AS scams go, it is perhaps not one of the most sophisticated in terms of its presentation or execution, but security professionals say it is indicative of the increased activity by cyber criminals in these coronavirus times.
It comes in the form of an email purporting to be from the DVLA, with a subject line that reads: “Reminder: Vehicle Tax DD Payment Schedule – GOV.UK 2020,” and goes on to say in badly written English that your road tax direct debit payment has been refused.
“DVLA have been notified electronically about you latest payment for your vehicle tax failed because there is not enough money on you debit card.
“We have generated a new invoice, and we suggest you to use a credit card instead of a debit, to avoid any other consequences that might appearin case again won’t be enough funds inside [sic].”
There are two links in the email and if you hover your mouse over either, the uniform resource locator (URL), or web address, that is revealed is nothing like an official DVLA locator.
However, the first thing that should raise suspicions is the email address in the header – it is a Hotmail account and nothing to do with the DVLA.
How to deal with suspect emails
This is one of the main tenets of the “5 Rs” drawn up by the Scottish Business Resilience Centre (SBRC) to deal with suspect emails. They are: “Roll Over – gently roll the mouse cursor over the email address or click on it to expand it out and confirm who it is from.
“Reconcile – If the information in the body of the email says it’s from a particular company then make sure this tallies with the expanded email address.
“Review the contents of the email. Are you expecting it, would it normally come to you at work, do you normally do business in this way?
“Research the email online. If it is malicious, you will sometimes find information about it, which can help you make up your mind on what to do. You can also check with the company or person concerned to see if the email is genuine or not.
“Reject – If you have any doubts at all delete the email. Do not take a chance with your cyber security.”
The SBRC has launched the UK’s first cyber incident helpline with the Scottish Government and Police Scotland, on 01786 437 472 during weekdays.
Eamonn Keane, its chief operating office for cyber and innovation, said reports of such emails had increased since the first coronavirus lockdown, and added: “I can’t stress enough that it’s absolutely vital people check the headers of these emails and where the links might direct them to determine if they’re genuine.”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel