RBS Bank Warns Of Increased Cybercrime

Scammers are targeting ordinary members of the public and businesses in a multi-million-pounds industry. Last year, there were more than 1.8million reported cases of financial fraud, with losses of more than £768million across Britain. Cyber-crime has reached unprecedented levels and is now as common as traditional crime in Scotland.

The most common scams include bogus emails, text, telephone calls or social media messages. These have become modern criminal’s tools to dupe a trusting public into revealing passwords or banking codes to steal cash.

“Online is the new frontline,” says DCI Brian Stuart, head of cyber-crime at Police Scotland. “Criminals have taken old crime into the modern world, using new technologies to overcome peoples trust.

“People who commit cyber-crime can be lone individuals in a bedroom through to an industry of individuals working for an organised gang in a foreign territory, and everything else in between.”

In May 2017 the WannaCry cyber-attack, the largest in history, crippled the NHS and illustrated the vulnerability of large organisations.

But customers are equally at risk.

Every day, millions of people go online and they need to understand how to keep themselves and their finances safe, says Royal Bank of Scotland.

Eight scam calls are also made every second in the UK and you are now more likely to receive a call from a scammer than your own family or friends.

The Royal Bank of Scotland is leading calls for the public to understand and use online security measures.

Although cyber criminals do use sophisticated ways to attack and infiltrate personal data, the biggest threats to individuals are rudimentary scams, carried out by modern-day confidence tricksters.

“It’s a bit of a myth that cyber-crime is a technical thing, that involves hacking and breaking into systems,” says Julie McCardle, customer security manager at Royal Bank of Scotland.

It’s more about social engineering, how criminals will hack into people to get the information they need to go on and steal money from them.

“Most of the fraud and scams that we deal with at the bank are really simply avoided by taking more steps to protect yourself.”

Julie added: “Online and digital banking is incredibly secure and we have invested millions of pounds into security.

“But if a customer receives a bogus phone call that asks for their information and they give it, out no amount of money or technology will help with that.”

Ian Moore's story: Con was so convincing

The week before Christmas, single parent Ian Moore received a text from his bank, in the same way as previous legitimate messages.

The message warned him that his debit card was recently used at an Apple online store for £799, and asked him to urgently call the bank’s fraud prevention department.

Neither widower Ian nor his nine-year-old son Callum had made any payments so he called the number and spoke to a woman who sounded friendly and professional. She asked him security questions including his name, mother’s maiden name and date of birth and even asked him to put his card into his PIN card reader for an extra security check.

After a 15-minute conversation Ian, from Armadale in West Lothian, came off the phone believing he’d spoken to his bank and feeling pleased that he’d managed to stop a scam.

Soon after, Ian popped out to his local supermarket and used the ATM machine, and was shocked to discover that his account had been completely cleaned out of £730 and there was only £2 left.

He immediately headed to his local branch and showed them the text message and they told him he’d been scammed.

That night after putting his son to bed, Ian sat in his living room in tears beside himself with worry, with no money in his account a week before Christmas with presents to buy.

Fortunately, Ian was reimbursed by his bank even though there was no obligation for them to do so and he was extremely grateful to them for helping him to make sure Christmas wasn’t ruined.

“It was so convincing, so realistic, I would defy anyone not to be fooled,” says Ian.

The modern means crooks are using

Here, we explain the different ways criminals are able to get hold of the information they need in order to steal money, and provide you with the advice you need to ensure you don’t become one of their victims.

Phishing

Phishing is when an email appears to have come from a legitimate source but it has actually been sent by a fraudster to allow them to “phish” for information from the target.

The fake email may look very realistic and will ask you to click on a link or open an attachment.

When you click on the link, you are likely to be asked to enter personal or financial information, all of which is fed back to the fraudster to allow them to go on and steal money from you.

If there’s an attachment and you click on this, it’s highly likely that you’ve downloaded malicious software that can allow the fraudster to spy on your activities, steal your data and even hold your files to ransom.

  • Never click on any unexpected attachments
  • Check whether the email address is the same or just similar to the address you usually receive emails from

Vishing

Vishing is voice phishing. It’s an unsolicited call from a fraudster who pretends to be from your bank, the police or any other official company.

During the call, they will use urgent and compelling language to trick or convince you into providing them with personal, confidential or financial information.

This can include details about your bank account, credit card or online banking log-in codes.

  • Never give out your pin, password or any personal information
  • If in doubt, just hang up

Smishing

This is when a fraudster impersonates your bank or any other official company by SMS or text message. The text message may refer to the need to verify, update or unlock your account, and these are all clever tactics to get you to click on a link or call a telephone number that the fraudster has provided in the message.

Clicking on the link is likely to take you to a genuine looking but bogus version of the company’s website, where any information you enter is captured by the fraudster.

Similarly, if you call the number provided in the text message, fraudsters will try to trick you into giving away your personal and security information.

  • Do not respond to embedded links in texts
  • Call the number on the back of your card instead

Twishing

Twishing is when a criminal phishes for information through social media. They may contact you using a social media handle that looks like the message has come from your bank or another trusted organisation.

Once they have your trust, the fraudster will try to obtain personal information that will allow them to impersonate you, or they may try to direct you to a fake version of your bank’s website where you will be encouraged to enter your security details.

All of this information is then captured by the fraudster and used to steal your money.

  • Check your privacy settings and think twice about what you share
  • Think twice before accepting someone you don’t know as a friend

Top tips for online safety

1. Know the scams.
2. Think before you click.
3. Use the Internet safely by being aware of phony sites and checking URLs. Look for the padlock symbol in the address bar as this is a good indication that they are reputable.
4. Shop safely by using HTTPS sites and use your credit card rather than debit card.
5. Make sure your passwords are fit for purpose by using upper and lower case letters and numbers.
6. Keep your guard up – regularly back-up your data.
7. Watch your Wi-FI connectivity. Change your router default settings and make sure the password is protected. Also make sure you are tapping into authentic Wi-FI when you are on the move.
8. Don’t click on unexpected attachments or links within unsolicited emails.
9. Install a firewall or make sure you are up to date with recent security software.
10. Use your head – if it looks too good then it probably is.

Daily Record

You Might Also Read:

Six Seconds To Hack A Credit Card:

App Or Browser: Which Is Safer For Online Banking?:

The Cybersecurity Threats That Keep Banks Alert:

 

 

« News & Sports Websites 'vulnerable to attack'
Binky: An Anti-Social Media Simulator »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Egress Software Technologies

Egress Software Technologies

Egress Software Technologies is a leading provider of data security services designed to protect shared information throughout its lifecycle.

Dataguise

Dataguise

Dataguise provides a data-centric security solution to detect, protect, and monitor sensitive data in real time across all data repositories, both on premises and in the cloud.

Deep Identity

Deep Identity

Deep Identity is a boutique system integrator, with expertise in tailored identity governance & administration (IGA) and identity access management (IAM) solutions.

Holm Security

Holm Security

Holm Security are taking vulnerability assessment into the next generation as a cloud service.

Destel

Destel

Destel is a system integrator and provider of IT services focused on Advanced Network & Security Solutions.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

RFA

RFA

RFA is a unique IT, financial cloud and managed cyber-security provider to the financial services and alternative investment sectors.

Oceania Cyber Security Centre (OCSC)

Oceania Cyber Security Centre (OCSC)

OCSC engages with government and industry to conduct research, develop training opportunities and build capacity for responding to current and emerging cyber security issues.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Consensys

Consensys

ConsenSys is a global blockchain company. We develop enterprise applications, invest in startups, build developer tools, and offer blockchain education.

Cyber Security Courses

Cyber Security Courses

Cyber Security Courses was formed to help students in the UK find cyber security courses online.

NetNordic Group

NetNordic Group

NetNordic is a Nordic system integrator focusing on solutions and services in the area of networking, smart data centers, cybersecurity, and unified communication.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Infosec Institute

Infosec Institute

Infosec is a leading cybersecurity training company, we help IT and security professionals advance their careers with skills development and certifications.

Zeta Sky

Zeta Sky

Zeta Sky offers a full range of IT and cyber-security services for your business.

Arista Middle East

Arista Middle East

Arista Middle East is part of Global Arista Technologies specializing in OT Cybersecurity.