Mike Will Fix IT

How to Spot a Scam: A Plain English Guide
← Back to mikewillfixit.com

Hello, Mike here. Every week I visit people across South London whose computers I'm asked to check after a dodgy email, a scary pop-up, or a phone call from "Microsoft". Some got away unscathed. Some lost real money.

So I've put together this page: real scams that are doing the rounds right now, what they look like, and the tell-tale signs that give them away. Every example below is based on genuine scams reported to Action Fraud, Which?, and the banks.

One thing before we start: falling for a scam is nothing to be embarrassed about. These are professional criminal gangs, and they catch out clever people every single day. The trick isn't being clever. It's knowing what to look for.

If you remember one thing

Unexpected contact + urgency + a request for money, passwords, or access to your computer = scam.

Real companies never mind you hanging up and calling them back on the official number. Scammers hate it, because it breaks the spell.

Email scams

Scam emails ("phishing") pretend to be from a company you trust (Apple, your bank, Netflix, PayPal) and try to panic you into clicking a link and typing in your password or card details.

The fake Apple "iCloud storage full" email

One of the most common scam emails in the UK right now. Which? has issued repeated alerts about it, and it resurfaced again this year asking for payment card details.

You get an email that looks like it's from Apple, warning that your iCloud storage is full and your photos are about to be deleted. Some versions even offer a "free storage upgrade" where all you have to do is click and "verify" your card. Here's what one looks like:

⚠ Scam example

The tell-tale signs

  • 1The sender address isn't Apple. Real Apple email comes from addresses ending @apple.com or @email.apple.com. "icloud-alerts-secure.com" is a made-up domain. The display name says "Apple Support", but the address gives it away. Always check the part after the @.
  • 2Panic in the subject line. "FINAL NOTICE", capital letters, exclamation marks. Apple doesn't write like this.
  • 3"Dear Customer". Apple knows your name and uses it. Generic greetings mean a mass mail-out to thousands of victims.
  • 4A deadline designed to scare you. "Deleted within 48 hours" is there to make you click before you think. Apple doesn't delete your photos when storage fills up. Your iCloud simply stops accepting new uploads.
  • 5The link doesn't go to apple.com. Hover your mouse over any button (or press and hold on a phone) and look at the address. If it isn't apple.com, it's a fake page built to steal your Apple ID and card details.

✓ What you can learn from this one

Never check an account through a link in an email. If you're worried your iCloud really is full, check it yourself on your device: Settings → your name → iCloud. The same rule works for every company: go to the app or type the website address yourself. If the email was real, the same message will be waiting for you there.

Got a suspicious "Apple" email? Forward it to reportphishing@apple.com, then delete it.

The same trick in other costumes

Once you can spot the iCloud one, you'll recognise its cousins instantly. The costume changes, the trick doesn't:

  • !"Your Netflix/Amazon Prime payment failed" - update your card details or lose your account.
  • !"HMRC: you are owed a tax refund" - HMRC never emails or texts about refunds. Ever.
  • !"Unusual sign-in to your account" - a fake security alert with a "secure your account" button that does the exact opposite.

✓ What you can learn from this one

It's always the same recipe: a trusted name, a problem that isn't real, a deadline, and a link. Judge the recipe, not the costume. You can forward any suspicious email to report@phishing.gov.uk (the National Cyber Security Centre's reporting service) and they'll get scam sites taken down.

Text & WhatsApp scams

Text scams are short, cheap to send, and land on the device you use to pay for things. These two catch more people in the UK than almost anything else.

The "missed parcel" text (Royal Mail, Evri, DPD…)

Sent out by the million. The wording changes, the pattern never does: a missed parcel, a small fee, and a link.

⚠ Scam example

The tell-tale signs

  • 1It comes from an ordinary mobile number. Real Royal Mail texts show a named sender, not a random 07 number.
  • 2A small "redelivery fee". This is the giveaway: no UK courier charges a fee by text link to redeliver a parcel. The £1.99 isn't the prize. It's the excuse to get your full card details onto their form.
  • 3A nearly-right web address. "royalmail-redelivery-uk.com" is not royalmail.com. Scammers register lookalike addresses by the hundred.

✓ What you can learn from this one

The "small fee by text link" is always a scam. The amount is kept tiny so it feels harmless, but the card details you type in are the real target. Some versions install malware on your phone instead. If you're genuinely expecting a parcel, check on the courier's own app or website. Forward scam texts to 7726 (free, works on all UK networks) and then delete them.

The WhatsApp "Hi Mum / Hi Dad" scam

A particularly cruel one, and it works frighteningly well, because it borrows the voice of someone you love.

⚠ Scam example

The tell-tale signs

  • 1A new, unknown number claiming to be your child, with a ready-made excuse (lost, broken, or water-damaged phone) for why it isn't their usual one.
  • 2"Delete the old number." That's not housekeeping. It's cutting off your easiest way to check.
  • 3A reason they can't do it themselves: the banking app "won't work on the new phone". Convenient.
  • 4Money to an account you don't recognise, needed today. Speed is the whole scam: they need the transfer done before you speak to your real child.

✓ What you can learn from this one

Verify by a different route before a penny moves. Ring your child on their old number, or ask a question only they would know the answer to ("what did we have for lunch on Sunday?"). A real child won't mind. A scammer will vanish or make excuses. This rule of checking by a second route defeats every impersonation scam ever invented.

Phone call scams

Phone scams are the most dangerous of the lot, because a live human voice is very persuasive, especially one that sounds calm, official, and "on your side". Action Fraud figures put the average loss from a tech support call at over £1,000.

The "Microsoft" tech support call (and its pop-up cousin)

The classic. Running for over 15 years and still costing UK victims millions every year, for one simple reason: it keeps working.

⚠ Scam example - how the call goes

The same scam also arrives as a scary full-screen pop-up while you browse: alarm sounds, "YOUR COMPUTER HAS BEEN LOCKED", and a phone number to call "Microsoft Support". Same gang, opposite direction: they want you to ring them.

The tell-tale signs

  • 1Microsoft never cold-calls anyone. Not ever. They have over a billion users; they are not ringing you about your laptop on a Tuesday. The same goes for BT, Sky and TalkTalk "engineers" who've "detected a problem with your internet".
  • 2"We've detected errors on your computer" is technically impossible in the way they describe. Nobody in a call centre can see your home computer's health.
  • 3They ask you to install remote access software (often AnyDesk or TeamViewer). That hands them your keyboard, your screen, your files, and your online banking.
  • 4They keep you on the line and rush you. Pressure is the product. A real engineer doesn't care if you call back tomorrow.

✓ What you can learn from this one

Real error messages never include a phone number. No genuine Microsoft or Windows warning will ever ask you to call anyone. If a pop-up locks your browser, don't call the number and don't pay anything. Close the browser (Ctrl+Alt+Del if you have to, or just switch the computer off) and it's gone.

Only ever allow remote access to someone YOU contacted first. When I help customers remotely, it's because they rang me and we arranged it. That's the right way round. If the caller contacted you, hang up.

The bank "safe account" call

The most expensive scam in Britain. It's called APP fraud (Authorised Push Payment) because the victim is talked into pressing the button themselves. UK victims lose hundreds of millions to it every year.

⚠ Scam example - how the call goes

The tell-tale signs

  • 1The caller ID can lie. Scammers can "spoof" the number so your phone displays your bank's real phone number. A matching number proves nothing.
  • 2Fear first, "help" second. Your money is "at risk right now". The panic is manufactured so you'll act before you think. Some versions start as a robot voice: "Press 1 to speak to our fraud team."
  • 3"Move your money to a safe account." This sentence is the scam. No bank, ever, will ask you to transfer money to keep it safe. If your account really were compromised, the bank freezes it. They don't ask you to empty it.
  • 4"Don't tell anyone." Real banks never ask for secrecy. Scammers do, because one chat with your son, daughter or bank cashier would sink them.

✓ What you can learn from this one

Hang up and call your bank yourself on 159. 159 is the UK's official anti-scam short-code. It connects you safely to your own bank, like 101 for the police. Or use the number on the back of your card. Ideally call from a different phone; at minimum, wait a few minutes first. If the "fraud team" was real, they'll be pleased you were careful.

The Amazon Prime "press 1" call

Action Fraud issued a national alert about this one after victims lost over £400,000 to it in just two months.

⚠ Scam example - how the call goes

The tell-tale signs

  • 1A payment you never made, announced by a robot. The fake "£79.99 charge" exists purely to make you press 1.
  • 2"Press 1" connects you straight to the criminal, who now knows they have a worried person on the line.
  • 3Remote access software again. TeamViewer and AnyDesk are legitimate tools, but in the wrong hands they're a burglar's key to your computer.
  • 4They ask you to open your online banking while they can see your screen. Everything you can see, they can see. And move.

✓ What you can learn from this one

Never press a number on an automated call, and never install software because a caller told you to. If you're worried about an Amazon charge, hang up, open the Amazon app or website yourself, and look at Your Account → Your Orders. If there's no rogue charge there, there was no rogue charge.

Mike's six golden rules

Print this page and keep it by the phone. These six rules stop practically every scam above.

  1. Unexpected + urgent = suspicious. Real companies don't need you to act in the next ten minutes. Urgency is a tool used on you, not for you.
  2. Never click links in unexpected emails or texts. Go to the app or type the company's address yourself. If it's real, the message will be there too.
  3. Hang up and call back on the official number. Your bank is on 159 or the back of your card. Anyone who objects to you doing this has just told you what they are.
  4. No bank will ever ask you to move money to a "safe account", and no real company takes payment in gift cards or asks you to keep a call secret.
  5. Never give remote access to someone who contacted you. Only ever to someone you rang first and trust. A cold caller asking to "connect to your computer" is a scam, every time.
  6. When in doubt, ask someone. A quick call to family, a friend, or me costs nothing. Scammers rely on you deciding alone and in a hurry.
Share on WhatsApp

⚠️ Already clicked, paid, or let someone in?

Don't panic, and don't be ashamed, but do act quickly. Speed makes a real difference to getting money back and locking scammers out:

Worried about a scam? Ask Mike

Not sure if that email or call was genuine? Been caught out and want your computer checked over? Send me a message. No judgement, ever.

I respond Monday - Friday 10am to 6:30pm

Your email will never be used for marketing.

During peak periods, response times may be longer than usual. I appreciate your patience.

Call Mike