Phishing Scams to Watch Out for This January

As we settle into the new year, cybercriminals are hard at work, crafting clever phishing scams to trick people into giving up their personal and financial information. Two scams making the rounds this January involve text messages from a spoofed HSBC number and emails impersonating the antivirus company TotalAV. Here’s what these scams look like and how you can stay safe.

The HSBC Scam Text

This scam is a classic example of using fear to manipulate people. You get a text, supposedly from HSBC, claiming that a direct debit has been set up on your bank account. It says, "If this wasn’t you, reply 'STOP' to cancel it." Sounds urgent, right? But that’s exactly the point. Scammers count on you panicking and acting without thinking.

The truth? The message isn’t from HSBC at all. It’s from scammers using something called "number spoofing" to make the text look legitimate. If you reply “STOP,” you’re not fixing the problem—you’re opening the door for them to target you further. They might ask you to click a link or share personal information, and before you know it, your details are in the wrong hands.

The TotalAV Scam Email

This scam targets your inbox instead of your phone. You get an email that looks like it’s from TotalAV, a legitimate antivirus software company. It warns you that your subscription has expired and urges you to click a link to renew it.

But here’s the catch: the link doesn’t take you to TotalAV’s website. Instead, it leads to a malicious site designed to steal your personal information or even infect your device with malware. The scammers use official-looking branding and language to make the email look convincing, so it’s easy to fall for if you’re not careful.

How to Protect Yourself

Scams like these are designed to catch you off guard, but you can stay safe by keeping a few simple tips in mind:

1. Pause and think. Scammers rely on urgency to pressure you into acting fast. Take a moment to breathe and think before responding to any unexpected message.
2. Double-check the details. For emails, look closely at the sender’s address. Does it match the official domain of the company? For texts, remember that reputable companies rarely ask for sensitive information via SMS.
3. Don’t click links in messages. Instead of clicking, go directly to the company’s official website by typing the URL into your browser. It’s a safer way to verify if the message is genuine.
4. Protect your information. Never share personal or financial details through email or text, no matter how convincing the message seems.
   Stay protected. Use reliable antivirus software to block malicious websites and detect threats before they can harm your device.

What to Do If You’re Targeted

If you get a suspicious text or email, don’t panic, and don’t engage. Report the message to your bank or the company being impersonated. For phishing emails, you can also forward them to report@phishing.gov.uk if you’re in the UK.

The start of a new year is a great time to stay on top of your online security. By staying alert and following these tips, you can avoid falling victim to phishing scams and enjoy a safer, scam-free January.