Don't fall victim: tips to stay safe online

Don't fall victim: tips to stay safe online

As quickly as technology updates and evolves, the attempts by individuals and groups to commit online fraud for financial gain is also on the rise. And the mediums used by these criminals has increased too - now it can happen via work email, personal email, social media, text message, and still by good old-fashioned phone.

Recent figures published by Crowe UK show that fraud costs the global economy £3.89 trillion , and losses associated with fraud have risen by 56% in the past decade.

So let’s look at exactly what fraud is, and how to avoid the myriad of different scams circulating online:

What is fraud?

An Garda Síochána, Ireland’s police force, define fraud as an instance in which: “a person is financially cheated by another person.”

It can occur when an individual deceives another by inducing them to do something, or not do something, that results in a financial loss. It can also be committed either online, in person, or via correspondence.

The Gardaí identify six main types of fraud in Ireland:

  1.     Payment Card Fraud: involves the use of stolen or counterfeit payment cards to make direct purchases or cash withdrawals. It also includes the use of stolen card data to buy items over the phone or via the internet.

  2.     Invoice Redirection Fraud: the criminal pretends to be a supplier of goods or services that you already do business with and requests that the bank account details recorded for the legitimate supplier are changed on your financial system. The next time an invoice arrives from the legitimate supplier, the payment is sent to an account controlled by the criminal instead of the supplier.

  3.     CEO fraud: in this case, junior employees in the finance department of a company receive an email from a criminal purporting to be the CEO stating that an important deal or some other urgent matter is pending and that a substantial payment needs to be processed immediately.

  4.     Phishing: often via email. The email may appear to be from a reputable company however when one clicks on the email or attachment or link within the email, malicious software (malware) is downloaded onto a PC or other device allowing the criminal to track online activity and identify personal or financial information for fraudulent purposes.

  5.     Phone fraud (vishing/ smishing): when criminals are contacting you by phone (vishing) or by text (smishing) pretending to be your bank, credit card issuer, utility company or often a computer company. During the conversation they will try and trick you into giving personal, banking or security information.

  6. Advance Fee Fraud: when criminals are targeting victims to make advance or upfront payments for goods, services or financial gains that do not materialize. There are many types of advance fee fraud; such as rental fraud, ticket fraud, and even romance fraud.

How to avoid online fraud

When you spot something online that seems too good to be true, it just might be. Remember–if something seems “off,” walk away.

 

According to financial fraud action.org.uk, your bank, financial institutions, and even the police will never:

  •       Phone you to ask for your PIN number or your online banking password, even by tapping them into the telephone keypad

  •       Ask you to update your personal details by following a link in a text message

  •       Ask you to transfer money to a new account for fraud reasons

Similarly, CurrencyFair will never ask customers for their personal six-digit pin or password. Find out more on how we keep your accounts secure here.

How to check if a website is fake:

Wikihow has an easy list of the red flags to watch for on a website, such as:

    • Is there a small lock icon on the address bar?

    • Does the website has 'https' in the URL?

Having the letter HTTPS in a URL is a solid indicator that the website is secure and that if you enter any personal details, like your name, a password or payment details, it will be not only encrypted but protected from any parties using the site to intercept the data that is being entered.

However seeing HTTPS in the URL isn’t a 100% guarantee that the website owner isn’t the party who intends to take your personal details and use them to commit fraud.  Always independently verify the website you are entering personal and financial details is secure, even with HTTPS in the URL.

Is the company name in the URL?

Here is where people can easily be duped into believing a website is secure. URLs can be manipulated and parties with malicious intent can create very convincing duplications of existing websites and without closer inspection, you might miss the giveaways.  It can be as simple as adding a new character in the URL for example currency.fair.com or a different ending for example currencyfair.org.

Always check a website URL if the website looks strange with bad design or copy.

Is the site reliable?

Before you use a website and enter not only personal but financial details, first run a background check. Check independent review sites like TrustPilot, Which.co.uk, or TripAdvisor?  Are there active social media channels? Are the reviews legitimate?

Sometimes a simple Google search of the company name along with the words “scam”, “fraud” or “phishing” will produce articles and results that could show if you are at risk.

Is there bad grammar or misspelled words?

Is there contact information like an email address, office address and phone number on their website?

Are they financially regulated?

To operate in the financial markets in the European Union, banks and financial services providers are strictly regulated and any company offering financial services in any country, should be licensed and authorised by a legitimate national regulator.

CurrencyFair is regulated by the Central Bank of Ireland (as well as the Australian Securities and Investments Commission (ASIC) in Australia, the Monetary Authority of Singapore (MAS) in Singapore, and we are a licensed Money Service Operator in Hong Kong ) and we link directly to their website from our page on regulation. In this way, our customers know their money is in safe hands. For a more detailed look at sending money abroad securely, check out our guide: Sending money abroad: a guide to international money transfers.

Tips to protect your data online

Whatismyipaddress have compiled a comprehensive list of ways to protect your data online that includes often overlooked tips like:

      • Don't use public computers

      • Don’t use free Wi-FI

      • Review your social media accounts 

We created our guide to online safety that lists some red flags to watch for to stay safe online:

      • If you receive an email/text asking you to update payment details with a supplier (or anyone you send money to), always confirm with them directly that it is a legitimate request.

      • Changes in the language/tone of an email could be an indication of an attempt to impersonate someone you may know. Always be cautious.

      • “Out of the blue” requests to send money especially to strangers

      • Any changes, however small, to the requesters email address or style of communication.

      • Verify the identity of a contact by calling the relevant organisation/person directly, through online or other search. Do not use the contact details provided in the message sent to you.

      • Never send money or give credit card, online account details or copies of personal documents to anyone you don’t know or trust and never by email.

      • Be very careful about how much personal information you share on social network sites. Scammers can use your information to learn who you are, your interests and who you deal with, making it easier to craft an effective phishing attack.

Password and Device Security

It is important that you keep your password and devices as secure as possible. Be sure to update to the latest version of your operating system, anti-virus software and internet browser. This will keep your information and devices protected against the latest known security attacks.  If you suspect you are a victim of online fraud, change passwords across all platforms and social channels plus on any private or business accounts.

Whatismyipaddress recommends using not only a password manager but also two-factor authentication.

 

Read more tips on how to protect yourself online here

Read More

 

What to do if you think you have been a victim of online fraud?

If you have been a victim of online fraud, garda.ie has a list of immediate actions to take: the most important being, to report this to the local authority in charge of fraud in your country like an Ombudsman, the police, and other advisory boards.

This authorities can help track down the criminals responsible.

The Money Advice Service lists further steps to take if you have been a victim of online fraud:

      1. Protect yourself from further risks.

First contact your banking provider to let them know what has happened so they can cancel your cards and put a block on transactions from your account–even if you are not sure if you are at risk, sometimes details are stolen only to be used at a later date as the victim might have forgotten they experienced a strange text or email or in many cases, might be unaware that their personal information was stolen.

Look out for any unusual transactions on your bank account. Updating and creating stronger passwords across all your accounts (email, social or banks) is highly advised.

If you’ve used the same password across all accounts, ensure to change them to make each unique and stronger. As advised above, look into a password manager and two-factor authentication.

      1. Check if you can get your money back

If you’ve lost money due to online fraud, there are actions to take to recoup your losses but this is not guaranteed. Check with the bank or card issuer the fraud occurred with. According to moneyadviceservice.org, refunds can be delayed if the bank believes you have been negligent with your account details and put yourself at risk.

While it may seem that there are risks at every stage of being online or accessing online services, there are steps to take to ensure your personal details and money is safe at all times. Everyone has the right to not share these details by phone or email or to question someone seeking these details. Don’t act in haste and take the time to investigate the source when buying online or when you receive a suspicious message asking you to take action, share secure details, or personal information.

 

Useful links: