Three types of fraud, and how to protect yourself from them NuData Security – UK
It is fraud awareness month, and needless to say, fraud is big business in the UK and globally. Fraud remains an area of criminal activity that is in constant flux, with fraudsters developing and adapting their schemes constantly to maximise profit, minimise risk and avoid detection. A study conducted by the Centre for Counter-Fraud Studies at the University of Portsmouth suggested fraud costs the UK £193 billion annually. Fraud can have devastating consequences for both individuals and companies, as demonstrated below.
Identity fraud One of the most well-known and varied types of fraud is identity fraud (or theft). This type of cybercrime happens when a fraudster gains enough personal information about an individual to convince organisations they are the assumed identity. Stealing genuine credentials, or faking them, has been used to take out loans, overdrafts or mortgages, open bank accounts and even apply for genuine documents such as a passport or driver’s license. There have been many recorded instances of identity fraud taking place with credentials belonging to deceased persons. The case of Adrian Richards is an example of the dire consequences fraud can have on an individual’s finances. Following the theft of his passport in 2003, Mr. Richards received a court order from Germany for an unpaid tax bill of £130,000. The size of the bill meant Mr. Richards credit rating was affected, and the dispute cost him thousands in legal fees, both in the United Kingdom and in Germany. Experts at CIFAS, a British fraud database, described it as one of the worst cases of identity theft they have encountered, with the criminals able to extend the passport’s expiry date to keep committing fraudulent activity.
Online fraud With the advent and increasing popularity of internet banking, money management, and shopping, fraudsters have become ever-more sophisticated in targeting people online. There is a multitude of ways that fraudsters can do so. For example, the UK Police fraud website lists over 20 known scams associated with the internet. These vary from account takeover to more specific and complex methods such as domain name fraud, and internet auction fraud. Feezan Hameed, from Glasgow, committed the highest profile example of an online scam in recent years. He posed as a bank security professional to gain access to the online banking systems of over 700 businesses, stealing £113 million. After obtaining access to the accounts, Hameed and his accomplices transferred the stolen money through a series of dummy bank accounts before eventually withdrawing the stolen funds from ATMs.
Mobile phone and SIM card fraud There are various ways in which the mobile phone industry is vulnerable to fraud. Again, criminals display a high level of tenacity and creativity in exploiting mobile phones for their illicit purposes. At the simpler end of the spectrum, you’ll find ‘missed call’ scams, whereby someone sees a missed call on their call log, returns the call, and is charged an extortionate amount of money for the privilege. However, SIM card fraud is more sophisticated and presents a myriad of potential vulnerabilities. One such common vulnerability is that fraudsters can use an old bank statement, coupled with details about an individual’s personal life gained from human interaction or social media, to convince the mobile service provider to switch the SIM card to their device. Once the card is reassigned, they can then receive texts and notifications from the bank on their device, thereby gaining full access to personal accounts. There are examples of people losing thousands to this scam, with one unlucky customer having a £8,000 loan applied for in his name.
Top tips for protecting yourself from fraud As the sophistication of fraud across all industries grows, it is all the more important that businesses and individuals alike make sure that they follow a few simple rules that will help to keep the cyber-wolves from the door!
- Think and verify before giving out any personal information: You should always ask to see the credentials of anyone who is asking for your personal information. Be extremely cautious when giving out any personal information.
- Don’t be reeled in by phishing: Most fraudsters will first try to contact you with an email pretending to be from your bank or financial institution. Be wary of any emails received from these sources as it is highly unlikely any bank will contact you via email. Do your research or pick up the phone and call them directly.
- Don’t ignore the signs: If you get word that you have purchased goods or services that you did not, take immediate action. Leaving the problem will only make it harder to solve later, and give the fraudster more time to do more damage.
- Do not open suspicious texts, pop-up windows or emails – delete them: If unsure, always play on the side of caution. Verify the source, without using the contact details provided in the message sent.
- Avoid using public Wi-Fi for financial transactions or sensitive emailing: Hackers can intercept a public unsecured connection and gain access to your network. Use a VPN network (virtual private network) that encrypts the data, and enable the “Always use HTTPS” option on sites you regularly visit. Turn your Wi-Fi off when it isn’t needed.
- Anti-Virus is vital: Keeping an up-to-date antivirus system creates an extra layer of protection for you and an additional layer of difficulty for potential intruders.
- Let the experts help: Although fraud can appear to be a terrifyingly complex and multifaceted issue, there is a wealth of information about organisations trained and willing to help. The Police’s ActionFraud website, CIFAS, and the NCA can provide up-to-date, helpful information if you think you may have been the victim of fraud.
— Want to read more posts like this? See our full blog here.