COMMENT: Bank scammers steal £1m a day
In light of the news today that the UK’s fraud epidemic is growing at an alarming pace, with bank scammers stealing £1m a day, please see below for comment from David Emm, Principal Security Researcher at Kaspersky Lab.
“These figures are indeed shocking, and demonstrate the potential threat that innocent people face every day. Social engineering and deceptive tactics used by cybercriminals remain amongst the most effective when it comes to successfully scamming people, and posing as banks continues to be an lucrative method for threat actors, since financial institutions are seen to be reliable and trustworthy. Despite the repeated awareness-raising campaigns, and the number of stories of this nature hitting the headlines, people remain dangerously unaware and unprepared to defend against scams of this nature. Cybercriminals will continuously develop their tactics to stay one step ahead of the authorities. That said, it is vital that more is done by organisations in the sector. Banks themselves should regularly review their procedures and examine possible vulnerabilities, to combat this epidemic before more people are affected.”
David recommends the following steps to defend against scammers:
• Never give away their card information over the phone. No legitimate company would ask this of anyone. Don’t disclose any information to people you have no reason to trust. Even if you think the caller is from a legitimate company, contact the company using a number you know is legitimate and query the call.
• Never respond to any unsolicited message or click on attachments or links: most spammers verify receipt and log responses. The more you respond, the more spam you’re likely to receive.
• If an offer seems too good to be true, it probably is. So you’d better avoid it.
• Carefully look at the address bar before entering any sensitive information such as your login and password. If something is wrong with the URL (it’s misspelled, doesn’t look like the original or uses some special symbols instead of letters), don’t enter anything on such sites. Always navigate to a site by entering the URL yourself, or choosing from your list of bookmarks or favourites – rather than clicking on a link.
• Don’t click on links coming from unknown sources (be it in e-mails, messengers or social networks). This is a repeat of the second bullet.
• Protect all devices with comprehensive Internet security software.
• Update your operating system and all applications as soon as updates become available.