In the UK, 55 percent of the population shop online, with consumers’ favourite items to purchase being clothes and sports goods. With the onset of the COVID-19 crisis, the value of online retail sales in the UK was estimated to reach just below 100 billion pounds in 2020. With UK Lockdown number 3 currently underway, these figures are set to remain just as high in 2021.

Due to the impact of the Covid-19 pandemic, criminals have been turning away from more traditional forms of fraud. Contactless card fraud, which takes place using lost or stolen cards, fell by 20% to £8.2 million during the first half of 2020, which was the first year on year decrease in some time. This was most likely due to the reduced number of face-to-face transactions by consumers using contactless cards during the first UK Lockdown.

However, criminals have been exploiting and adapting to Covid-19, with a growth in fraud and scams that target people online. Many of these scams harvest customers personal and financial details, for example, through phishing emails or text messages impersonating trusted organisations.

With more and more people turning to online transactions due to Covid-19 and Lockdown, what steps can you take to protect yourself from becoming a victim of online fraud?

Choose where you shop carefully

It is worth doing some research in to online retailers to check that they are legitimate. Visit consumer websites to read feedback that people have left.

Some of the emails or text messages that you receive about offers that are too good to miss, may contain links to fake websites. If you are unsure about clicking on the link, then don’t. Instead, type the website address that you know and trust, directly into the address bar. Alternatively, use a Search Engine to search for the website and follow the links brought up in the search result.

Use a credit card for online payments

If you have one, use a credit card when shopping online. The majority of major credit card providers protect online purchases and, in certain circumstances (when the purchase is over £100, for example), are obliged to refund you. Using a credit card rather than a debit card also means that if your card details are stolen, your main bank account wouldn’t be directly affected.

Debit card payments and purchases are NOT covered by Section 75 of the Consumer Credit Act. However, you may be able to make a claim for a refund under a voluntary scheme called ‘chargeback.’ This scheme is not mandated by law but is part of Scheme Rules which participating banks adhere to.

Consider using an online payment platform such as PayPal, Apple Pay or Google Pay (G Pay). Using these platforms to authorise your payments means that the retailer doesn’t even see your payment details. They also provide their own dispute resolution should anything go wrong. However, they may not provide the same protection as a card provider, so check their terms and conditions before you sign up.

When it is time to pay for your items, check that there is a closed padlock icon in the browser’s address bar. The padlock icon doesn’t guarantee that the retailer itself is legitimate and that their website is secure, it means that the Internet connection is secure.

If the padlock icon is not there, or the browser says not secure, then do not use the website. Don’t enter any personal or payment details, or even create an account.

Only provide enough details to complete your purchase

You should only fill in the mandatory details on a website when making a purchase. These are usually marked with an asterisk (*) and will typically include your delivery address and payment details. You shouldn’t have to provide additional details (such as your mother’s maiden name, or your place of birth) to complete your purchase.

If possible, don’t create an account for the online store when making your payment. You can usually complete your purchase without having to create an account (checking out as a ‘guest’), or by using an online payment platform (such as PayPal). Only create an account if the security measures detailed above are met, and if you think you’ll become a regular customer with the store.

The store may also ask you if they can save your payment details for a quicker check-out next time you shop with them. Unless you are going to use the site regularly, do not allow this.

Keep your accounts secure

Nowadays, most of us have lots of online accounts, so creating strong passwords for all of them, and remembering them, is hard. If you are using the same password for your online accounts, or passwords that can easily be guessed, then you’re at risk. Hackers could steal your password from one account and use it to access your other accounts. For this reason, you should make sure that important accounts such as your email, Social Media, banking, shopping and payment accounts, for example PayPal, are protected by strong passwords that you don’t use anywhere else.

You can protect your important accounts further from being hacked by turning on two-factor authentication (2FA) also referred to as two-step verification or multi-factor authentication. Turning on two-factor authentication stops hackers from accessing your accounts, even if they know your password. It does this by asking you to confirm that it’s really you in a second way – usually by asking you to enter a code that’s sent to your phone via a text message.

For more information, visit The National Cyber Security Centre.

Be aware of suspicious calls, emails and text messages

You’ll probably receive multiple messages from online stores as a result of opting in to receiving communications from them. In amongst these genuine messages there may well be fraudulent ones containing links designed to steal your money and personal details. They can be very difficult to spot.

Of course, not all messages are scams, but if something doesn’t feel right, follow The National Cyber Security Centre guidance on dealing with suspicious calls, emails and text messages:

  • If you have received an email which you are not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk.
  • If you have received a suspicious text message, forward it to 7726. It won’t cost you anything and allows your provider to investigate the text and take action if it is found to be a scam.
  • If you come across an advert online that you think might be a scam, report it via the Advertising Standards Authority website (ASA). This allows ASA to provide online service providers with the details they need to, if appropriate, remove these adverts from websites.

What to do if something does go wrong

If you think your credit or debit card has been used by someone else, let your bank know straight away so they can block anyone else from using it. Always contact your bank using the official website or phone number. Don’t use the links or contact details in the message you may have been sent or given over the phone.

If you think you have responded to a suspicious email or text message, or visited a scam website, don’t panic. If necessary, take the following actions:

  • If you’ve been tricked into providing your banking details, contact your bank and let them know.
  • If you think your account has already been hacked (you may have received messages sent from your account that you don’t recognise, or you may have been locked out of your account), refer to the National Cyber Security Centre guidance on recovering a hacked account.
  • If you received the message on a work laptop or phone, contact your IT department and let them know.
  • If you opened a link on your computer, or followed instructions to install software, open your antivirus (AV) software if you have it, and run a full scan.
  • If you’ve given out your password, you should change the passwords immediately on any of your accounts which use the same password.

If you’ve lost money, tell your bank and report it as a crime to Action Fraud (for England, Wales and Northern Ireland) or Police Scotland (for Scotland). By doing this, you are helping to prevent others becoming victims of cyber-crime.

If you don’t receive the item, or it doesn’t match the description given, Citizens Advice has some useful information about getting your money back if you paid by credit card, debit card or PayPal.

Tony Buckingham, Managing Director of Buckingham Insurance says “Unfortunately, online fraud doesn’t stop during a pandemic, with unscrupulous criminals taking advantage of the fact that more people are now driven to online purchasing. Remain vigilant and take the recommended security steps to better protect yourself from becoming a victim of fraud.

Buckingham Insurance remains open for business during this Lockdown. If you would like to discuss your insurance needs, please contact us or telephone one of our friendly staff on 01246 575 625 (Clowne) or 01773 748 627 (Ripley). They will be more than happy to answer any questions you may have.”