AB Thinks  →  19th October 2016

Digital diligence needed

Nathan Flynn

We keep our money in banks to guard it from thieves, and we lock our windows and doors to prevent burglaries. So why do we keep handing cyber criminals all the information they need to ruin our lives?

Lack of information is partly to blame, as well as the thought that ‘it will never happen to me’. Despite the fact that this is one of the most cowardly types of theft, it seems to be one of the most effective.

So, what can you do to keep your digital experience safe?

Domain names

Can you spot the fakes?

google.com vs goog1e.com

bankofamerica.com vs bank0famerica.com

facebook.com vs www.facebo0k.com

Make sure you’re at the correct website, as it’s far too easy to fake a website. Criminals often send their victims to a fake version that looks exactly like the real site. When you enter your log-in details, they grab this information but then log you into the real site to avoid any suspicion of malicious activity.

Also, ensure the domain comes immediately before the .com, .co.uk, .uk, etc. So, store.facebook.com is real, but facebook.store.com is fake.

Email

An attacker may send you an email relating to your business, such as an HMRC announcement, or a chance to meet local suppliers. Once you click on the link, it’s game on. They’ll monitor your emails going back and forward, sometimes for months, until they have enough information. The attacker constructs an email using the same grammar, jokes and such as one of your contacts and even use a similar email address to come up with something like:

Hi Mike,

Hope you had a good holiday. Concerning the invoice for the order we shipped yesterday, we’ve changed our bank account; below are our new details…

Whatever you do, don’t send any money to the new, fake bank account. However, I’ve seen it done before on a £250,000 transaction!

And always make sure you triple check the email address:

nathan@technology.com vs nathan@teknology.com

accounts@technology.com vs acounts@technology.com

payroll@technology.com vs payro11@technology.com

Text messages

If you don’t know who a text message is from, don’t reply to it – no matter how innocent it may seem or how much of a heart-wrenching story it tells. Otherwise, your phone can be controlled, threatening access to your bank account and other confidential information. This technique is known as ‘sim-swap fraud ’ and is a growing problem.

Public wi-fi

Public wi-fi allows you to connect to the internet without using your mobile data. But this ‘free’ service can come at a cost. You run the risk of allowing a hacker to access your social media accounts, emails, bank accounts, holiday pics, the lot. All this while they’re sitting opposite you in a cafЬЉ.