Email scam warning after ‘friend’ asks for gift card

By Chief Correspondent Rob Thomas

A GLOBE reader wants to warn others about a type of email scam that nearly caught him out.

What is different about this particular fraud is that the Lee-on-the-Solent resident – who wants to remain anonymous – received the initial message from the correct email address of a good friend.

It read (reproduced as received without correction of grammatical errors): “How are you and how is your family doing? I hope this email finds you all in good health Let me know if you receive my message I want you to do something for me.”

But something felt wrong. Our eagle-eyed reader said: “The message looked strange. I had talked to my friend 24 hours earlier and I was due to see her the next day.”

Rather than reply, he phoned and found out the email did not come from the friend. Further investigation revealed the email had been sent to most, if not all, of the friend’s contact list.

Intrigued – but extremely cautious – the Lee resident decided to find out what it was about and replied with a simple: “How can I help?”

Back came the response but this time from a subtly different email address – one letter in the email address had been changed to a number – which could easily be missed.

It read (again, reproduced as received without correction of grammatical errors): “Happy to hear back from you, I need to get a Google Play Gift Card for my niece, it’s for her birthday gift but i can’t do this now because I’m currently not close to any store here. I have tried purchasing it for her online but unfortunately no luck with that. Can you get it from any Tesco or Sainsbury store around you? I’ll pay back as soon as i get back. Kindly let me know if you can handle this.”

   The Globe contacted the consumer campaigning and testing organisation Which? because it has a dedicated scams website – www.which.co.uk/consumer-rights/scams.

Kate Bevan – Which? Computing Editor – said: “This is a common scam, and sadly many people fall victim to it. The red flags are that it doesn’t address you by name, and that the written English almost certainly doesn’t match up with how your friend speaks or writes.

“Our advice is to contact the person the email purports to have come from via another trusted channel – a phonecall or perhaps a video call so you can be sure it’s them – and check that the message didn’t come from them.

“Most of the time the scammers spoof email addresses, and there’s not much the person who’s been spoofed can do, but in some cases they have had their email account hacked…

“It’s also a good idea to let your mutual contacts know that any emails claiming to come from your friend asking for money in this way is a scam.”

The advice from Kate and from Action Fraud – the police’s national reporting centre for fraud and cyber-crime – is that if your email address has been used then change your password for the email account and set up two-factor authentication.

These and other online safety measures are explained more fully by Which? at computing.which.co.uk/hc/en-gb/articles/360000818025-How-to-create-secure-passwords

and computing.which.co.uk/hc/en-gb/articles/360000243980-What-is-two-factor-authentication-and-should-you-use-it-,

and by Action Fraud on its website: www.actionfraud.police.uk/individual-protection.