Fake texts, calls and a cloned Royal Mail site
All members
Dear <<First Name>>
An ewatch member received a similar Scam Royal Mail message earlier this week so we’re passing on an article from the Which? Scam Alert Service
Fraudsters attempted to wipe out a victim’s entire bank balance by setting up a clone Royal Mail website. Here’s how the scam worked and how it was stopped.
It started with a text, apparently from ‘Royal Mail’, claiming that a parcel was being held due to an unpaid shipping fee.
As Which? member Richard regularly exchanges parcels with family members who live abroad – and import and customs fees have increased following Brexit – this fake was particularly convincing:
The link in this text is disguised to look as though it points to the genuine website, this is done by capitalising the letter ‘I’ so it will appear to be the letter ‘L’. Therefore, the link is actually ‘’ which redirected Richard to a slick phishing website
A lucky escape from a perfectly timed scam call
Richard entered his contact details, date of birth and debit card details on this Royal Mail clone.
The thief attempted to spend £1 using the stolen card details. Fortunately, his bank declined this payment (noting that it originated from an unusual device) and contacted Richard before immediately cancelling the card. 
But the scammers weren’t finished with their con.
The next day, they phoned Richard claiming to be his bank’s fraud team. Thanks to cheap number spoofing technology, his mobile phone identified the call as being from ‘First Direct’.
The scammer pretended to be calling to follow up about the fraudulent card transaction, aware by now that the card had been cancelled. Understandably convinced that he was speaking to the bank, Richard initially followed the instructions – to protect his current account by logging into online banking and setting up a new sort code and account number.
The scam caller then asked him to transfer his balance to the new ‘secure’ account which thankfully rang alarm bells. Richard told us:
“At this stage the penny finally dropped, and I told him I would prefer to call the bank myself to make sure that this was a legitimate exercise. He became very insistent and, essentially, tried to make me feel very guilty for wasting the bank’s time when they had called me to protect my money. When I asked him how I could be sure this was a genuine call he told me to look at the caller ID on my phone”
Fortunately, Richard stood his ground and called the genuine First Direct fraud team who confirmed that this was a scam. Which? reported the fake text and phishing website to both Royal Mail and the National Cyber Security Centre (NCSC). We also advised Richard to sign up for Cifas (£25 for two years) to protect against identity fraud
How to spot genuine Royal Mail communication
A Royal Mail spokesperson told us:
“Royal Mail will only send email and SMS notifications to customers in cases where the sender has requested this when using our trackable products that offer this service.’
The only time we would ask customers to make a payment by email or by SMS is in instances where a customs fee is due. In such cases, we would also leave a grey card telling customers that there’s a Fee to Pay before we can release the item. This would apply either to an international customs fee or to a surcharge for an underpaid item. This card may arrive later than the email or SMS. Royal Mail Group works hard to prevent and detect fraud.
We work with UK law enforcement agencies, Trading Standards and other organisations to share information and support robust proactive action against scams. Customers looking for advice on how to spot a fake notification should visit Here they can view examples of current scams, and get advice on appropriate action”
Is it really your bank calling?
As this example proves, scammers can use number spoofing software to display false caller-ID information and trick you into thinking that their number belongs to your bank or another legitimate business.  
Which? is also aware that many scam callers will attempt to trick you into installing remote access software to ‘fix’ a spurious problem. This software is used by legitimate businesses – including the Which? Tech Support team and many IT support firms – but criminals abuse these tools to hack into email and bank accounts. 
Call-blocking services and phones offer some respite from unwanted calls. But the easiest way to stay safe is to hang up and call back on a phone number you trust, such as the one on the back of your debit or credit card.  
If you fall victim to fraud, contact your bank immediately and follow our step guide to getting your money back.
Click HERE to print this message to pass/send on to neighbours and friends
If you receive a scam email, do not click on anything in it, but forward it to

Unless you have initiated the phone call NEVER PRESS 1 (or any other number)
Support ewatch by shopping on-line via easyfundraising. Over 4,000 companies will donate to us at no cost to you.  Click the logo to register..
If you wish to email your Village Leader please click on your village name below:
Villages not listed may not have a Watch Scheme or may not be registered with the Polden Group.
Only use the "REPLY" feature if your message contains information that you wish the ewatch co-ordinator to share with all members.
If you see someone acting suspiciously around a neighbour’s property, call the police straight away. If they’re obviously breaking in, ring 999. Otherwise, call the non-emergency number 101: police operators are on hand 24/7.

If you have information about any crime, phone 101 or call anonymously CRIMESTOPPERS 0800 555 111
In an emergency dial 999

Ask for your call to be tagged Neighbourhood Watch.

Privacy Policy
Our mailing address is:                      unsubscribe from this list

This email was sent to <<Email Address>>
why did I get this?    unsubscribe from this list    update subscription preferences
Poldens Neighbourhood e-Watch · 27 Woolavington Hill · Woolavington · Bridgwater, Somerset TA7 8HG · United Kingdom

Email Marketing Powered by Mailchimp