Season’s greetings – and stay safe – why this is not always the season of goodwill!
Firstly we at Fraud Management Resource Centre and Rightway Compliance would like to wish our customers and friends all the very best at this time of year. We would also like to remind people that the festive season is unfortunately a time for criminals as well as a time for goodwill.
We want individuals and businesses to stay safe and therefore want to remind people of some of the particular dangers posed at this time of year.
- If you are setting up a new online account make sure you secure it with a strong password. Use 3 random words. You just put them together, like ‘coffeetrainfish’ or ‘walltinshirt’. Only give limited information when creating accounts (complete mandatory fields only) and only create accounts where necessary i.e. use guest checkout facilities for sites you visit only occasionally.
- Enable Two Factor Authentication (2FA) or stronger whenever you can. 2FA is a way for the service provider to check its you logging in by using a real-world source such as sending a security code to your mobile phone. This helps protect you because it is unlikely that a cyber criminal who has managed to obtain your password will have this “second factor”. See these instructions for setting up 2 factor authentification in PayPal.
- Secure your new device as most devices that connect to the internet (printers, security cameras, speakers, TVs etc.) arrive with a default admin password which is the same on every device sold. This can leave your device and network vulnerable to attack as these default passwords are widely known. Change all device admin password as soon as you have purchased them! Most of the big tech companies have additional information available to help you secure your device:
- Be more anti-social in what information you provide and share online this christmas. Personal details can be used by cybercriminals to build trust with you which they can then exploit by getting you to reveal further details that may enable them to scam you.
- Be careful where you shop as criminals can set up very good ‘lookalike’ sites. Looking for a padlock in the browser can help but is not a guarantee – it just tells you the site is secure it doesn’t verify where your details are being sent. Criminals can exploit this by setting up secure fake sites! If you are suspicious or something seems too good to be true then ‘take five’ and think carefully before proceeding. Access sites from trusted links rather than facebook ads or other sources where a web link has been provided to you.
- Use a credit card for purchases if you have one, as most major credit card providers insure online purchases. You will need to check your card’s Terms and Conditions for exact details. Where possible, avoid paying for goods or services by bank transfer if you don’t know and trust the person or company. Payments via bank transfer offer you no protection if you become a victim of fraud.
- Dispose of old devices securely and remove all data from them before selling or disposing of them. It is not sufficient to simply delete the files as this does not generally remove them from the hard disc it just lets the computer use that space to overwrite a file with new data. Until it is overwritten the file will still be available (just not visible on searches).
- If you’re buying tickets this holiday season, only buy tickets from official outlets, such as the venue’s box office, the official promoter, or a well-known and reputable ticket exchange site.
- If you are travelling this christmas don’t use public wifi including airports and hotels. Even if they are password secured networks just think how many people know the password! Better to use your mobile network 4G and tether your laptop to that. If you do need to login to public wifi then use a VPN (Virtual Private Network), many antivirus packages throw these in for free now. They basically keep your browsing secure even on unsecure networks.
- Fraudsters prey on the most vulnerable so this is a good time of year to have a face to face “fraud chat” with the elderly folks in our lives. Remember, fraudsters will exploit every opportunity to target our most vulnerable.
- Charity phishing – fraudsters know that many people feel charitable at this of year and so target your good will. They may send emails from a bogus charity or ones that purport to come from a legitimate charity but contain a link to a scam site. Make sure you go through the charity in question’s own site.
- Fake delivery emails – in the run-up to Christmas, many people have dozens of packages arriving and often lose track of what they’ve ordered. Scammers know this and send out emails that purport to come from legitimate courier companies. These ask recipients to click on a link. When they do, they download malware or are taken to a scam site. Check the sender’s address to ensure it is a legitimate company and go to the company’s own website to track orders.
How we can support you
It can perhaps seem daunting to think of all of the things you need to cover in identifying how you or your organisation might be vulnerable to fraud and cybercrime and how you can protect it. We have various services to provide support in putting the appropriate controls in place.
Our unique Fraud Management Resource Centre has a wealth or resources, guides and tools available free to those who want a DIY self-serve option.
Ask us a Question
Ask us a question about managing financial crime risks including fraud, cybercrime, bribery, corruption, money laundering, terrorist financing, sanctions, modern slavery or facilitation of tax evasion. Complete the form below.