News
Cyber Criminals vary their tactics to deceive both businesses and individuals
24 May 2016
Cyber Criminals are becoming increasingly adaptable and sophisticated in their attempts to deceive both individuals and businesses.
As awareness grows of many of the more established forms of fraud, criminals are taking advantage of the growth of mobile devices and new ways of communicating. We explain the main forms of Cyber Crime and how to help spot and avoid them.
Many people in the UK have now ‘grown up’ with the internet and email as a part of their everyday lives. As a result, many of them are now savvy to some of the more obvious attempts to defraud them, such as spurious emails requesting their credit card details or online banking credentials.
As a result, Cyber Criminals have looked to employ other techniques where internet users might be less experienced and alert to attempts to defraud them. The main forms of online fraud are as follows:
(1) Phishing
This is one of the older forms of Cyber Crime. Although both consumers and spam filters are better at spotting and pre-empting this most basic form of fraud, its continued use suggests that it is still effective for less-sophisticated web users. The obvious signs to look for are still:
- Links which go through to a domain other than the bank/organisation they are claiming to be from (hover over the links with your mouse to see where they link to)
- Poor grammar and spelling in the content of the email
- A salutation which doesn’t address you by name, if you have a relationship with the real organisation
- An outdated or pixelated logo
- Attachments to the email
- A request for personal or sensitive information such as credit card details
(2) Pharming
This newer crime involves installing malicious code on your computer, when you click on links on a fraudulent website. The obvious things to look out for here are:
- Ensure that any website you enter any details in to is secure. The address should begin with http rather than http, and your browser may also display a padlock logo or similar. Most newer browsers will also warn you before entering a site if it has previously had a security certificate which has now expired.
- Be wary if the site has changed significantly and doesn’t appear as you would expect.
(3) Vishing
This form of fraud tries to rely less on technology and exploit the vulnerability of individuals. Victims will receive a phone call or text message, asking either for specific personal information or for a call back to discuss something. To trick people in to responding, criminals often look to create a sense of urgency, such as pretending that a fraud is already taking place and action is required to prevent things going further. By doing this, victims feel that they need to act immediately rather than taking time to verify the claims of the caller.
Some simple tips to help avoid this type of fraud are:
- Avoid calling any numbers in emails or texts you have received.
- Search online for genuine contact details for the organisation, and call them to verify that the contact is legitimate.
- Forward any texts or emails you have received to the organisation, so they can verify them or use them to prevent further frauds if they are not legitimate.
(4) Smishing
This technique uses text messaging to entice customers. The messages often come from a ‘5000’ number, which suggests that they have been sent through email rather than via a mobile phone. Smishing attempts will then use similar tactics to vishing attempts to fraudulently obtain sensitive personal information. As before, the best advice is to contact the organisation – if you do have a genuine relationship with them – to verify the content of the message.
As the use of mobile devices and the number of available communication platforms continue to grow, it’s highly likely that cyber criminals will continue to find new ways to operate. It’s important that businesses remain up to date with cyber security, through organisations such as Cyber Streetwise and Action Fraud. Both of these organisations are a great source of useful, free information for businesses.