with your privacy settings. If you realise it is a scam, make sure you report it to Action Fraud.

Pension pot scams
Scammers are exploiting pension reforms, by persuading people to release their retirement savings and transfer them into inappropriate or even non-existent investments. They often use the uncertainty created by the pandemic to trick these people out of all their life savings.

If you’re contacted out of the blue about your pension then it’s likely to be a scam, so make sure you’re aware of free pension review offers. You can also check the FCA’s Financial Services Register to ensure anyone offering you advice or other financial services is authorised by the FCA. Be wary that some scammers may try to pretend to be a FCA registered firm, so make sure you are only using the details on the FCA Register.

Romance Fraud
There has been a significant increase in ‘romance fraud’ according to Action Fraud, due to the pandemic leading to people looking for love online. The scammer creates a fake profile on a dating sight to social media platform and targets individuals to try and gain their trust. They then ask the victim for money for investments, legal fees, or travel.

Requests for money early on may be red flags as well as reluctance to talking about their personal life. If you have concerns, talk to someone you trust for help. If you think you’ve been scammed, make sure you report it to your bank and to Action Fraud.

Spoof HMRC phone calls
Action Fraud has also had an increase in the reporting of malicious calls and voicemails, to members of the public claiming to be from Her Majesty’s Revenue & Customs (HMRC).

Fraudsters are able to spoof genuine HMRC telephone numbers to deceive their victims over the phone. They will often tell the victim that due to their non-payment of tax or other duty, they are liable for prosecution or other legal proceedings to settle the balance. They may suggest the victim can avoid this by making a payment via bank transfer, which then goes into the fraudsters bank account.

The fraudster uses fear to force the victim to pay them money. For example they may threaten immediate arrest or bailiffs to the victims address, and in some cases deportation. Often the period in which the alleged tax was due is distant ago enough that there is little to no paper work to verify the claims.

In genuine cases from HMRC, they will make direct contact via post before following up with a phone call at a later date.

Useful Resources

Action Fraud

Action Fraud is one organisation who can help if you think you're a victim of fraud.

Contact Action Fraud


Cifas may also be able to help you if you think you're a victim of fraud.

Contact Cifas