RBS Bank Warns Of Increased Cybercrime

Scammers are targeting ordinary members of the public and businesses in a multi-million-pounds industry. Last year, there were more than 1.8million reported cases of financial fraud, with losses of more than £768million across Britain. Cyber-crime has reached unprecedented levels and is now as common as traditional crime in Scotland.

The most common scams include bogus emails, text, telephone calls or social media messages. These have become modern criminal’s tools to dupe a trusting public into revealing passwords or banking codes to steal cash.

“Online is the new frontline,” says DCI Brian Stuart, head of cyber-crime at Police Scotland. “Criminals have taken old crime into the modern world, using new technologies to overcome peoples trust.

“People who commit cyber-crime can be lone individuals in a bedroom through to an industry of individuals working for an organised gang in a foreign territory, and everything else in between.”

In May 2017 the WannaCry cyber-attack, the largest in history, crippled the NHS and illustrated the vulnerability of large organisations.

But customers are equally at risk.

Every day, millions of people go online and they need to understand how to keep themselves and their finances safe, says Royal Bank of Scotland.

Eight scam calls are also made every second in the UK and you are now more likely to receive a call from a scammer than your own family or friends.

The Royal Bank of Scotland is leading calls for the public to understand and use online security measures.

Although cyber criminals do use sophisticated ways to attack and infiltrate personal data, the biggest threats to individuals are rudimentary scams, carried out by modern-day confidence tricksters.

“It’s a bit of a myth that cyber-crime is a technical thing, that involves hacking and breaking into systems,” says Julie McCardle, customer security manager at Royal Bank of Scotland.

It’s more about social engineering, how criminals will hack into people to get the information they need to go on and steal money from them.

“Most of the fraud and scams that we deal with at the bank are really simply avoided by taking more steps to protect yourself.”

Julie added: “Online and digital banking is incredibly secure and we have invested millions of pounds into security.

“But if a customer receives a bogus phone call that asks for their information and they give it, out no amount of money or technology will help with that.”

Ian Moore's story: Con was so convincing

The week before Christmas, single parent Ian Moore received a text from his bank, in the same way as previous legitimate messages.

The message warned him that his debit card was recently used at an Apple online store for £799, and asked him to urgently call the bank’s fraud prevention department.

Neither widower Ian nor his nine-year-old son Callum had made any payments so he called the number and spoke to a woman who sounded friendly and professional. She asked him security questions including his name, mother’s maiden name and date of birth and even asked him to put his card into his PIN card reader for an extra security check.

After a 15-minute conversation Ian, from Armadale in West Lothian, came off the phone believing he’d spoken to his bank and feeling pleased that he’d managed to stop a scam.

Soon after, Ian popped out to his local supermarket and used the ATM machine, and was shocked to discover that his account had been completely cleaned out of £730 and there was only £2 left.

He immediately headed to his local branch and showed them the text message and they told him he’d been scammed.

That night after putting his son to bed, Ian sat in his living room in tears beside himself with worry, with no money in his account a week before Christmas with presents to buy.

Fortunately, Ian was reimbursed by his bank even though there was no obligation for them to do so and he was extremely grateful to them for helping him to make sure Christmas wasn’t ruined.

“It was so convincing, so realistic, I would defy anyone not to be fooled,” says Ian.

The modern means crooks are using

Here, we explain the different ways criminals are able to get hold of the information they need in order to steal money, and provide you with the advice you need to ensure you don’t become one of their victims.

Phishing

Phishing is when an email appears to have come from a legitimate source but it has actually been sent by a fraudster to allow them to “phish” for information from the target.

The fake email may look very realistic and will ask you to click on a link or open an attachment.

When you click on the link, you are likely to be asked to enter personal or financial information, all of which is fed back to the fraudster to allow them to go on and steal money from you.

If there’s an attachment and you click on this, it’s highly likely that you’ve downloaded malicious software that can allow the fraudster to spy on your activities, steal your data and even hold your files to ransom.

  • Never click on any unexpected attachments
  • Check whether the email address is the same or just similar to the address you usually receive emails from

Vishing

Vishing is voice phishing. It’s an unsolicited call from a fraudster who pretends to be from your bank, the police or any other official company.

During the call, they will use urgent and compelling language to trick or convince you into providing them with personal, confidential or financial information.

This can include details about your bank account, credit card or online banking log-in codes.

  • Never give out your pin, password or any personal information
  • If in doubt, just hang up

Smishing

This is when a fraudster impersonates your bank or any other official company by SMS or text message. The text message may refer to the need to verify, update or unlock your account, and these are all clever tactics to get you to click on a link or call a telephone number that the fraudster has provided in the message.

Clicking on the link is likely to take you to a genuine looking but bogus version of the company’s website, where any information you enter is captured by the fraudster.

Similarly, if you call the number provided in the text message, fraudsters will try to trick you into giving away your personal and security information.

  • Do not respond to embedded links in texts
  • Call the number on the back of your card instead

Twishing

Twishing is when a criminal phishes for information through social media. They may contact you using a social media handle that looks like the message has come from your bank or another trusted organisation.

Once they have your trust, the fraudster will try to obtain personal information that will allow them to impersonate you, or they may try to direct you to a fake version of your bank’s website where you will be encouraged to enter your security details.

All of this information is then captured by the fraudster and used to steal your money.

  • Check your privacy settings and think twice about what you share
  • Think twice before accepting someone you don’t know as a friend

Top tips for online safety

1. Know the scams.
2. Think before you click.
3. Use the Internet safely by being aware of phony sites and checking URLs. Look for the padlock symbol in the address bar as this is a good indication that they are reputable.
4. Shop safely by using HTTPS sites and use your credit card rather than debit card.
5. Make sure your passwords are fit for purpose by using upper and lower case letters and numbers.
6. Keep your guard up – regularly back-up your data.
7. Watch your Wi-FI connectivity. Change your router default settings and make sure the password is protected. Also make sure you are tapping into authentic Wi-FI when you are on the move.
8. Don’t click on unexpected attachments or links within unsolicited emails.
9. Install a firewall or make sure you are up to date with recent security software.
10. Use your head – if it looks too good then it probably is.

Daily Record

You Might Also Read:

Six Seconds To Hack A Credit Card:

App Or Browser: Which Is Safer For Online Banking?:

The Cybersecurity Threats That Keep Banks Alert:

 

 

« News & Sports Websites 'vulnerable to attack'
Binky: An Anti-Social Media Simulator »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Nuix

Nuix

Nuix specialise in extracting knowledge from unstructured data. Applications include Digital Forensics, Cybersecurity Intelligence, Information Governance, eDiscovery.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Viavi Solutions

Viavi Solutions

Viavi Solutions is a global leader in both network and service enablement and optical security performance products and solutions.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

Diaplous Group

Diaplous Group

Diaplous Group is a leading Maritime Risk Management (MRM) provider, delivering specialized services to an ever-broadening portfolio of shipping, oil & gas, energy and construction industries.

vCISO Services

vCISO Services

vCISO Services is a small, specialized, veteran-owned firm focused on the needs of SMBs only.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

HiSolutions

HiSolutions

HiSolutions is a renowned consulting firms for IT governance, risk & compliance in Germany, combining highly specialized know-how in the field with profound process competence.

Conosco

Conosco

Conosco are industry-leading experts throughout the UK in strategic consulting, project delivery, business communications, support, and security.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Apex

Apex

We aspire to make the AI revolution run faster, securely, for the benefit of all. We are purposely built for the new AI era and are creating capabilities to safely enable AI.

Hilltop Technologies

Hilltop Technologies

Hilltop Technologies is a cybersecurity company specialized in managed security services and consulting tailored for all sectors from higher education to publicly traded companies.

CyberMass

CyberMass

CyberMass provides Cyber Advisory/Consulting, Professional and Managed Services offering complete cybersecurity as a service protection to businesses.