Scam of the Week: Fraudsters Cash in on Flybe Collapse

March 13, 2020 11:12 am Geraldine Strawbridge

Flybe passengers are being warned to watch out for scams as fraudsters attempt to capitalise on the airline’s collapse.

Europe’s largest regional airline collapsed into administration on Thursday 5 March, leaving many passengers stuck in cities throughout the UK and Europe.

As passengers attempt to recoup lost money, fraudsters are sending out fake emails and text messages advising people on how to claim a refund.

The emails and texts include links which the recipient is encouraged to click to find out more information about how they can get their money back. If users click on the bogus link, they are directed to a phishing website set up to harvest their personal details or steal their banking information.

The phishing emails and texts may appear to come from banks, legal providers, or even the airline itself, but consumers should note that Flybe customers will only receive legitimate communications from either the Civil Aviation Authority (CAA) or the administrator, EY. Any other correspondence should be treated with caution.

Citizens Advice has urged customers to be wary of these scams and to only go through official channels when trying to secure a refund. A spokesperson commented: “Unfortunately we’ve found that, in these situations, scammers quickly jump on the bandwagon. If you’re a Flybe customer and you’re contacted by someone offering to act for you to recover your money, it’s more than likely to be a scam.

“Flybe customers who bought tickets directly from the company won’t be protected by the Atol scheme. However, if you went through a travel agent or other third party you may be covered.

“Some people may be able to get their money back if they paid by credit card. If people have accommodation booked, they should check the terms and conditions to see if they can get a refund. If they can afford to pay for another flight, it’s also worth checking if they can alter the dates.”

Fraudsters will frequently use current news stories as a way of delivering phishing emails and malicious files. We see it time and time again, and the recent spike in Coronavirus phishing emails is a perfect example of how fraudsters will take advantage of the public’s thirst for knowledge and use it for their own nefarious means.

This blatant exploitation of human behaviour and emotional reactions is known as social engineering. Social engineering attacks come in many different forms, but phishing is arguably the most common form of attack and the most successful due to the huge profits it nets attackers.

How to Protect Yourself from Phishing Scams

  • Never click on links or download attachments from unknown sources.
  • Don’t reply to the text or call the number back –This is often just a way for fraudsters to confirm if a number is active. If you reply, you may end up getting bombarded with more spam text messages.
  • Always verify the security of a website – Check the site has been secured using HTTPS / Check for a website privacy policy / Use a website safety check tool such as Google Safe Browsing / Do a WHOIS lookup to see who owns the website.
  • Pay close attention to the spelling of an email or web address, if there are any inconsistencies, delete immediately.
  • Ignore and delete emails with poor grammar and formatting.
  • Question the validity of any email that asks you to submit personal or financial information.
  • Ignore emails or text messages that are threatening or urgent in tone.
  • Do a web search of both the number and content of the message – If you suspect you’ve received a scam text, you should do a Google search. Scams are often issued in a scattergun approach and many people will go online to share their experiences.
  • Consider the use of a password manager to maintain the security of multiple accounts.

If you think you have been a victim of fraud, report it to Action Fraud on 0300 123 2040 or via www.actionfraud.police.uk.

MetaPhish has been designed to provide the first line of defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.