AS scams go, it is perhaps not one of the most sophisticated in terms of its presentation or execution, but security professionals say it is indicative of the increased activity by cyber criminals in these coronavirus times.
It comes in the form of an email purporting to be from the DVLA, with a subject line that reads: “Reminder: Vehicle Tax DD Payment Schedule – GOV.UK 2020,” and goes on to say in badly written English that your road tax direct debit payment has been refused.
“DVLA have been notified electronically about you latest payment for your vehicle tax failed because there is not enough money on you debit card.
“We have generated a new invoice, and we suggest you to use a credit card instead of a debit, to avoid any other consequences that might appearin case again won’t be enough funds inside [sic].”
There are two links in the email and if you hover your mouse over either, the uniform resource locator (URL), or web address, that is revealed is nothing like an official DVLA locator.
However, the first thing that should raise suspicions is the email address in the header – it is a Hotmail account and nothing to do with the DVLA.
How to deal with suspect emails
This is one of the main tenets of the “5 Rs” drawn up by the Scottish Business Resilience Centre (SBRC) to deal with suspect emails. They are: “Roll Over – gently roll the mouse cursor over the email address or click on it to expand it out and confirm who it is from.
“Reconcile – If the information in the body of the email says it’s from a particular company then make sure this tallies with the expanded email address.
“Review the contents of the email. Are you expecting it, would it normally come to you at work, do you normally do business in this way?
“Research the email online. If it is malicious, you will sometimes find information about it, which can help you make up your mind on what to do. You can also check with the company or person concerned to see if the email is genuine or not.
“Reject – If you have any doubts at all delete the email. Do not take a chance with your cyber security.”
The SBRC has launched the UK’s first cyber incident helpline with the Scottish Government and Police Scotland, on 01786 437 472 during weekdays.
Eamonn Keane, its chief operating office for cyber and innovation, said reports of such emails had increased since the first coronavirus lockdown, and added: “I can’t stress enough that it’s absolutely vital people check the headers of these emails and where the links might direct them to determine if they’re genuine.”
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.