Online Fraud

Following a recent increase in online fraud attempts, our IT Consultant, Chris O’Brien from CoBIT South West Limited, has sent out some really useful reminders and guidelines that I think are worth a read:

Over the past few weeks I’ve dealt with a small but worrying number of email and web security problems that really shouldn’t have happened if the computer user had been a little more aware of the nature of recent security threats. I’d like to briefly highlight some here, and ask that you pass this onto anyone who you think may benefit from this information.

The Phone call.

Simple one this, no one from any telecoms, bank or IT company will ever call you to tell you that you have a problem with your PC or internet connection. Just to be clear here, Microsoft, BT, TalkTalk or any other related company will not ever call you to offer to help make your PC work better, do not ever let anyone take remote control of your PC as the result of them calling you (unless it’s your known IT support company and you can verify their identity). The same applies for calls from your bank or credit card company.

The Web Site

You must have a valid, regularly updated security product installed on your PC and you must know its name. If/when browsing the internet and a security message appears and it’s not from your security product, be very, very wary and do not act upon it until you have consulted your IT support. Of particular note are messages from ‘Microsoft’ to say your PC is infected and to call them, from ‘Flashplayer Pro’ or from any site that says you need to ‘click here’ to download a special player for the web content.

When web browsing, have your human common sense filter on high, don’t just click away, be very wary and as before, if in doubt, stop what you’re doing and ask your IT support for advice.

The Email

Oh where to start? Where to finish?. There are lots of email scams, too many to mention here without you drifting off, but here’s a brief list of what to look for. And remember, trust no one.

CEO fraud. Email saying it’s from the boss asking for money transfer or for sensitive info. Confirm the email address is actually theirs and not just their name and it came from their regular email account and device. If doubtful, do not reply to the email, call the boss to confirm their instructions. The boss would rather you called them to check it’s really them rather than lose the company money or information.

Supplier Fraud. Suppliers will email to say that they have had a change of bank account, to make future payments to a different bank account. Call the supplier on their known number (again, don’t email) to confirm their instructions.

Email from yourself. Think about this, you’re not going to send yourself an email usually are you? Do not open it, and really, really don’t open the attachment that will invariably come with it.

Email from a friend asking for money or help. OK, we all have friends that are a bit needy, but if you receive an email from a friend, (usually one who uses the free accounts like Gmail, yahoo, BT, Hotmail) that uses phrases that you wouldn’t expect them to use and asking you to send them money or email them back urgently, be very cautious. Ideally call them, do not email a reply. It’s quite possible that their account has been hacked or spoofed and if you continue you may end up poorer.

Email from someone you don’t know. As mentioned elsewhere, trust no –one. If you receive an email from someone you don’t know, about something you know nothing about (this could be an ‘Amazon’ order you didn’t place or a ‘UPS’ package that didn’t get delivered), tread carefully, do not act upon it, do not forward it, do not reply, do not click on any links. Apply some human knowledge and determine if it’s legitimate and safe and contact your support (be that IT or office manager) for guidance.

There’s lots more, Snopes is always a good starting point to check if what you’re seeing is legitimate, http://www.snopes.com/category/fact-fraud/

These guideline aren’t exhaustive by any means, but hopefully will remind you to be cautious when using your PC, keep your security and backup up to date and if in doubt, do not act on what you’re presented with on your screen and ask for assistance.