RBS Bank Warns Of Increased Cybercrime
Scammers are targeting ordinary members of the public and businesses in a multi-million-pounds industry. Last year, there were more than 1.8million reported cases of financial fraud, with losses of more than £768million across Britain. Cyber-crime has reached unprecedented levels and is now as common as traditional crime in Scotland.
The most common scams include bogus emails, text, telephone calls or social media messages. These have become modern criminal’s tools to dupe a trusting public into revealing passwords or banking codes to steal cash.
“Online is the new frontline,” says DCI Brian Stuart, head of cyber-crime at Police Scotland. “Criminals have taken old crime into the modern world, using new technologies to overcome peoples trust.
“People who commit cyber-crime can be lone individuals in a bedroom through to an industry of individuals working for an organised gang in a foreign territory, and everything else in between.”
But customers are equally at risk.
Every day, millions of people go online and they need to understand how to keep themselves and their finances safe, says Royal Bank of Scotland.
Eight scam calls are also made every second in the UK and you are now more likely to receive a call from a scammer than your own family or friends.
The Royal Bank of Scotland is leading calls for the public to understand and use online security measures.
Although cyber criminals do use sophisticated ways to attack and infiltrate personal data, the biggest threats to individuals are rudimentary scams, carried out by modern-day confidence tricksters.
“It’s a bit of a myth that cyber-crime is a technical thing, that involves hacking and breaking into systems,” says Julie McCardle, customer security manager at Royal Bank of Scotland.
It’s more about social engineering, how criminals will hack into people to get the information they need to go on and steal money from them.
“Most of the fraud and scams that we deal with at the bank are really simply avoided by taking more steps to protect yourself.”
Julie added: “Online and digital banking is incredibly secure and we have invested millions of pounds into security.
“But if a customer receives a bogus phone call that asks for their information and they give it, out no amount of money or technology will help with that.”
Ian Moore's story: Con was so convincing
The week before Christmas, single parent Ian Moore received a text from his bank, in the same way as previous legitimate messages.
The message warned him that his debit card was recently used at an Apple online store for £799, and asked him to urgently call the bank’s fraud prevention department.
Neither widower Ian nor his nine-year-old son Callum had made any payments so he called the number and spoke to a woman who sounded friendly and professional. She asked him security questions including his name, mother’s maiden name and date of birth and even asked him to put his card into his PIN card reader for an extra security check.
After a 15-minute conversation Ian, from Armadale in West Lothian, came off the phone believing he’d spoken to his bank and feeling pleased that he’d managed to stop a scam.
Soon after, Ian popped out to his local supermarket and used the ATM machine, and was shocked to discover that his account had been completely cleaned out of £730 and there was only £2 left.
He immediately headed to his local branch and showed them the text message and they told him he’d been scammed.
That night after putting his son to bed, Ian sat in his living room in tears beside himself with worry, with no money in his account a week before Christmas with presents to buy.
Fortunately, Ian was reimbursed by his bank even though there was no obligation for them to do so and he was extremely grateful to them for helping him to make sure Christmas wasn’t ruined.
“It was so convincing, so realistic, I would defy anyone not to be fooled,” says Ian.
The modern means crooks are using
Here, we explain the different ways criminals are able to get hold of the information they need in order to steal money, and provide you with the advice you need to ensure you don’t become one of their victims.
Phishing
Phishing is when an email appears to have come from a legitimate source but it has actually been sent by a fraudster to allow them to “phish” for information from the target.
The fake email may look very realistic and will ask you to click on a link or open an attachment.
When you click on the link, you are likely to be asked to enter personal or financial information, all of which is fed back to the fraudster to allow them to go on and steal money from you.
If there’s an attachment and you click on this, it’s highly likely that you’ve downloaded malicious software that can allow the fraudster to spy on your activities, steal your data and even hold your files to ransom.
- Never click on any unexpected attachments
- Check whether the email address is the same or just similar to the address you usually receive emails from
Vishing
Vishing is voice phishing. It’s an unsolicited call from a fraudster who pretends to be from your bank, the police or any other official company.
During the call, they will use urgent and compelling language to trick or convince you into providing them with personal, confidential or financial information.
This can include details about your bank account, credit card or online banking log-in codes.
- Never give out your pin, password or any personal information
- If in doubt, just hang up
Smishing
This is when a fraudster impersonates your bank or any other official company by SMS or text message. The text message may refer to the need to verify, update or unlock your account, and these are all clever tactics to get you to click on a link or call a telephone number that the fraudster has provided in the message.
Clicking on the link is likely to take you to a genuine looking but bogus version of the company’s website, where any information you enter is captured by the fraudster.
Similarly, if you call the number provided in the text message, fraudsters will try to trick you into giving away your personal and security information.
- Do not respond to embedded links in texts
- Call the number on the back of your card instead
Twishing
Twishing is when a criminal phishes for information through social media. They may contact you using a social media handle that looks like the message has come from your bank or another trusted organisation.
Once they have your trust, the fraudster will try to obtain personal information that will allow them to impersonate you, or they may try to direct you to a fake version of your bank’s website where you will be encouraged to enter your security details.
All of this information is then captured by the fraudster and used to steal your money.
- Check your privacy settings and think twice about what you share
- Think twice before accepting someone you don’t know as a friend
Top tips for online safety
1. Know the scams.
2. Think before you click.
3. Use the Internet safely by being aware of phony sites and checking URLs. Look for the padlock symbol in the address bar as this is a good indication that they are reputable.
4. Shop safely by using HTTPS sites and use your credit card rather than debit card.
5. Make sure your passwords are fit for purpose by using upper and lower case letters and numbers.
6. Keep your guard up – regularly back-up your data.
7. Watch your Wi-FI connectivity. Change your router default settings and make sure the password is protected. Also make sure you are tapping into authentic Wi-FI when you are on the move.
8. Don’t click on unexpected attachments or links within unsolicited emails.
9. Install a firewall or make sure you are up to date with recent security software.
10. Use your head – if it looks too good then it probably is.
You Might Also Read:
Six Seconds To Hack A Credit Card:
App Or Browser: Which Is Safer For Online Banking?:
The Cybersecurity Threats That Keep Banks Alert: