All users who have accounts with Apple, Netflix and Spotify are being warned to take a number of steps after a fraud case earlier this week.
Gary Kelly and Craig Morton were both sentenced on Monday after a massive scam that saw them steal people’s personal details through bogus websites.
They would send phishing emails to people who they knew had accounts to entice them to enter their details and would then repost these on a forum where other criminals could bid on them.
READ MORE: Fraudsters pretended to be Netflix, Spotify and Apple to steal people's details
The pair made £140,000 in cryptocurrency by selling the information.
Kelly was jailed for 40 months while Morton was handed a two year suspended sentence after a judge accepted he played a lesser role in the scheme.
After the judgement, the North West Regional Organised Crime Unit, which led the investigation into Kelly and Morton, issued a warning to all users of Apple, Netflix and Spotify.
Detective Inspector Chris McClellan from the North West Regional Organised Crime Unit’s Cyber Crime unit said: "It's really important that if you believe you may have been a victim of this phishing scam, or any other, that you carry out some simple steps to protect your personal and financial data.”
DI McClellan said all users should take the following actions:
-
Change your passwords if you have an Apple, Netflix or Spotify accounts
-
Run your email or phone number through Have I Been Pwned: Check if your email has been compromised in a data breach. If it displays as red, it will inform you of where the breach was identified. Don’t panic! Just change the passwords to the affected sites.
-
Apply Two Factor Authentication (2FA) where possible. This simply means adding extra encryption (security) to your accounts. - For further advice on creating secure passwords visit Cyber Aware - NCSC.GOV.UK
-
If you think you have victim of a scam, inform your bank immediately and report to Reporting fraud and cyber-crime | Action Fraud.
-
If you receive a unsolicited email or text and you are not sure whether it is a genuine message – #Take Five, go make a brew and go back to the email or message later. If you are unsure of it’s provenance, do not click on it. Think first – do you have this type of account? If you don’t, DO NOT CLICK ON IT. Forward the email to report@phishing.gov.uk or suspicious texts forward to 7726.
-
If you do have this type of account, only contact them through these trusted channels – DO NOT CLICK ON ANY LINKS in the email or message.
-
Do not share passwords, bank account details, pins or online account details
