It has come to our attention that there have been a few attempts by individuals to clone Crowd for Angels accounts and contact members of our social media channels in the hope of facilitating funds fraudulently. As such, we wanted to write a blog on what you should look out for and checks you should be undertaking to avoid a potential fraudster and phishing attempts. Below are real examples that I myself have been sent or been made aware of.
Remember no admins will ever ask you to send funds directly to a wallet, nor will we ask for personal account details such as your password or bank account details. If you are ever in doubt who you are talking to online please call our office directly on 0207 437 2413.
In the two images below we have a FAKE account on the left-hand side and a REAL account on the right-hand side. You should always check the person’s username very carefully for misspelling. As you can see, there is a very subtle change in the spelling of “adcock” to” adcoc” – missing the K, this slight change by the potential fraudster is a clone of a real user and an attempt to solicit information or funds.
Any email from the Crowd for Angels team will always come from our @Crowdforangels.com domain ([email protected]).
In the example below, we can see that “James”, our potential fraudster has been in touch using an email registered with Outlook.com and has mentioned the company name as part of the unique address. Sometimes this can be misconstrued because the email provider highlights the first name “James” and the last name “Coinlisting” in this case. Therefore giving the reader the impression that James is from Coinlisting. This is NOT the case, as James is using an Outlook domain and can be from anywhere!
It is also important to take a look at the language used in the email and to see if it matches your expectations of an email be received from a professional organisation.
If you receive an email that you believe is suspicious, please forward it to [email protected]
It is often said that if an offer is too good to be true, then it probably is. Recently, there has been a wave of fraudsters posing as well as known individuals offering “FREE” cryptocurrencies, if the user first pays a small amount. This is a very common scam and is a similar to fake lotteries, items to be delivered scams and releasing funds scams. Remember, if it sounds to good to be true, it probably is.
Another example of the ‘Unrealistic Offer‘ is that of the Discounted sales pitch. This is where a user will offer to sell you
The User will not provide concrete evidence of ownership and will insist you PAY first and if you do, you will have lost your funds. Remember a quick check is to ask the user to send a very small amount of the crypto to you, showing at least control of the asset. And remember, if you do want to proceed, consider using a third party to custody the assets for the swap.
Using trusted brands.
Many scams or phishing attempts include the use of well-known household brands to potentially trick the user into submitting their personal details including password, username and security information. In the example below, we can see that the ‘scammer’ has sent me an email from a fake Tesco’s account before redirecting me to what looks like there banking logging page.
As you can see from the images, the first thing that should ring alarm bells is the use of a domain, which is not tesco.com or tesco.co.uk instead the email has come from ncl.ac.uk. Furthermore, Tesco in this instance has been spelt with a zero (0) instead of an ‘o’
The website that has been clicked on is very similar, the ‘scammer’ has probably copied the styles from the actual Tesco bank website. Whilst the form looks the same, not any details entered, will, in fact, be taking by the ‘scammer’. We can tell that it is a fake website by looking at the URL in the top left-hand corner. It is not taking you to tesco.com, it is instead taking you to a totally different site.
Finally, in image 2 you can see a small image in the very top corner of the browser. This is called a Favicon (https://en.wikipedia.org/wiki/Favicon) not that the fake site in image 1 does not have a favicon. All good websites, will usually have this small icon representing their brand.
Make sure you double check a transaction before you commit and ask yourself if it reasonable, or simply sounds too good to be true. You can always ask a friend of family member for a second opinion and ultimately if you are unsure, have a cup of tea and take no action. It is better to be safe than sorry.
We hope that the above example has given you some information on what to look out for when communicating online. Remember, no admins will ever ask you to send funds directly to a wallet nor will we ask for personal account details, such as your password or bank account details.
Crowd for Angels are actively reporting scammers and scam websites to ISPs, resource providers, regulators and Action-Fraud where necessary.
Should you wish to talk or confirm the identity of a communication, please call Crowd for Angels on +44 (0)207 437 2413
Last updated 16th April 2020
Thanks. Very helpful and timely.
I plan to keep it updated.