The ECRC works closely with local policing to ensure that our members benefit from the free tools and services that local policing offers.

One valuable tool is the Kent Fraud Email Alert System (K'FAs), created by Stephen Kelly, the Fraud Prevent and Protect Officer for Kent Police. This system provides weekly alerts the inform the public and businesses about current scams and how to best protect themselves.

The K'FAs reach hundreds and thousands, not just in Kent but in other areas up and down the country as we are all affected by similar offences. The ECRC publishes Stephen Kelly's weekly K'FAs for our members so you can stay informed and learn about the latest threats targeting businesses and the general public. For further information about fraud, visit Advice About Fraud | Kent Police.

Mobile Phone Scam

A member of the public (MOP) receives a call from a criminal impersonating their telecommunications company. They inform them that they are eligible for a special offer due to them being classed as a loyal customer. They offer them a new sim for a low cost or even a new phone upgrade. Once they have agreed, details are taken to set up the new contract and direct debit. The criminal uses these details to enter into a contract with a phone provider for a new phone. This phone will be different to any that the victim agreed to. This device is delivered to the MOP address who then contacts the offender to state they have received a phone they did not order. The offender, still posing as a member of staff from the phone company apologises for the mistake and advises them they will order the correct device and send it out now but the victim has to return the device they have now. The offender arranges for a courier to come and collect the package. This package is then delivered to the criminals and no new phone is ever ordered for the victim.

Remember our scam awareness message of ABC of never ASSUME or BELIEVE a call is genuine and always CONFIRM. If you get a call from a company, always ring them back via a trusted number and confirm that the offer is genuine.

If you are asked to return a device to a private address, then it is likely to be a scam.

If you think that you may have been a victim of this or any other type of scam, then contact your Bank immediately, which you can do by calling 159 and report it to Action Fraud at www.actionfraud.police.uk or call 0300 123 2040.

For further information about Fraud, visit our website at Advice About Fraud | Kent Police

You will also find valuable information from the Home Office at Stop! Think Fraud - How to stay safe from scams.

Action Fraud Alert - Booking.com

Those using the platform Booking.com to book their holidays or accommodation are being warned they could be targeted with emails or messages requesting payments from hotels who have had their account taken over by fraudsters. Between June 2023 and September 2024, Action Fraud received 532 reports from individuals, with a total of £370,000 lost. Insight from Action Fraud reports suggests the individuals were defrauded after receiving unexpected messages and emails from a Booking.com account belonging to a hotel they had a reservation with, which had been taken over by a criminal. Using this account, the criminals send in-app messages, emails, and WhatsApp messages to customers, deceiving them into making payment and/or requesting credit card details.

The specific account takeovers are likely to be the result of a targeted phishing attack against the hotel or accommodation provider, and not Booking.com's backend system or infrastructure.

Booking.com and Action Fraud are providing the following advice on how to spot signs of fraud and protect your Booking.com account:

• No legitimate Booking.com transaction will ever require a customer to provide their credit card details by phone, email, or text message (including WhatsApp).

• Sometimes a hotel provider will manage their own payment and may reach out to request payment information, like credit card details - before providing any information, always verify the authenticity of communication between yourself and the hotel's account.

• If you receive any urgent payment requests that require immediate action, like a booking cancellation, immediately reach out to the Booking.com Customer Service Team via the details on the official Booking.com website and/or app to confirm.

• Any payment requests that do not match the information in the original booking confirmation should also be double checked and confirmed with Booking.com Customer Service before proceeding.

• Any messages purporting to be from Booking.com that contain instructions to follow links and/or open/download files should be treated with caution.

• If you have any doubts about a message, contact Booking.com directly. Do not use the numbers or address in the suspicious message and use the details from their official website.

If you think that you may have been a victim of this or any other type of scam, then contact your Bank immediately, which you can do by calling 159 and report it to Action Fraud at www.actionfraud.police.uk or call 0300 123 2040.

For further information about Fraud, visit our website at Advice About Fraud | Kent Police

You will also find valuable information from the Home Office at Stop! Think Fraud - How to stay safe from scams.

Courier Fraud

We have received a number of reports in the last week of criminals telephoning and impersonating police, in particular those in Tunbridge Wells. There have also been reports in Tonbridge, Edenbridge, Maidstone and Sevenoaks.

The criminals are employing various methods from stating that they have arrested someone in possession of the victim's bankcard and then requesting financial information or asking victims to withdraw cash for a courier to collect as evidence. If you get any calls like this, STOP, it is a scam. This police will NEVER ask you for financial details on the phone or request to collect your card or cash or gold as part of an investigation.

Remember the ABC of Scam Awareness and never ASSUME or BELIEVE a call is genuine and always CONFIRM.

If you get an unexpected call from someone claiming to be the police or any other organisation, then take their details and end the call. Then call back using a different phone if available. If another phone is not available, then wait 5 minutes and ring a family member or friend to ensure the line has been disconnected and then ring 101. Never call a number they have supplied and never ring 999 whilst still on the call with them. You must always disconnect the call first before ringing 101.

If you think that you may have been a victim of this or any other type of scam, then contact your Bank immediately, which you can do by calling 159 and report it to Action Fraud at www.actionfraud.police.uk or call 0300 123 2040.

For further information about Fraud, visit our website at Advice About Fraud | Kent Police

You will also find valuable information from the Home Office at Stop! Think Fraud - How to stay safe from scams.

Fake Email Impersonating TotalAV

Action Fraud has received over 8000 reports of emails purporting to be from TotalAV. For those of you not familiar with this name, they provide anti-virus software.

The email speaks about renewing your membership and asks you to click on a link.

However, this takes you to a malicious site designed to steal your personal information or even inflict your device with malware. The scammers use official looking branding and language to make the email look convincing.

If you get an email like this or any other suspicious looking emails, you can report these by forwarding to report@phishing.gov.uk

If you think that you may have been a victim of this or any other type of scam, then contact your Bank immediately, which you can do by calling 159 and report it to Action Fraud at www.actionfraud.police.uk or call 0300 123 2040.

Romance Scams

We are seeing increasing reports of Romance Scams where they believe they are in a relationship with a celebrity.

Criminals are experts at impersonating people. They spend hours researching, especially when committing romance fraud.

Additionally, they can also use the latest AI technology like Deep Fake.

Deepfakes are digitally created and altered content, often in the form of fake images, videos and audio recordings. In some cases, this deep faked content can take on the exact likeness of a real person - ie a celebrity.

To find out how the criminals work and the signs of Romance Scams go to - Romance Scams | Action Fraud.

Remember, never send money or Gift Cards to a person that you have never met in person, particularly a celebrity.

If you think that you may have been a victim of this or any other type of scam, then contact your Bank immediately, which you can do by calling 159 and report it to Action Fraud at www.actionfraud.police.uk or call 0300 123 2040.

For further information about Fraud, visit our website at Advice About Fraud | Kent Police

You will also find valuable information from the Home Office at Stop! Think Fraud - How to stay safe from scams.

How can the ECRC support?

By joining the ECRC as a free member, your organisation will be supported in making the small changes that make the biggest difference when it comes to cyber resilience. Becoming a free member means you will receive the latest cyber resilience guidance via email, which will drip feed you ways in which you can improve your cyber resilience without costing any money.

The ECRC website also contains several links to helpful National Cyber Security Centre (NCSC) resources, which are all free, up-to-date, and easy to use. Tools such as Exercise in a Box and the NCSC Cyber Action Plan are particularly useful in terms of identifying areas where you could improve your cybersecurity. They also have many informative guides that are sector specific, which will give you useful and detailed information.

If you would like more information about how the ECRC can help your organisation specifically, please book a chat with us today!

Reporting a live cyber-attack 24/7:

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress) please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day 7 days a week.

Reporting a cyber-attack which is not ongoing:

Please report online to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050)