WEEKLY FRAUD UPDATE FROM WEST MERCIA POLICE - ECONOMIC CRIME UNIT - 23/09/2025

COMMON TERMS – ONLINE FRAUD

As the Internet has evolved, so has its misuse by online criminals in defrauding their victims. In the course of that new words and phrases have evolved to describe the methods used. These are often used in our weekly messages but may not be familiar to all recipients.

In order to familiarise all readers, there is a list below of the commonest terms with a short definition. The list may not include every term used and further details can be found in online sources such as the Action Fraud and Get Safe Online websites.

ACCOUNT TAKEOVER -ATO – A type of identity theft where fraudsters gain access to your online accounts. By stealing your personal information, they can then contact your bank, credit card companies and other online accounts pretending to be you and change your personal details, passwords and PIN’s for their own use.

AI/DEEPFAKE – The advent of Artificial Intelligence -AI – has provided a new tool for online criminals to create videos, and voice recordings which appear to come from friends, relatives or even well-known celebrities. Commonly used in Romance Scams, Investment Fraud and other types of financial frauds.

BITCOINS / CRYPTOCURRENCY – These virtual currencies are not protected and often used to tempt people into Investment Frauds. They start small, sometimes with a small payback to gain your confidence then ask for more investments or fees to get repayments. This is often called PIG BUTCHERING – “fattening” your investment before it disappears without a trace. Bitcoin payments are also often used in Romance Fraud payment requests.

COURIER FRAUD – This is when a fraudster contacts a victim claiming to be from the Police, Bank or other official organisation. They then tell you to withdraw money or buy expensive items such as jewellery or watches then hand them over to a “Courier” who will call at your house to collect them. They may even ask for your bank card PIN’s then get you to hand over your bank cards to the “Courier”.

GASLIGHTING – A form of manipulation to gain and maintain control of a person and often refers to the methods used by fraudsters using Dating Sites and Romance Fraud.

KEYLOGGING – A piece of software downloaded onto your device to allow the criminal remote access and track your strokes on the keyboard. This may have been downloaded unknowingly by clicking on bogus links in Phishing emails.

MALWARE/RANSOMWARE – Malware is any type of malicious software downloaded onto your devices to gain sensitive information as opposed to Ransomware which is downloaded to gain access to the victim’s files, locking and encrypting them, then demanding a ransom to unlock those files. They may also persuade the victim to download recognised software such as ANYDESK to gain access to your devices.

SPOOFING – A method used by fraudsters to disguise their identity by manipulating caller ID, email addresses or website URL’s to look like a trusted entity such as a bank, Government agency or similar. Spoofing may also utilise AI techniques to trick the potential victim.  

SIM SWAPPING – Scammers collect personal details from sources such as social media, phishing messages or phone calls. They then contact your network provider and using that information to pose as you and request the provider to transfer your number to a new SIM card. Once completed they can access your banking, email and social accounts using the One Time Passcodes sent via the new SIM card on their phone.

419 EMAIL/LETTER – This is a form of Advance Payment Fraud where a fraudster requests an admin fee in order to move non-existent money or high value items such as gold, from one country to another. It usually comes with the promise of a percentage of the value when the delivery is complete, but never comes. 

PHISHING – In its basic form this refers to the use emails which look authentic from Banks, Utilities, Government Agencies requesting you to send them sensitive and personal information. Other styles of “Phishing “ are listed below.

VISHING – Voice Phishing using recorded or live voice messages again to gain personal information.

SMISHING – Phishing by using Text Messages i.e. SMS technology.

SPEAR PHISHING – a more personal type of fraud using a personalised email which appears to come from a friend or family member.

QUISHING – use of fake QR codes in emails or in public places such as such as ticketing machines in car parks.

WHALING- a form of phishing which is normally used to target management or similar in an organisation with the aim of stealing money, accessing information or creating cyber-attacks.

Whilst this list is by no means fully comprehensive given the scope of the Internet and Online Fraud, but covers the more common and basic terms.

          Please feel free to share these messages with any vulnerable friends, relatives or neighbours.

If you have fallen for fraud

Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk

Scam Text messages can be forwarded to 7726 to help phone providers take prompt action and block numbers that generate spam on their networks.

You can also report fraudulent mobile calls by texting 7726 with the word “Call” followed by the fraudster’s phone number.

Scam calls received on WhatsApp can be blocked by opening the chat with the suspect phone number and tap on “Block”.

Forward Fake Emails received to report@phishing.gov.uk

If you think your bank account or personal banking details have been used fraudulently, then use the short phone number - 159 - to contact the Fraud Prevention Department of most major UK banks.