Cyber crime costs are estimated to be up to 27 billion a year in the UK, with both individuals and businesses being hit by cyber criminals. The way in which criminals are accessing funds is evolving, and now there is Phishing, Vishing and SMishing. Here we look at how you can protect yourself against cyber crime.
Phishing is typically carried out by a spoof email which is almost identical to a legitimate one, and directs users to enter details into a fake website (which also looks and feels like the legitimate site). Popular phishing scams include spoof emails from your bank, eBay, PayPal and HMRC.
Things to look out for:
- Sender email - does it sound familiar or is it just trying to mimic the correct email?
- Subject line - often phishing emails contain subjects which scare readers into action or offer something desirable. E.g. phishing emails that mimic PayPal may suggest your account is blocked, and emails pretending to be from the HMRC may offer you a tax rebate.
- Your name - beware of emails which have no name on them or start with generic terms such as ‘Dear Sir’. A genuine company should have your name.
- Check the language - is the body of the email riddled with spelling mistakes and bad grammar? Many phishing emails originate outside of the UK and are written in poor English.
- Is there a hyperlink attached? If there is an attachment/web link within the message – and the email impresses the importance of clicking the link - don’t click it. If you are suspicious, visit the website directly and log into your account as normal rather than clicking on the link.
Vishing is when criminals try to obtain your personal details by phone. Criminals can then go on to use this personal information to commit cyber crime, e.g. they might phone you and ask for your banking login details and then access the funds in your online banking account.
SMiShing is similar to email phishing, except this happens via text message. You might receive a text that appears to come from your bank or building society asking you to provide personal information. This information can then be used to access your bank account. These texts can also trick victims into downloading a Trojan Horse or other malware onto their phone/device. Trojans can be used by cyber criminals to gain access to your data.
How to avoid Vishing and SMishing
- Never reveal personal data or financial data including usernames, passwords, PINS or ID numbers over the phone, via text or in an email. A bank, building society or other reputable organisation will never ask you for this information.
- Do not open attachments or web links in emails or in text messages from an unknown source.