A guide tocyber crimeprevention

Cyber criminals will often use email to try and trick people into downloading malicious software (spyware) or to collect personal information from the user by a process known as phishing. This is often done by sending unwanted emails (spam).

Protecting yourself against spam email is a fairly straightforward process. All email service providers have an option for filtering out spam or junk emails.

- If the spam filter on your system is not already turned on as default, you can activate it using your filtering preference tab (use the programs “Help” tool from the menu if you can’t find the preference filter)

- Email providers will also allow you to block email from specific addresses. If you use Microsoft Outlook select the message from the sender you wish to block, go to the “Actions” menu, go to “Junk email” and select “Add to blocked senders list”. If you use Hotmail select the message from the sender you need to block, click on the “Sweep” menu and select the option to “Block messages from this sender”

- Regardless of your email program, always exercise caution when opening email from an unknown sender. If it looks suspicious, play safe and add the sender to your blocked list.

PHISHING attacks can take a more sophisticated approach and use email or malicious websites to collect personal and financial information. This can often take the form of an urgent email requesting account information, appearing to be from a reputable bank or credit card company. When the recipient responds with the information, the criminals can then use it to gain access to accounts.

• Click here

Email Fraud

2

Email Fraud

3

Protecting yourself against phishing starts with the simple acknowledgement that your bank or account provider will never email you asking for account information. They have specific processes in place for verifying your identity when you contact them, and want you as a customer to be able to recognise a fraudulent approach.

- Be suspicious of urgent requests for personal or financial information

- Do not reveal personal or financial information in an email and do not respond to email solicitations for this information

- Check the URL of the website. The address may look the same as a legitimate site on first glance, but may use a slightly different spelling or different domains (e.g. .net instead of .co.uk)

4

- Check the quality of the communication. Misspelling, poor punctuation and bad grammar are often signs of phishing

- To check the legitimacy of an email, contact the company it is supposed to be from directly. To do this please ensure you use contact information from an account statement NOT the information provided in the email

- Install anti-virus software and firewalls to and keep them up to date

- If you believe that your financial accounts have been compromised, contact your financial institution immediately.

5

When conducting any form of financial business online, always check the security of internet banking or online shopping websites and use them safely by following these tips:

- Always look for and click on a padlock or key symbol (in the address bar of the website) which will detail the security of that site. Double click on the icon for more information

- Check that the secured site has an address that starts with “https”

- Always type the full web address into your browser to reduce your chances of being directed to a fake or spoof site

- Always log out of secure sites properly when you have finished your session.

Online Transactions

6

Additionally you should adhere to the following points when shopping online:

- INTERNET SECURITY - Ensure that you have a security suite (including firewall, anti-virus and anti-spyware) installed and updated with the most current information

- SELLERS - If you are buying from a seller you have never used before carry out some independent research before you buy. Ensure that you note physical addresses of the business and phone numbers to call if there is a problem with your transaction

- PASSWORDS - Try to make up passwords that are difficult for a fraudster to crack, using a mixture of letters, numerals and symbols. Do not have one password that you use for all your accounts, and try not to write your passwords down

- PAYMENT - Never send cash or use a money wiring service to pay for goods bought online as this leaves you little recourse if something goes wrong. Credit cards may allow the user to claim a credit from their card issuer if the product isn’t delivered and may place a limit on the amount you will be responsible for paying if your information is stolen and misused. PayPal is also considered to be a secure way of paying for goods online; you can even defer payment until the goods are received

- PAPER TRAIL - Print and save records of your online transactions. Read your credit card statements as soon as they arrive and contact your card issuer if there are any discrepancies. Log out from your session and turn off your computer when you have finished.

Online Transactions

7

As well as malicious emails and websites, there are a number of online scams that you should also be aware of.

ADVANCED FEE FRAUD- This is sometimes known

as the Nigerian 419 scam. It may entail you being contacted by someone purporting to be a government official who is seeking your help to transfer a large sum of money. They claim they will reward you with a share of the money that is being transferred

- All that is likely to happen is that you will be asked to pay sums of your own money for “handling fees”, “taxes” or “legal costs”. You will not see that money, or your promised share of the original sum, again.

Online Scams

8

Online Scams

9

- There are several types of fraud involving online auctions, even on reputable sites. The most common of these is to pay for an item that you will never receive or the product you were promised and have paid for turns out to be a counterfeit or in other way inferior product

- Always find out as much as you can about the seller and remember that if an offer seems too good to be true, it probably is.

Auction Fraud

Reshipping and payment processing fraud

- The lottery winner scam will involve you being contacted to inform you that you have won a large sum of cash (or another valuable prize). You will be asked to provide your card details to pay for any handling charges. You will lose this money and never see your promised “winnings”

- With this scam, always consider what your chances of winning a lottery (or other competition) that you never entered are.

Lottery Scams

- This scam will involve you being contacted by someone purporting to be a reputable offshore company asking you to assist them with processing payments (such as accepting and forwarding payments and taking a percentage) or accepting receipt of goods and forwarding them onto the “company”

- This is likely to be either a type of money laundering or the goods you are receiving are likely to have been stolen

10

With any type of online fraud, you should never respond to the email but forward the details to Action Fraud

who will then be able to investigate and take appropriate action. • Click here

11

Social Networking Scams

The growth of social networking sites such as Facebook and Twitter has been accompanied by con artists and cyber criminals targeting this area. The amount of information being exchanged on these sites makes it a breeding ground for scams.

The most common social networking scams involve the following:

1. MALWARE DOWNLOAD. Clicking on links for videos and programs on social networking sites can open the door to cyber criminals who send out spyware, Trojans and viruses. Users then inadvertently download these to their own computers and/or mail them out to their friends list.

By keeping your internet security up to date you can provide a first line of defence against these attacks. Avoid downloading applications from unknown providers and don’t believe that a message you received from a friend or contact necessarily came from them.

2. FALSE IDENTITY. It is easy for scammers to pass themselves off as someone else on social media sites by setting up false profiles. Scammers can pass themselves off as genuine people by using information trawled from the internet. Be cautious when accepting invitations from new friends or contacts.

3. IDENTITY THEFT. Profile pages are often packed with personal information such as you name, date of birth, email and contact number, not to mention photos of you. Scammers may try to build on that by phishing for your log on password. The most common way is by sending you a link to a bogus page that requires you to log on again.

12

Social Networking Scams

BEWARE of any links asking you to sign on again – in reality you are handing over your password.

To protect yourself on social networking sites;

1. Be careful about what information you share, and who you share it with.

2. Don’t post personal information such as your date of birth and mother’s maiden name

3. Regulate your privacy settings and control who sees your information

4. Do not accept requests from people you don’t recognise

5. Avoid any apps or online content that ask for your personal information

6. Don’t click on unfamiliar links from unknown sources

7. Don’t access social networking sites from public computers

8. Never engage in financial transactions on social networking sites

13

There are a number of telephone banking scams being used at the moment, and evidence suggests that these are on the rise. The three scams listed below are typical to those that we have seen in Hammersmith & Fulham, and across London recently.

SCAM 1- The scammer will ring you and ask

a few security questions in order for the victim to confirm who they are. (Remember they rang you!)

- These questions will mirror those the bank would normally ask you if you had rung them!

- They will also ask for the security digits on the back of your card

- Sometimes they ask you to ring them back, giving you a number to ring, or failing to disconnect themselves and hanging on the line so you think you have dialled a new number

- To be on the safe side ring a third party to ensure your phone has been properly disconnected and look up your banks number independently before phoning back.

SCAM 2- In this scam the thief rings you and

reports that your current bank or credit card has been compromised

- They inform you that they will send a courier around to collect the card and ask that you confirm your pin number prior to this

Telephone Banking/Courier Fraud

14

- Obviously once you have given them your number you can rest assured that they will come and collect the card! NEVER give out your PIN.

SCAM 3- Criminals contact victims posing

as police officers investigating fraudulent activity on their bank card

- They may contact the victim by telephone on more than one occasion to gain trust before attending their homes in ‘plain clothes’ to collect the victim’s bank card and PIN. Police officers would never need to know your pin

- The group tell the victims that they need to run the cards through a machine at Scotland Yard to identify the parties responsible for the fraud

- The victim is occasionally given a reference number or code word, or asked to place their card in an envelope and write the pin number on a slip of paper. They are told not to speak to anyone about the incident as it would jeopardise the investigation

- Once the card and PIN details are obtained, these are then used, often continuously over a number

of days at various retail outlets and betting shops. The offenders have also been known to contact the same victims at a later stage to try to obtain their new card details

- If you are contacted in this way, even if the attempt is unsuccessful, you should always report the matter to Action Fraud.

• They can be contacted on 0300 123 2040

• Click here

In order to protect yourself from such scams it is worth remembering the following points:

- The main High Street banks all say they would NEVER ask people to give sensitive information like passwords or PINs if they make an unsolicited call.

- If you are in any doubt at all, you shouldn’t be giving out any information whatsoever

- If you receive one of these calls, hang up and call your bank on their recognised number using a different handset.

Telephone Banking/Courier Fraud

15

Door step crime can occur when individuals try to enter your home under false pretences. Bogus callers may pose as builders, utility company personnel, council staff, or even police officers in order to gain access to your home and steal from you. As a general rule always be wary of people who turn up at your door unannounced. You do not have to let anyone in to your home. Additionally;

• Think before opening the door – are you expecting anyone?

• Ask the caller for proof of identity

• If in any doubt do not open the door. Instead ask the caller to return at a later time and arrange for a friend, relative or neighbour to be present

• If you are suspicious dial 999 immediately.

Door step crime and bogus callers

16

Identity fraud has become a significant crime in recent years, with criminals using an individual’s personal details in order to commit crime. Once personal details such as your address and bank account details are stolen, they can be misused or sold on to others to commit crime.

You should take the following steps to protect your personal details:

POST• If you begin to receive post from

people or companies that you don’t know, find out why

• When registering to vote, make sure you tick the box to opt out of the ‘Edited’ register. This will prevent unsolicited marketing mail being sent to you

• Redirect your mail when moving home

• Protect any mail left in communal areas, such as hallways in blocks of flats

• Sign up with the mailing preference service by calling 020 7291 3300 or at www.mpsonline.org.uk

Identity Fraud

17

BANK ACCOUNTS• Regularly check your bank accounts

and chase up any statements that are not delivered as expected

• Shred any documents that contain your personal or banking details

• Sign up to Verified by Visa, American Express Safekey, or Mastercard SecureCode when you receive new bank/credit cards. This helps to protect you if your card or details are lost or stolen

• And as always – never respond to unsolicited phone calls, emails or postal mail from a financial institution asking you to confirm your details, passwords, security codes or PIN.

MOBILE PHONES• Do not respond to unsolicited

texts about accident/personal injury claims, even if only to ask the sender to stop. Just delete the message

• Sign up to the Telephone Preference Service to prevent unsolicited sales calls. You can do this by calling 0800 398893 or at www.tpsonline.org.uk. It’s a legal requirement that companies do not make such calls to numbers registered with the TPS.

• Install anti-virus software on your smart phone.

18

Investment scams have become prevalent in recent years as the investment market has proven fertile ground for fraudsters. Many people have lost their life savings to investment scammers. The most common investment scams include buying precious metals, diamonds or other gemstones. Recent trends have seen scams develop in the purchase of carbon credits and alternative energy.

The most common scenario involves scammers cold calling you and trying to sell you investments in emerging markets that they claim will have return rates better than that of established investments

• The scammers will often call you a number of times in order to build a friendly relationship

• They will give you details that appear genuine; they may even have details of your previous investments, or shares you currently hold

• Having obtained money from you they will most likely call again in a bid to offer you further investments and extort more money.

If you receive such calls do not respond in any way as this will only encourage the scammers

• Always seek independent financial advice before you commit to any investment

• Check with the Financial Conduct Authority to see if the caller represents a registered company.

Investment Scams

19

Pension Scams have become a problem in recent times. Since April 2015 changes in legislation have allowed those over 55 years of age to access their pension fund.

Scammers have been targeting these people and persuading them to cash out of their pensions and place the money in unregulated/fraudulent investments with the promise of high returns.

Sometimes you may even be offered a cash incentive to transfer your pension. Beware - you will potentially face tax charges in excess of half your pension savings when transferring.

Protect yourself:

• Be wary of unsolicited calls, text messages or emails offering you a free pension review

• Do not make a decision based on a phone call from a salesperson

• Always seek independent advice from someone who is not associated with the company

• A genuine financial advisor will be registered with the Financial Conduct Authority.

• Click here

WHAT TO DO IF YOU GET SCAMMEDIf you have fallen victim to a scam, or you have been targeted by a scammer, it’s important to report this to the correct authorities. Your information may prove vital in helping the authorities to shut it down.

In the Metropolitan Police area all fraud should be reported to Action Fraud. You can do this either online at www.actionfraud.police.uk or by calling 0300 123 2040.

There are a few exceptions to the this rule. These are:

1. If the crime is in progress or about to be committed

2. If the crime involves a vulnerable victim

3. If the suspect is known or can be easily identified.

In these circumstances you should contact the police directly on 999 or 101

Pension Scams

20

Pension Scams

21

There is wealth of information out there about current scams, and horror stories about those who have been duped. Sometimes this can seem confusing, and it can be difficult to know how best to protect yourself. In summary you should follow these key rules to avoid being beaten by the scammers:

1) If an offer seems too good to be true, it usually is. There is no such thing as a legitimate get rich quick scheme. If this existed we would all be rich

2) Never agree to offers or deals immediately. Always obtain independent advice and conduct your own research before making a decision

3) Never give banking or personal details to people you do not know or trust

4) Never hand over money, or sign anything, until you have checked the credentials of the company or individual involved

5) Never send money to anyone you do not know or trust

6) Always look for independent and legal advice if an offer involves money or commitment

7) Avoid logging on to a website by clicking on a link provided in an email. Always search for the website directly

8) If you know of a scam, or have been targeted by scammers, report it at www.actionfraud.police.uk, or on 0300 1123 2040. Contact police if the suspect is still in the area

9) Never be embarrassed to report a scam. There is no shame in being the victim of a convincing scam. By reporting it you will ensure that the scammers do not win in the long run.

Summary

22

Action on Elder Abuse – a national charity working to prevent the abuse of vulnerable older adults.T: 020 8835 9280W: www.elderabuse.org.uk

Age UK – providing advice and support for people in later life.T: 0800 169 6565W: www.ageuk.org.uk

Citizens Advice Bureau – provides free, independent and confidential advice.T: 08444 111444W: www.citizensadvice.org.uk

Financial Conduct Authority – provides information on how to choose an approved and authorised financial advisor. T: 0845 606 1234W: www.fsa.gov.uk

Royal Mail Scam Mail HelplineT: 08456 113 413E: scam.mail@royalmail.comSend suspicious postal mail you have received to:Freepost Scam MailScam MailPO Box 797ExeterEX1 9UN

The Opt Out Service – allows you to opt out from receiving Door to Door unaddressed mail delivered by Royal Mail.T: 08457 950950E: optout@royalmail.com

Direct Marketing Association – manages the ‘Your Choice’ preference scheme which allows you to opt out from deliveries from other unaddressed mail distributors.E: yourchoice@dma.org.ukW: www.dma.org.uk

www.getsafeonline.org – for additional online safety information.

Other useful contacts and information

23

© By:design. 020 8753 3926 – 2016. 215.14.