Scams glossary
Sign up for scam alerts
Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.
Sign up for scam alerts
Action Fraud
The national reporting centre for fraud and cybercrime. Action Fraud reports about fraud on behalf of the police in England, Wales and Northern Ireland.
Advance-fee fraud
When a scammer makes you pay upfront for bogus goods, services or investments.
Adware
A type of malicious software that displays unwanted ads or pop-ups on your device when browsing the internet.
Antivirus software
Software that protects your device against viruses, malware and other attacks by cybercriminals.
Artificial intelligence
A machine's ability to perform tasks normally carried out by humans.
Authorised push payment (APP) fraud
Where the victim is tricked into transferring money from to a scammer.
Bait and switch
Advertising products at too good to be true prices, only to switch to higher prices once you visit the website the ad leads to.
Bitcoin
The most famous type of cryptocurrency.
Blackmail
Demanding a payment for not releasing damaging information about someone.
Brushing
When dodgy sellers artificially inflate sales volumes on online marketplaces by sending fake orders of their own items to random addresses.
Catfishing
Creating a fake online dating profile with the intention of scamming others.
Clickjacking
The malicious practice of concealing hyperlinks beneath legitimate clickable content, making victims click on something potentially harmful.
Copycat websites
Fake websites that imitate genuine companies, organisations or authorities.
Cryptocurrency
A digital or virtual, form of currency.
Dark web
A hidden collective of internet websites that are only accessible from a specific web browser. It's used for keeping internet activity anonymous, including illegal activities such as cybercrime.
Data breach
When protected personal data is accidentally or deliberately destroyed, lost, altered, disclosed or accessed without permission, usually as a result of a security incident.
Deepfake
A video of a person whose face or body has been digitally manipulated to appear to be someone else or an image of a non-existent person.
Fleeceware
A mobile app that charges you hidden excessive subscription fees.
Hacking
Fraudsters gaining access to your accounts, devices or systems.
Identity theft
When a criminal steals your personal information.
Identity fraud
When a criminal uses your personal information to obtain goods or services or to open accounts in your name.
Malvertising
When adverts incorporate malware.
Malware
Short for malicious software, it's designed to steal data or damage or destroy devices and computer systems.
Money mule
Someone who transfers money acquired illegally, such as through fraud, to another account.
One-time passcode
A password that is only valid to log in to an account once.
Online Safety Act
Legislation established to control harmful online content, including scams.
Password manager
Software applications designed to store and manage online passwords, usually in an encrypted database.
Phishing
Fraudsters impersonating people or companies, typically through messages with links, to trick you into revealing your personal and/or financial information.
Pig butchering
Scammers grooming you into an online relationship, only to gain your trust and get you to put money into an investment scam.
Ponzi/pyramid schemes
A form of illegal investment scheme where you’re recruited by a company that requires you to pay a fee and you're rewarded for each new person you recruit into the company.
Quishing
A type of phishing scam which takes you to a malicious website using a QR code.
Ransomware
Malware designed to block access to a computer system unless you pay.
Recovery
When fraudsters target those who have been victims of scams and ask for a small fee to recover their lost funds.
Sextortion
Fraudsters asking for money by threatening to expose sexual videos or photos of you.
Skimming
Placing a small device on a card reader which captures and stores the details on the card's magnetic stripe - this includes the card number, expiration date and the cardholder's full name.
Social engineering
When scammers try to manipulate potential victims into believing fake scenarios. For example, the scammer calls the victim and claims their bank account has been compromised and the victim speaking to someone from their bank's fraud team who's going to help them.
Smishing
Phishing via text message, where scammers impersonate people or companies in messages that get you to reveal your personal and/or financial information.
Spoofing
Where scammers use software to make a display name or phone number appear to be that of a genuine organisation.
Spear phishing
When fraudsters target you specifically through dodgy messages after gathering personal information on you.
Spyware
Malicious software which gathers information about you and sends it to a third party.
Tapjacking
On Android phones, a malicious app is overlaid on top of a legitimate one, creating a fake user interface that tricks you into performing actions including making in-app purchases.
Trojan horse
Malware which disguises itself as a legitimate program.
Two-factor authentication (2FA)
A security measure where an account requires another form of authorisation to allow the user access to their account, such as being texted a code to log into an online account.
Virus
A type of malware that spreads between computers and can steal data, corrupt files and take over your device.
Vishing
Phishing via a phone call, where scammers impersonate people or companies over the phone to get you to reveal your personal and/or financial information.
Voice cloning
An audio deepfake which imitates someone’s voice using artificial intelligence.
Whaling
A targeted phishing attack where a fraudster impersonates a senior member of an organisation and targets other seniors at the same company through phishing emails.