Skip to main content
Visit Scotland | Alba

Help shape the future of business support on Giving feedback through our short survey only takes a few minutes.

While digital technologies bring enormous opportunities, they also bring new threats and vulnerabilities. Cybercrime and cyber-attacks represent a major and growing threat to our economy and society.

Research tells us that the public and many small organisations often see cyber crime and fraud as a single issue. In practise, different criminal entities can be involved in different activities.

Sometimes they can try to defraud you directly. Other times they can try to steal your clients' personal data.

1. How to spot spam / fraudulent emails?

Using ourselves as an example, there are two different kinds of spam / fraudulent emails you might get:

  • those with the subject line "enquiry from"
  • those stating the email comes from VisitScotland - when it does not

The email will try to sound authoritative and pressure you to quickly send out your personal information or transfer money.

Also be wary of being told to work with unknown booking sites. These sites can be fake and divert customers to scam online card payments.

Dos and Don'ts

  • Do

    Always verify that an email is sent from official email address before engaging with it.

    More info on what to do when you receive a spam email or text.

  • Don't

    Never feel pressured to reply to an email on the spot. Real businesses will always give you ample time to respond to any query.

    Never give out personal information without verifying the sender. Real businesses will often require you to fill in your personal data on a secure form on their website. Not in emails.

    Never click on hyperlinks or open attachments when something about an email gives you the impression that it might be fraudulent.


This is how a popular con works:

Fraudsters contact your business with a request for a booking spanning a few weeks, usually 28 days.

They accept your booking cost and offers to pay by cheque. The fraudsters then send a cheque for a higher amount, usually £1,000 more.

They claim it is a mistake and ask for you to refund the overpayment. Only after you send the refund do you realise that their cheque has bounced.

3. Useful advice on cyber security

A strong cyber security is key to both keeping criminals out and to deter them from attempting to target you in the first place. That's why we have provided some useful links to help you bolster your cyber security:

Related links