DYFED-Powys Police is urging business owners to be on their guard to stay safe online over the festive period.

The force’s fraud prevention team has pulled together some top tips to help people avoid getting caught out by phishing as a new government grant scam is doing the rounds.

Phishing are email scams that can see people hand over bank and card details. The scam email presents itself as a trusted brand, such as GOV.UK, or various government agencies such as DVLA, and will often say the intended victim is due money in a rebate or grant.

One currently being used to try and catch people out claims to be from the HMRC Government Gateway and is offering grants of up to £7,500, for businesses during the latest coronavirus lockdown.

Dyfed Powys Police Protect Officer DC Gareth Jordan said: “It is very easy to fall victim, the scammers have tried and tested methods to trick people into handing over their details.

“Please, just take the time to think it through. It may look genuine but if you look a little closer there are clues to show they are not.”

He said there were often small clues to show the email is a scam.

Grammar

As is often the case, the grammar in the government grant scam is not correct, saying the “money are set to land in your bank accounts within six working days”.

Hyperlink

Another clue that something isn’t right, is to look closer at the link they want you to click. If you hover over it the web address is something obscure and not GOV.UK.

But if you click on the link it takes you to a website that appears to be GOV.UK.

No sign-in

Remember, Government Gateway would require you to log into your account in order to process any transaction. The scam site simply asks you to input details.

You can also test the authenticity of the site by inputting false details – such as a date of birth. For example, 31/02/1972. Any reputable site would not allow this as there isn’t 31 days in February.

Card details – ask yourself why they need them?

When processing the claim in the scam site, it then asks for that the government simply wouldn’t ask for – full card details, including name, the long card number, expiry date and the three-digit CVV code from the signature panel on the back. They also ask for your mother’s maiden name, your bank account number and sort code.

DC Jordan said that if you were to fill out these details – you would be giving the criminals all the information they need to start taking over your online life.

“We deal with so many people who have been conned into handing over thousands of pounds online,” said DC Jordan.

“Please take care. Don’t get caught out this Christmas.”

Top tips for spotting phishing scams:

Check the URL (website address): It may claim to be a trusted source but the weblink will tell you differently. Never click on the hyperlink. If the email claims to be from GOV.UK, type that into the address bar and you know you’re on the right page.

Stop: Take a moment to think before parting with your money or information - it could keep you safe.

Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.

Protect: Contact your bank immediately if you think you’ve fallen victim to a scam and report it to the police.

Report suspicious emails to: report@phishing.gov.uk (forward the suspicious email to this address).

You can also report suspicious texts by forwarding the original message to 7726, which spells SPAM on your keypad.