The UK’s leading fraud prevention services have joined forces to warn consumers about a sophisticated mobile scam.

Leading UK fraud prevention services are issuing a critical alert about a sophisticated mobile scam targeting consumers’ bank accounts.

This mobile scam involves criminals tricking victims into revealing one-time passwords (OTPs), enabling them to link stolen card details to digital wallets like Apple Pay, Google Pay, and Samsung Pay.

How the Mobile Scam Works:

  • Luring Victims: International organised crime groups are deploying social media ads and SMS messages with malicious links. These links often promise attractive deals or exploit vulnerabilities, such as offers to reduce winter heating bills or notifications about undelivered parcels.
  • Phishing for Card Details: Once a victim clicks the link, they are prompted to enter their credit or debit card information.
  • OTP Theft: Criminals then request an OTP from the victim’s bank, posing as legitimate services. This OTP is used to add the victim’s card to a new digital wallet on the criminal’s device.
  • Fraudulent Transactions: With access to the digital wallet, criminals can make rapid online and in-store purchases using the victim’s funds.

Expert Warnings:

  • Garry Lilburn, Operations Director at Cyber Defence Alliance, emphasises the international nature of these mobile scams and the sale of compromised card details. He advises consumers to be skeptical of “too good to be true” offers.
  • Dianne Doodnath, Principal of Economic Crime at UK Finance, urges vigilance against sharing personal and financial data, especially OTPs requested unexpectedly. She stresses the importance of contacting banks immediately if a mobile scam fraud is suspected.
  • Mike Haley, CEO of Cifas, highlights the speed at which scammers adapt their tactics, exploiting new technologies. He advises consumers to pause and carefully consider any unexpected communications.
  • Read the top 5 online scams to avoid

Protect Yourself:

  • Be Wary of Unexpected Offers: Exercise caution with deals promoted on social media or via unsolicited SMS messages.
  • Never Share OTPs: Do not provide one-time passwords to anyone who contacts you unexpectedly. Banks will never ask for these details.
  • Verify Links: Avoid clicking on links in suspicious SMS messages or emails.
  • Report Suspicious Activity: Forward suspicious text messages to 7726. Contact your bank immediately and report the mobile scam fraud to Action Fraud at 0300 123 2040.