Scam Telephone Calls (Vishing)

Scam Telephone Calls (Vishing)

Welcome to my 2nd blog in this series. There have been a number of more national headlines since my last post:

Phone scam refers to fraud over the phone – or vishing – is when a fraudster calls claiming they’re from your bank or another trusted organisation, often under the pretence that there has been fraud on your account. They can fake the telephone number they use, to make it look like your bank is calling. They will often have researched basic information about you before they call too. This can make them seem convincing. If this was not bad enough, with emerging technology, it looks as though criminals are now also starting to impersonate people’s voices and the person you may be talking to on the phone may not be the the person you think you are speaking to!

Remember though, a genuine bank will never ask you for personal financial details (like your PIN number) or full banking password (even by typing it into your phone keypad), or ask you to transfer money directly to them.

Fraudsters may phone you out of the blue and claim to be from the bank, police, or other reputable organisations, in an attempt to obtain your personal information and banking details.

Fraudsters may even try to trick you into allowing them access to your computer to steal your money.

Regardless of how professional or convincing a caller sounds, remember the bank, police or other trusted organisations will never contact you by any means to:

  • Ask for your financial information or your full security details.
  • Ask you to provide your PIN code or requests to collect your bank card from your home address.
  • Ask you to provide a verification code or token code.
  • Ask you to move your money to a new or ‘safe’ account.

How to protect yourself from telephone scams

  • Always be wary of unexpected cold calls. Say no to requests for information and don’t be afraid to terminate the call.
  • Never respond to callers who ask you to confirm your PIN, verification codes or token codes, or to request to collect your bank card from your home address. Banks will never ask you to do this.
  • Never respond to a request to transfer your funds to another bank, even if the caller advises you that you need to urgently move your money to a ‘safe’ bank account. Again, banks will never ask you to do this.
  • Never respond to a caller who asks you to log on to online banking or a request that allows them remote access to your computer.
  • Don’t assume a call is genuine because they know personal details about you or by the caller ID information. Fraudsters can copy the telephone number of an organisation and make it appear on the caller ID display.
  • If you want to validate a phone call use contact details obtained from a reliable source.

Always stop and think – is this a genuine call? Take Five to stop fraud:

  1. Be absolutely certain who you’re speaking to. A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by. Before you share anything with anyone, stop. Then pause to consider what you’re being asked for and question why they need it. Unless you’re 100% sure who you’re talking to, don’t disclose any personal or financial details.
  2. Don’t assume an email, text or phone call is authentic. Even if someone seems to know your basic details, it doesn’t mean they’re genuine. In an attempt to gain your trust, fraudsters may claim you’ve been a victim of fraud. They often do this to get you talking, then try and persuade you into giving them your security details.
  3. Don’t be rushed, or pressured, into making a decision. No genuine bank or trusted organisation will, under any circumstances, force you to make a financial transaction on the spot. Neither would they ask you to transfer money into another account for reasons relating to fraud. If you’re asked to do this, then stop and consider what they are asking you.
  4. Listen to your instincts. Does a situation feel wrong or strange? If so, it’s usually right to question it. Fraudsters will try to manipulate you: they’ll try and lull you into a false sense of security when out and about, or rely on your defences being down when you’re at home. They’ll try to appear trustworthy, but they may not be what they appear.
  5. Stay in control. Be confident. It’s always okay to stop a conversation. You can always refuse unusual requests for personal or financial information.

Common fraud threats and how to avoid them

In the recent past we have seen national and international headline reports of large corporate organisations falling victim to Ransomware attacks, where malicious software encrypts data on the user computer system and network infrastructure:

In this short series of posts we will look at some common threats, how they work and what to look out for to help protect yourself from falling victim to fraud.

Some of the common techniques fraudsters attempt to use to trick you into giving away your personal information, banking details or even access to your computer include:

  1. Scam emails, texts or social media messages (aka Phishing and Malware)
  2. Scam Telephone Calls
  3. Computer Software Scams
  4. Investment Scams
  5. Pension Scams
  6. Romance Fraud Scams
  7. Invoice Re-direction Scams
  8. PPI Refund Scams
  9. Money Mule Scams

In this first post we will examine what is probably the most prolific scam technique – Scam Emails.

Scam Emails

Scam messages can be very convincing and are popular with fraudsters. Fraudsters will deliberately mimic the contact details of the Bank, Police, Customers, Suppliers – especially large organisations, like utility companies, that have a very large customer base and other trusted companies to hide their true identity.

Scam messages will often imply a sense of urgency encouraging you to act fast, e.g. to call a phone number included in a text message to stop a fraud payment or include a request for personal information, or banking details such as password or security credentials.

Scam messages can lead to you speaking to fraudsters. They may try to trick you into providing account security such as; verification codes or token codes to move money out of your account without you realising. Remember banks will never ask you to provide verification codes or token codes over the phone.

Some scam messages will contain links or attachments which, if accessed, will take you to a fake website that prompts you for your online banking details. The fraudsters then use your details to access your account(s) and steal your money.

Accessing fake websites or opening attachments in scam messages may install malware, a type of malicious software. This steals information and can be so sophisticated that it can work in the background to encrypt your data or even to move your money, or trick you into believing that you’ve been unsuccessful in logging onto your online banking page and prompts you to re-enter your security details, which the fraudster captures.

How to protect yourself from scam emails, texts and social media messages

  • If you are in any doubt that a message may not be genuine stop and do not respond. Instead, call the bank, company or the appropriate organisation using a trusted number, one that you may have used in the past or one you can obtain from another trusted source.
  • Be vigilant to any out of the blue message requests from family members, friends or work colleagues, which involve you transferring money to them. It’s always best to check the message first by speaking to the person direct before deciding to part with any money.
  • Never respond to an unexpected message from an unknown source. Always avoid clicking on links or opening attachments contained in messages. Never log into any online accounts through a link in a message especially those from an untrusted source.
  • Ensure you use strong passwords and lock your devices when not in use. Keep your anti-virus software up to date and always complete security and software updates when promoted. This can protect you from viruses contained in links and messages.
  • Be vigilant and alert to requests to re-enter your security credentials or any unusual screens, when online. These could be an indication of malware.
  • When making a purchase online or inputting personal details on a website, always make sure it’s secure. Look for a padlock symbol in your browser, usually next to the web address and check that the web address starts with ‘https’ rather than just ‘http’. This tells you that it’s a secure site.
  • If you want to check that an email, text or social media message received is genuine, use contact details obtained from a reliable source.
  • To help stop SPAM texts forward the text to 7726. For further advice on nuisance calls and messages visit the OFTEL website.

Be vigilant, keep safe and happy surfing.

Don’t be the next Victim

As everyone is continually bombarded with phishing emails, we are all at risk. We may think we can spot these rouge messages, the inescapable fact is that enough people do fall for them to keep the perpetrator incentivised and to look for new ways to fool us.

So, it’s always worthwhile to be better prepared. I came across an article that describes the tactics and psychology used in these ransomware emails. It is well worth the few minutes it takes to read and may possibly help you and your colleagues to avoid much grief and cost in the future.

Now, asking you to click on the link to the article is exactly the opposite to what I and safe practices advise. So, if you trust me and this post enough, you can click on this link. Alternatively, you can Google the text between the quotes (without the quotes): “carbonite.com Tricks of the trade: Phishing emails behind notorious ransom ware scams”

Be vigilant and safe. Make sure staff, colleagues and friends don’t fall for their tricks.

Windows 10 Upgrade – Should I?

At the moment, Microsoft is pushing the Windows 10 upgrade quite aggressively. So, here is some information I have put together to help you make an informed decision.

Please note that this issue affects all computers and laptops with Windows 7 and Windows 8 operating system. If you are not sure which version of Windows you have on your computer system then click here to find out how you can check.

If you are thinking of upgrading to Windows 10 then you should consider doing this before July 29 at which point Microsoft say it will no longer be available as a free upgrade. The purchase price is speculated to be between £100 for the home and £190 for the professional version.

If you DO NOT want your system to be upgraded to Windows 10 automatically, without your consent, then you can download and run this small program (download Never10 program) that will stop this from happening.

If you have a Samsung PC or other hardware, then you may want to read this article on The Register website before upgrading. Samsung have also produced a Step by Step Guide for their customers.

If you are still not sure what you should do, then maybe these two short videos on Youtube may help you decide:

 5 Reasons to Upgrade
 5 Reasons NOT to Upgrade

If your system has already been upgraded to Windows 10 and you really want to go back to your previous operating system then you have one month from the time you system was upgraded. To reverse the upgrade process follow the instructions on Microsoft’s website.

Welcome to KnowIT

Here we aim to provide you with IT specific articles that we hope you will find informative, helpful and practical. We will aim each post to be succinct and targeted at a single specific topic. Tell us what you think, any topics you would like us to cover and just as importantly, how we can improve any future posts.