Over 200 people victims of SMS or email scams in past month, police say

Sunday, 30 May 2021, 12:18 Last update: about 4 years ago

Over 200 people fell victim to SMS or email scams in the past month, police said, as they warned against different types of these scams.

Police said in a statement on Sunday that they have been receiving reports of such scams from the end of April, and that its Cyber Crime Unit has assisted in over 200 cases of such scams.

Victims have reported losing between €800 and €1,800 from their bank accounts, with total amount of money being stolen so far passing the €100,000 mark.

In its statement, the police also gave a run down of how these scams work.

Scams through postal operators

One scam takes the form of the intended victim receiving an SMS or email using the name and logo of the postal operator – in Malta’s case generally MaltaPost – informing them that they have a package in their name.

The SMS or email is imitating the postal operator, with victims being instructed to click the link given to them and pay a small administrative fee so that the package can be released to them.

The fraudsters leading the scam have used new regulations on postages – in particular those related to Brexit, where all packages are subject to customs payments – as an excuse to make this scam seem valid.

Because of this, it is easier to make people believe that the scam presented to them is legitimate. When the intended victim presses the link, they are presented with a false website which is again imitating the postal operator, and they are then told to insert their credit card details and – in some cases – also a password where one thinks that they are authorising a small transaction, which averages around €1.60.

Once the credit card information is inserted however, the fraudsters immediately have access to the information and use it to steal an amount which is much larger.

Scams through bank notifications

A similar process is used in terms of scams through bank notifications.

In this case, the victim is drawn into providing their credit details after being notified of a “suspicious transaction”, where they are then asked to click a link to verify the said transaction.

When clicking that link, they are met with a false website intended to steal the victim’s details.

How can one avoid falling victim to these crimes?

The key to preventing this type of crime is that one should not be quick to press such links and give out private information.

If one pays special attention to the link which is sent, one can notice that the website address – its URL – is not genuine, even if it would look very similar.

People should not follow links sent by email, but should always use the genuine postal service or bank website. They can also verify that validity of an SMS or email received by telephoning the company in question or contacting them by email or social media.

It is important not to use phone numbers or email addresses provided in the fraudulent message though, but to use the contact provided by the company itself.

The police encouraged all those who have fallen victim to these SMShing campaigns to notify their bank immediately about any unauthorised transactions, and to file a report with the police.