Skip to site content Skip to main menu

Impersonation Scam

What is it?

You’re convinced to make a payment or give your business’ financial details to someone claiming to be from an organisation you trust. This could include paying a fake HMRC bill or providing your business’s bank details to “your bank”.

Often these scams begin with a call, email or text message that appears to be from a trusted organisation. Criminals use a tactic called spoofing to make their call or text message appear genuine by cloning the number or sender ID which the organisation uses.

How to spot an impersonation scam

1. You receive a call, text or email out of the blue with an urgent request to make payment or requesting your business’ financial information
2. You’re asked to act immediately sometimes with the claim that “payments need to be verified” or to claim, “a pending tax refund”
3. The caller may ask you to download software onto your computer
4. The sender’s email address domain is different to that of the genuine organisation

Examples of impersonation scams

Pending tax refund

Jacob received an email from what appeared to be from HMRC informing him his business was eligible for a tax refund, with a link leading to the “official claim application form”. He proceeded to click on the link and hurriedly filled out the form, not wanting to miss the stated deadline. Jacob failed to notice the email he received was in fact not from HMRC, with the link contained inconsistent with the official Gov.UK’s URL and the email addressing him as “Dear Customer” instead of using his full name. The form he had just completed was also fake.

A few days later, Jacob contacted HMRC using the number from their official website who informed him that he had fallen for a scam. He had also noticed transactions on the business’s bank statement that he didn’t recognise.

If only he had taken a moment to contact the organisation directly to validate the request.

Working from home

Daisy had never worked from home before and was having trouble trying to connect to her broadband when a pop-up informing her that her computer had been infected by malware appeared on her screen. Panicking she called the helpline in the pop-up and was informed by the supplier that she needed to provide remote access to her computer by downloading software onto her computer in order to rectify the issue.

Once the download was complete and the remote access was granted, Daisy was asked to login to her online banking to pay a fee for the tech support services she had received, not realising that the criminal had already started to move money out of the business’s account.

If you believe your business has fallen for a scam, contact the bank immediately on a number you know to be correct, such as the one listed on the back of your business’s bank card and report to police by calling 101.

 

featured

Vision 2030 Web 442X294px 15020 24 Ca (1)
Our 2030 vision

Safer communities, less crime, supported victims and a thriving workforce. Read about our 2030 vision and three-year plan.

Rec 442X294 Feat Web
Recruitment events

Police Scotland support those who wish to become police officers, special constables or police staff by hosting various online and in-person recruitment events throughout the year.

Right To Ask (Feature)
Disclosure Scheme

Worried that your partner or the partner of someone you know might have an abusive past? You have the #RightToAsk.

Help Us Improve (Feature) 11414 T1 Pm
Help Us Improve

If you've reported domestic abuse, rape or sexual crimes to us, we'd appreciate your feedback on the service we provided.

Accessibility Statement2
Accessibility Statement

Police Scotland has been working to make its websites more accessible - read our accessibility statement.

Your Police Survey Featured Bnr 13991 T1 24 AR
Your Police

Help shape policing in your local area.

more features