Unsure of how to protect yourselves from online criminals? Here’s 10 tips from the experts - and “The Boss” himself.
1. Don’t take the phishing bait: Phishing is mainly where fraudsters hope you will respond to bogus emails from the likes of banks and tax offices asking for sensitive information.
Latest figures from Action Fraud, the lead policing agency for fighting cyber crime, suggest at least 8,000 people a year fall victim to the nationwide scam.
As a spokesman for Action Fraud insists: “Remember that banks and financial institutions will not send you an email asking you to click on a link and confirm your bank details.”
Instead, contact your bank either by telephone or by searching for its website through a trusted search engine or previous correspondence.
2. Address your home security: Many businesses start from studies or kitchen tables, with home addresses doubling as their firm’s registered addresses.
Not so many businesses get around to changing these registered addresses if they are fortunate enough to expand to premises elsewhere.
Allowing fraudsters to easily access your home address online is one less barrier between them and your money.
3. Disguise your passwords: We all lead busy lives, so it is all too easy to make our passwords all too easy to remember - and to crack.
Avoid the temptation to use family birthdays, ascending or descending sequences of numbers, family or pet names or passwords associated with your favourite sporting team.
As Detective Sergeant Martin Wilson, of the combined North-East cyber-crime unit, said: “If you are from Sunderland then safc1973 is a common password because that is when they last won the FA Cup. In a similar vein, if Newcastle is your team then something like Shearer9 is popular.”
Experts suggest using the first letter from each word in a memorable movie line or favourite song.
Therefore Bruce “The Boss” Springsteen’s “Tramps like us, baby we were born to run”, the example quoted by safety experts Get Safe Online, becomes a more unfathomable “tlubwwbtr”.
4. Take and pass the social media test: In a similar vein, ask someone you are not friends with on Facebook to tell you how much information they can build up from your public profile.
Is your date of birth - another potential password giveaway - freely visible at the top of your home page?
Getting back to football own goals, are you beaming happily in your favourite team’s latest kit?
What other information have you also inadvertently given away in your posts?
For instance, for all you are proud of your children, does a message naming one of them on their birthday offer simple clues as to one or more of your passwords?
5. Add additional layers of banking security to protect your accounts: Sign-up to services such as Verified by Visa or MasterCard Secure Code whenever you are given the option while shopping online.
This involves you registering a password with your card company and adds an extra layer of protection to online transactions with signed-up retailers.
If fraudsters have one additional code to crack then they are highly likely to turn their attentions to accounts which don’t.
6. Install and update anti-virus software while backing up vital files: The first is off-putting, as it is potentially an extra bill, while the second always seems to flash up while you are in the middle of something you should have finished yesterday.
The alternative, however, can be even more expensive.
Those updates are usually to counter emerging hacking trends, with owners usually able to install them automatically through altering their settings rather than waiting to be asked at an inconvenient moment.
Pc Ian Turnbull, from the Cleveland Police cyber-crime team, said: “I would urge people to use strong passwords, to install anti-virus software and keep all software up to date.
“It’s definitely worth the effort and expense to invest in anti-virus software, because the cost of not being protected - both in terms of financial loss and emotional impact - could be huge.”
As for the third, ensure important files are copied to external hard drives or memory sticks in case your computer is hacked.
7. Prove you are just the business: So how do you know that a business will digitally store your personal details securely?
The Government-backed Cyber Essentials scheme is similar to the Kitemark industry benchmark in that it shows firms have met set online safety standards.
Five tests cover areas such as boundary firewalls, malware protection and updating software or “patch management” practices.
Certificates are approved by registered accreditation bodies and cost at least £300 depending on the level of cover your business requires.
Advantages for larger firms include the right to bid for government contracts and further details are available from https://www.cyberaware.gov.uk/cyberessentials/.
8. Beware the “good” old-fashioned telephone call: So much communication is carried out via text or email these days that a sudden telephone call from a “Microsoft” engineer may seem genuinely alarming.
Usually the caller will claim that your computer is infected by a virus, pass you on to a “superior” as proof of how important both the call and you are, before they ask for your computer’s address so they can take it over and begin searching for private information.
Depending on the particular scam, they may ask you for password details so they can download malware or ask for a small payment up front to cover their work before emptying your account while keeping you on the line.
But Microsoft or other household names in the computer industry do not make unsolicited calls in this way, and the callers are usually chancers in a far-off land who have obtained your phone number through online data sellers.
Hugh Milward, director, corporate, external and legal affairs for Microsoft UK, said: “We’d also like to reassure all users of Microsoft software that we will never cold call you out of the blue.”
Simply put the phone down and, if you have downloaded software or disclosed bank details, contact reputable computer engineers, Action Fraud, your bank or Microsoft via its website at www.microsoft.com/en-gb.
9. Fraud breeds fraud: If you are unfortunate enough to be scammed then don’t expect the agony to end there.
Fraudsters will either sell your details on to other criminals or be brazen enough to contact you again in a different guise by pretending to be a lawyer or a fraud recovery officer.
Tell-tale signs? A fee up front, of course, or communication via web-based email accounts such as hotmail or yahoo.
An Action Fraud spokesman warns: “Genuine government or law enforcement agencies and law firms don’t use webmail.”
10. Don’t panic: If you have fallen victim to one of the above or other scams then don’t beat yourself up over it.
You are not the first to suffer and, depending on your account, it’s highly likely your bank will cover some or all your losses.
The sooner you also contact them the quicker you and they can minimise any theft.
Immediately changing passwords will also deter further breaches.
You should also report any crime to Action Fraud, the UK’s national fraud and cyber-crime reporting centre, HERE or by telephoning (0300) 1232040.
Detailed preventative advice is available from government-backed Get Safe Online HERE.