Cyberattack-ctw

Financial Scams and Cybersecurity

More and more fraudsters are exploiting the speed, convenience and anonymity of the Internet to commit a diverse range of criminal activities that know no borders, either physical or virtual. You must be vigilant and keep information as secure as possible.

Security alert:

Any communication purporting to come from us changing our account details must be ignored and you must contact us at once. Do not action the request.

Before sending us any funds electronically we suggest you telephone the person dealing with your matter to confirm our bank details. If that person states the details are to change then telephone our head office and ask to speak to a director. We may also telephone you to confirm your bank details before making any electronic payment over £5000.

Please remember that we will only accept payment from you. Any payment received from a third party without prior agreement may cause delay and increase costs.

There are several well-known types of threat:

Phishing

This is where a fraudster sends out emails at random often purporting to come from a genuine company operating on the Internet. Such emails usually claim the need for you to update or verify customer information via a link to a bogus website. This may then result in you giving up sensitive information. Because phishing is random it relies on chance and sometimes you might receive such an email purporting to come from a company you know which could reduce your suspicion. It is highly unlikely that any company will send you an email asking for sensitive information.

Vishing

This involves a fraudster telephoning and claiming to be from your bank. If this happens they may already have obtained details about some of your transactions and may, therefore, sound genuine. The bank will never telephone and ask for information that would allow access to your bank account. If any attempt is made you should report it to your bank.

Trojan

This is a type of computer virus that can be installed on your computer without you realising. It is often installed after you have clicked a link in an email to a malicious website. Such emails will often contain a seemingly harmless subject such as a joke, greetings card or a current ‘hot’ topic. The Trojan can then potentially control what appears on your screen and may, therefore, trick you into disclosing confidential information. You should treat all emails as potentially malicious. If you receive an email with an unexpected attachment then treat it with suspicion until the sender can confirm that they have sent you the attachment. If such an attachment is opened and contains anything that is unexpected then your computer should be checked.

Spyware

This is software that could be installed on your computer via a Trojan or even as part of another application in order to monitor activity on your machine and report back to the fraudster. This type of software enables your keyboard activity to be monitored by which sensitive information could be obtained.

The general approach should be, therefore, to be careful about what you disclose over the telephone. Merely because somebody calls you and seems to know about you it does not mean that they are genuine. Also be careful about what attachments you open. You need to be confident that they are genuine attachments before they are opened. If in doubt don’t open it.

Here are a few tips to keep your information confidential and secure.

You should always ensure:
  • Any caller is who they actually say they are. You will never be contacted by a bank asking you to transfer money to another account.
  • You disconnect the line after an unexpected call by calling someone else first from the same line or using a different phone.
  • Always call a phone number you know and have used before or one you have got from a trusted website, bank statement or hard communication from us.
  • That a website is secure before you enter any account or card details. Make sure the web address has ‘https’ at the start and the padlock or unbroken key icon at the top of the page next to the address bar.
Never tell somebody or give:
  • Your personal or security information on the telephone or on a website you have clicked to from a link in an email or text.
  • Your card PIN, security codes and passwords or security information with anyone who contacts you. If a caller does ask for this information, end the call.
  • Never enter your card PIN number into a telephone. It’s not secure and doesn’t keep it secret from the caller.
Act with care:
  • When clicking on links or downloading attachments from unsolicited emails or texts.
  • Keep your internet security software up to date, and run regular scans and system updates.
  • Treat all unsolicited calls and emails with caution. Remember, banks and police will never contact you to ask you to transfer funds.