Criminals have been posing as Rt Rev Stephen Cottrell, the Archbishop of York, and defrauding Christians. Following the recent spate of scams, Abi Thomas speaks to a cyber security expert, who shares his top tips for staying safe online


A fresh round of scams targeting churches has been highlighted by the Diocese of York. Criminals posing as church leaders, church wardens or even the Archbishop of York have been asking people to send them Amazon vouchers or money via Western Union or MoneyGram, with reports of people losing hundreds of pounds.

Rev Tim Edwards from Halstead in Kent is one vicar who has been imitated frequently by fraudsters. Members of his congregation, including his own wife, have been contacted regularly by scammers posing as him and asking for money. It’s not always clear how the criminals got their contact details. 

Some people have come close to handing over money but, “often people get to the point where something twigs and it doesn’t feel right and they give me a call”, says Rev Tim. “A lot of safeguarding training boils down to ‘if it doesn’t feel right, say something’. This is the same”, he adds.

James Bore, a cyber security expert, explains that embarrassment is part of the problem, “It isn’t helped by the messaging that scams are obvious – that gives the impression that only stupid people get caught. The truth is anyone can be caught by these [scams], no matter how experienced or educated in fraud awareness. It only takes a moment of inattention.”

So here are some tips to avoid getting caught out:

1. Take time to consider

If you receive a message that feels odd in any way, take some time to think it through before responding. Scammers begin by building a rapport with you before asking for money, using phrases such as “I have a request I need you to handle discreetly”.

 2. Ask your church leader

If the message is claiming to be from someone you know, contact that person by another means and ask them about it. Never use the details sent to you in the original message and ideally telephone them directly.

3. Be alert to the emotional response

Train yourself to be alert to the reaction scammers want to elicit, often a tug on the heartstrings and a sense of urgent need. “If a message on social media or email provokes an emotional response, that should trigger you to check,” Bore explains.

4. Check the email address

It will often look similar to that of someone you know, but it won’t be exactly the same. Rev Tim Edwards has been told by congregants: “I think your email has been hacked”. “But if you click on the address for the full details,” he says, “it’s often a good approximation, but it’s not actually my email address.”

5. Stop the communication

If you realise you have been defrauded, stop the communication immediately and contact your bank to stop any payments still pending. You should also report the incident to the police through Action Fraud on 0300 123 2040, or report anonymously via the Action Fraud website.

6. Don’t be ashamed

Try not to feel ashamed if you have been caught out, instead talk about it with people you trust. As Bore says: “I know plenty of people who you could argue ‘should have known better’ who were caught because of a bad night’s sleep, or because the message came through to their phone at 6am and woke them up. We are human, and our attention lapses - treating this as some ultimate shameful character flaw rather than a momentary failing makes things easier for the criminals.”

7. Make others aware

Your church leader, church warden or even the Archbishop of York should never ask you for money via social media or email. The Diocese of York has asked church leaders to make this clear to their congregations. All of us can talk to others about the risks and help people feel they can have open conversations about their experiences.

People wanting to make money will constantly be looking for new tricks to deceive generous people. Anyone can get caught out by a scam, but by following this advice we should all be able to keep one step ahead of the fraudsters