What is Happening?A widespread scam is tricking people into installing fake security apps. Scammers impersonate major email and tech providers to convince you that your account is at risk so they can steal your personal information. How the Scam WorksScammers send urgent messages that look like they are from your email provider (e.g., Outlook, Gmail, iCloud, or Yahoo). These include: Official-looking emails or texts warning of unauthorized logins.Urgent pop-ups saying things like, “Security Breach: Protect your account now!”These links lead to a convincing fake website designed to look like a legitimate login or security portal, where you are asked to perform a "security check." What Happens on the Fake Page?You are guided through a series of fake "security steps."At the end, you are prompted to download and install a security app or certificate to "fix" the issue.In reality, this app is malware designed to monitor your device.Why is This Dangerous?It bypasses security: Because you are tricked into giving the app permission to install, your antivirus might not always block it.Persistent spying: Once installed, the app can monitor your keystrokes, read your messages, and access your contacts even after you close your browser.How to Protect YourselfYour email provider will never ask you to install a separate "security app" via a pop-up or a link in an email. Red Flags to Watch For: Being asked to install software to "verify" your identity.Requests to share your real-time location or contact list.Prompts to enter your password on a site you didn't navigate to yourself.Golden Rule: If you get a security alert, close the message. Instead of clicking the link, open a new browser tab and log in directly through the official website (e.g., mail.google.com or outlook.com) to check your account status. Quick TipsCheck the URL: Before typing your password, look at the address bar. If the website name looks slightly "off" (e.g., security-login-check.com instead of microsoft.com), leave immediately.Use 2SV: Enable Two-Step Verification. It’s the single best way to stop a scammer even if they get your password. For more information on setting, up 2SV please see here - Setting up 2-Step Verification (2SV) | National Cyber Security CentreWhat to Do if You are a VictimReport it: Visit - UK's Home for Reporting Cyber Crime & Fraud - Report Fraud or call 0300 123 2040.Contact your bank: If you shared financial details, contact your bank's fraud department immediately by calling 159.Report Phishing: Forward suspicious emails to report@phishing.gov.uk and suspicious texts to 7726.Please Share This InformationScammers rely on urgency and fear. By sharing these red flags, you help take away their power! | 
