By Stephen Lovell, GÉANT
Cybercrime is on the increase. But what is cybercrime?
“Ordinary people” may think of cybercrime as something related to their finances, but the landscape of Cybercrime is growing and the range of offences is increasing.
It’s worth knowing that you can become an unwitting part of a criminal activity; if your home network has weak passwords to allow people to use your Internet connection, or you have devices on your network “infected” with nefarious software.
We (the people) rely on organisations to help protect us – and they are ever vigilant against new and growing threats. But we can help too. Cyber Security Month 2021 has a number of themes that we’ll look at each week, but for now, let’s make this All About You (specifically your money…).
So, what about financial cybercrime?
Protect yourself – don’t believe anything they tell you or ask you!
Picture the scene. One of those week-long school holidays & everyone in the house is *so bored* and there’s a constant fight for TV rights:
*Doorbell rings.
“Daaaaaaaaad! There’s someone at the door says they’re from your bank; they wants your wallut so they can transfer your money somewhere saferer. And it’s URGENT!!!!”
“I’m in the middle of something! And it’s ‘want’ and ‘wallet’. And ‘saferer’??. Fine. Wallet is next to the car keys.”
Can you imagine that happening? Or how instead the quiet padding of adult feet down the hallway, followed by the most satisfying slam of a front door you’ve heard in months?
Fraud is on the increase. The sad reality is that more of us are being contacted by fraudsters trying to make us transfer money out of our “real” bank accounts for reasons of “internal process” or “safety of your account”. Other criminals try and trick us into revealing different information – perhaps the password for our favourite jungle-themed online books-and-everything-else shop; a password which you Definitely Don’t Use For Other Websites, do you?
And we’re not being “targeted” as much as the fraudsters are using a scatter-gun approach; try enough people and if only one person succumbs, that’s a good week’s work. Phone calls? Happens daily. Emails with dangerous links? Happens hourly. Written letters to your home? Not as frequent, but does happen.
No one is “safe” but… no-one needs to be “unsafe”. We *can* be aware and cautious
Here are some things to think about whenever you get a phone call, or an email… a pigeon:
They ‘phoned you?
It’s for them to prove they’re legitimate. Never accept their word. Never continue the conversation UNLESS it’s pre-arranged -or- they can tell you something only they /could/ know – perhaps if a bank, set up a phrase (a few words) for your account that only someone at the bank could know; they must read this out to you.
SMS?
“We have a parcel waiting for you – go to this site and help us re-deliver”.
Are you actually expecting a parcel? If yes, then the message /might/ be legitimate, but I’d still suggest going to the delivery company’s website – don’t use any link in the text message you just received – and checking the status of your delivery yourself.
Always, always check the links in text messages – crafty attackers have all sorts of tricks up their sleeves; a URL that /looks/ right on first glance but has a missing letter from a word
eg RyalMail.com/{string of characters from a random smash of keyboard}
But whatever the link is do please be careful before visiting the link; and even if you do, what delivery company would want you to enter your name, address, credit card number, date of birth and colour of your pet?
They emailed you?
Take the content of the email “with a pinch of salt”. If you’re being told about an event with your bank account or shopping account, then the email will be letting you know about something you can read /when you log in to your account yourself/.
Certainly don’t ever click a link in an email without trying to see /where/ the link *is actually taking you* – remember, just because the email shows you
“https://really.is.your.bank.com/friendlyLoginPage”
the actual link might be
“https://naughty.people.want.everything.in.your.wallet.com/andYourCarKeys”.
Hover your mouse over the link and see what the link’s address actually is.
(If you’re on a touch device, you could not try this trick, and skip straight to “log in to bank/shop yourself and see what’s going on”)
Oh, and of course please be very careful opening any attachments; again, a company will have all the information waiting for you when you log in to your account!
Don’t be rushed
No bank or company worth your business will ever try to pressure you into doing something or buying something by ‘phone or email or pigeon.
Here’s what I do:
Take a breath.
You can always put the ‘phone down (or slam close the front door).
You can always come back to that “urgent” email later.
If in doubt, you can contact the bank/shop *yourself*. In your own time.
Just keep breathing. And remind yourself where your wallet is.
Also this year GÉANT joins the European Cyber Security Month, with the 'Cyber Hero @ Home' campaign. Read articles from cyber security experts within our community and download resources from our awareness package on https://connect.geant.org/csm2021
