Scams can come in many forms. We often warn against the threat of phishing emails, but it’s worth remembering that scammers also use other channels, like phone calls or webpages, in an attempt to trick their target. A scammer will often use personal details and appear trustworthy, and sometimes speak with a tone of urgency, in order to get someone to believe them.

Take a look at our cybersecurity awareness films for some examples of how scammers might trick someone.

It’s easy to think that if someone already knows your name, date of birth or your bank sort code, they must be legitimate. This isn’t always the case. Often these details are easy to obtain, and a way that scammers can gain your trust. Below is a list of details a scammer could obtain, whether it be through social media or via an online form:

• Name
• Address
• Date of birth
• Mother’s maiden name
• First 4-6 digits of a credit card
• Bank sort code
• University course or halls of residence

It is worth remembering this; just because someone quotes these details, this is not evidence of their legitimacy.

Visit our section on the University and cyber safety where we explain the ways we will never communicate with you. 

Scammers come in many shapes and forms, from individual criminals to large, almost corporate operations. Because of this, it’s harder to generalise and say a scammer will act or appear in a certain way.

However, a common tactic a scammer might use is applying pressure, or a sense of urgency. If you’re on the phone, or receive an email from someone claiming to be from a trusted organisation and they are being pushy, don’t feel obliged to give them any information. There is no harm is taking a step back, and double-checking things if you need to.

If you’re on the phone, don’t be afraid to hang up, and follow up with the organisation via email or a trusted number to verify the call. No one has the right to pressure you into giving your personal details.

• Practice caution: if something doesn’t look quite right, don’t be afraid to double check it or ask for support. Don’t give out your details unless you have verified the organisation who needs them, and why
• Report anything unusual: When you suspect something isn’t quite right, report it to the IT Service Desk; you can email us, call or visit us in person. See our phishing page for more details
• Always use strong passwords, and don’t share them with anyone else: Visit our passwords page for more details
• Make sure your software is up to date: Updating your devices helps to protect against software vulnerabilities, which scammers can take advantage of. When your device prompts you to accept an update, make the time to do this. On your personal devices, ensure you have antivirus software installed
• Keep your working environment secure: As well as using antivirus software, make sure you don’t leave your devices alone and unlocked in spaces where others could access them
• Do account health checks: This could mean taking a look at your sign in history regularly (a lot of online services offer this information), check which devices you have registered for multi-factor authentication (and if any of them are unfamiliar), and check for mailbox rules you don't recognise. 
• Ask for support if you need it: contact our service desk on itservicedesk@rhul.ac.uk. 

Scams are becoming more and more convincing, and criminals are finding better ways to access the information they want. There are things we can all do to act against cyber crime, but if something does happen, there is no need to embarrassed or feel singled out, as it really can happen to anyone – the most important thing is to report it.