Tech savvy Brits might like to think they’re too smart to be fooled by online scams, but cyber security experts have revealed that most of us are a lot more vulnerable than we think.
According to the Take Five Campaign only nine per cent of people can accurately spot scams online, while Which? says that more than five million scams cost victims in excess of £9 billion each year.
Ajit Patel, founder of cyber security organisation Siccura, which has just launched a new app called Siccura Safemail that helps keep all email communication secure, told Femail that spotting danger is a lot harder than you think.
‘Data theft and online fraud have become more sophisticated, and depressingly familiar,’ he explained.
‘Automated Push Payment scams are also on the rise, where criminals hack and clone people’s emails and then con them into making what they believe are genuine payments – for example to plumbers or builders for work done.
‘Unfortunately, malware protection software doesn’t help much, because they rely on tricking the user, so it’s vital that people learn to be more vigilant and ensure they are taking appropriate steps to protect themselves.’
Here are the nine steps you need to ensure you don’t fall victim to a scam.
You might like to think you’re pretty tech savvy but the increasing sophistication of online fraud makes it harder to spot than ever (stock image)
1. Encrypt your email
Email encryption isn’t just for businesses or tech geeks. Email encryption is a powerful way to keep your personal data safe, transforming sensitive data into unbreakable code. Even if someone manages to access your data with new encryption technology, the content they find will be completely undecipherable.
2. Back up your data
It might sound basic but backing up your emails is often overlooked. It makes sense to create a duplicate copy of your emails so that if a device is lost, stolen, or compromised, you still have all the information that’s important to you.
3. Use passphrases rather than passwords
Most people know not to use the same password for different online accounts and are aware that passwords linked to personal details such as birthdays or addresses are easier to hack. Try using a longer ‘passphrase’ to make use of every character in a password and base this on a favourite song lyric, quote from a book, magazine, or film so it’s easy to remember.
4. Find out who is using your data
GDPR has made this easier to find out and you now have the right to ask any company what data they hold on you or to stop them email you unwanted messages in your inbox.
Setting a passcode to lock your phone is crucial to ensure your data is protected in case your device is stolen or gets lost (stock image)
5. Don’t share too much information
Take a minute to stop and think about the data you are sharing before you share it. If you’re at all concerned about the source of an email check it’s authenticity, for example give your bank a ring to see if an email is really from them.
The scale of cyber crime in the UK
Banks logged 34,128 cases of push payment fraud in the year to July – a rate of almost 200 a day. Just £31million of the stolen £145million was returned to customers, according to trade body UK Finance.
Around a quarter of the total losses – £36.6million – was a result of impersonation fraud. This is where crooks pose as companies people trust such as their bank, solicitor, telecoms provider, HMRC or the police. Victims are then convinced to transfer their money into another account under the guise of keeping it safe. They almost never see it again.
Others are tricked into making payments to criminals posing as conveyancing solicitors, builders and other tradespeople.
Unauthorised fraud losses, where crooks have hacked into your account or used your bank card without your knowledge, are down slightly at £358million for the first six months of 2018.
In these cases victims are typically refunded unless they have been negligent with their password or PIN.
6. Learn to identify suspect links
This is actually much harder than you think given the sophistication of phishing scams. Website and emails can look really legitimate and from recognisable sources such as banks or government departments and it can often be quite difficult to tell the difference.
If in doubt, don’t open anything and before disclosing any personal information make sure you know who you are dealing with. You can often spot a fake link by checking the URL address of a link – secure sites will begin with https://, while many phishing fakes will often just have http://, with no ‘s’.
7. Lock your smart phone and tablet devices
It’s so easy to have a mishap, to leave your phone somewhere, lose it or have it stolen. Locking your phone is the first line of defence and means if it winds up in the wrong set of hands there is a layer of defence. When your phone is locked a thief must first crack your password to get to your data.
8. Check when you last logged in
Most email platforms, offer a function where you can track when and where you last logged in. This information can usually be found in the ‘account’ or ‘settings’ function and makes it easy to spot if there has been any suspicious activity on your account.
Many will also let you set up two factor authentication, meaning that when you try and login from a new device, you will need to provide a unique code (usually sent as an SMS to your phone) as well as your password.
9. Keep it simple
When looking at tech to encrypt your emails it’s really important to try and keep it simple otherwise you’ll end up getting bogged down. Cyber security solutions for personal data have marched on and a new approach is now available that focuses on securing and encrypting all data at its source, using just one lock and key. This means that even if someone gains access to your data they are unable to read it and find it completely meaningless.