Tag: #fraud

Cybercrime is the number one threat when it comes to financial crime in Ireland

Hacking, phishing, online scams, and other variations of cybercrime are thought to be the most prevalent financial crimes in Ireland, as found in a new survey by the Compliance Institute, which polled 230 compliance professionals working primarily in Irish financial services organisations nationwide.

When asked what they consider to be the most prevalent financial crime in Ireland, respondents to the Compliance Institute Financial Crime answered as follows:

  • Cybercrime (hacking, phishing, online scams)                                                      34%
  • Tax evasion                                                                                                                    21%
  • Fraud                                                                                                                               21%
  • Money laundering                                                                                                         19%
  • Bribery and corruption                                                                                                  4%
  • Insider trading                                                                                                                 1%

Michael Kavanagh, CEO of the Compliance Institute commented on the findings:

While financial crimes from tax evasion to insider trading could be classed as the “traditional” criminal pursuits, cybercrime is more new-age and is developing and advancing at a pace so fast that organisations and legislators cannot keep up.

From the mid-term review of the 2019-2024 Cyber Security Strategy launched in the middle of 2023, we learned of the Government’s plans to create a national anti-ransomware organisation and offer cash subsidies to small businesses to help fight cybersecurity threats. The timelines for this are unclear, but there’s no doubt that the move would be laudable and welcomed with open arms by many businesses that continue to be plagued by ransomware attacks.

These attacks can have catastrophic consequences not just for those whom they are perpetrated against, but for the wider public. We only have to look at the devastation that was caused to patients following the 2021 hacking of the HSE to understand the severity of the crimes”.

Fraud

Mr. Kavanagh continued, “Banking & Payments Federation Ireland (BPFI) stats show fraudsters stole nearly €85 million (€84.6m) through frauds and scams in 2022, an increase of 8.8% on 2021. As a New Year commences, there’s a real concern that we will see an uptick in these figures”.

Mr. Kavanagh concluded,

“Ireland is now Europe’s largest data hosting cluster, putting the need for elevated cybercrime and data protection systems into sharp focus.

Regulators in Ireland, and around the world, are constantly updating and issuing new guidance to firms in response to emerging cyber security issues, such as fake documentation and the reliability of information sources.

Regulators need to ask themselves how they can regulate and supervise without stifling innovation. Businesses and organisations need to ask how can they best prepare and respond, and the general public also needs to know what measures they can take to protect themselves”

Consumers warned to be wary for Black Friday fraud – Bank of Ireland

Bank of Ireland is warning consumers to be especially vigilant for fraud as Black Friday and Cyber Monday approach.

Black Friday and Cyber Monday are key online shopping dates for many consumers, which also means fraudsters will be stepping up their activity. Bank of Ireland customers spent 54% more online during Black Friday last year compared to a standard Friday, with clothing (+104%) and electrical goods (+100%) seeing the largest increase.

For those shopping online this Black Friday or Cyber Monday, Bank of Ireland is providing tips to stay safe.

Black Friday / Cyber Monday tips:

 

  • Be careful with links in emails and texts – Fake links can lead to fake websites where you may be asked to share your personal banking details including activation codes.

Do not share your banking details, including your full online banking PIN, or other personal information.

  • Think before you click – make sure you double check website addresses for anything unusual.
  • Use trusted websites – check that the ‘https’ and the lock symbol is displayed. Exercise caution with Pop ups on your social media feed (fraudsters can pay to have their ads in front of you).
  • On a mobile device use trusted apps – it can be difficult to see the full web address on mobile if you are using a web browser so instead stick with trusted apps.
  • Use up to date anti-virus software on your computer – this will help protect it against malware.

Nicola Sadlier, Head of Fraud, Bank of Ireland said: “We are already starting to hear about Black Friday and Cyber Monday deals, but shoppers need to be extra vigilant for fraud. Fraudsters like to inject an element of urgency into their offers or fake adverts, but don’t rush a transaction without checking things properly first. Verify if websites and apps are legitimate and be extremely careful with online adverts, texts or e-mails. Remember, if something sounds too good to be true, it’s probably fraud.”

To coincide with the busy pre-Christmas shopping period, Bank of Ireland has launched a new national fraud advertising campaign, reminding customers to Stop, Think and Check. The Bank is publishing a series of ‘True Crime’ videos with renowned cyberpsychologist Professor Mary Aiken providing insights and tips to help people protect themselves.  Visit Security Zone – Bank of Ireland Group Website

82% of the population are targeted by fraudsters at least once per month – Bank of Ireland

In the wake of a new wave of impersonation scams, Bank of Ireland is warning customers to be extra vigilant in their interactions with businesses online, and when responding to unsolicited or unexpected texts, emails or phone calls.

The current spike in fraudulent activity has occurred as Bank of Ireland launches a major national fraud awareness campaign to warn customers of the prevalence of fraud, with 96% of consumers believing they will be targeted in the next six months, and 82% saying they are targeted at least once per month.

The most common forms of impersonation fraud involve people receiving calls, texts or emails from fraudsters posing as a parcel delivery company (80%), a road toll provider (55%) or their bank (49%).

Nicola Sadlier, Head of Fraud, Bank of Ireland said:  “Unfortunately, fraud and cybercrime have become part of people’s everyday lives.  Our research conducted by Red C* shows this, with 82% of people saying they are targeted by fraudsters at least once per month, and 36% as frequently as once per week.  Most people who have been a victim of fraud said they fell for the scam because they were distracted or too busy at the time. Which underlines the need for vigilance. 

“Impersonation is at the root of the majority of fraud in circulation for both our personal and business customers.   We are regularly seeing fraudsters sending texts posing as delivery companies, road toll and government agencies.  Parents are being targeted by impersonating children in need of urgent help, to prey on their vulnerabilities and prompt a reaction.  Businesses are receiving calls from fraudsters impersonating their bank and duping them into allowing them access to their companies’ accounts.  These are cynical criminals, whose main goal is to access people’s bank accounts and steal their money. 

“That’s why we are reminding customers that, often, all is not what it seems, as fraudsters continue to impersonate trusted businesses and organisations, including banks.  The message is: Stop, Think, Check – access your banking only through the official mobile banking app or website by typing in a website address and treat every unsolicited call, text or email as a potential fraud attempt”.

As fraud becomes increasingly prevalent in people’s lives, the majority of people now recognise a fraud attempt and react in the correct way, with 89% of people who were targeted by a call text or email saying that they realised very quickly that it was a scam, so they deleted or ignored it.  However, given the large number of scams in operation, the fraudsters rely on a relatively small percentage of people falling for the scam for it to be successful.

If people suspect they have been a victim of fraud they should contact their bank immediately so that the bank can take action to stop a fraud in progress and try to recover funds. Bank of Ireland customers can call our Fraud Team 24/7, on the Freephone line 1800 946 764.

For more advice and information on fraud, visit Security Zone

Bank of Ireland has introduced a new national advertising campaign, reminding customers that fraudsters are active on a daily basis and to Stop, Think, Check in all transactions relating to their banking or personal information.

The Bank is working with renowned cyberpsychologist Professor Mary Aiken, to build consumer awareness about fraud, and explain the human psychology used by fraudsters.  Professor Aiken is recording a series of online videos designed to give insights and tips to help people protect their own personal and financial details from fraudsters.  The campaign will run for 14 weeks across radio, digital channels and social media.

Revolut launches in-app educational course to empower Irish customers to combat fraud

Revolut, the global financial super app with more than 2.3 million customers in Ireland, has today announced the launch of a new free in-app course designed to teach people about scams, and empower them with tools and techniques to help keep their money safe.

Rising risk of fraud

  • Recent research by telecoms regulator ComReg, indicates that in 2022 alone in Ireland there were:
  • Approximately 365,000 cases of fraud as result of scam calls and texts, (or 1,000 cases a day)
  • Up to 89 million annoying/irritating communications and 31 million distressing communications
  • Over 5,000 businesses that were the victim of fraud after receiving scam calls and texts 3

Overall, ComReg estimated that the total quantifiable harm to Ireland’s society arising from nuisance communications is conservatively estimated at over €300 million per annum.

Now, new research commissioned by Revout and undertaken by Dynata has revealed that 64% of consumers have noticed a rise in online fraud and scams in the past 12 months, with 46% admitting to personally experiencing fraud, and 47% knowing someone else who has in the past year.

The Dynata study of 1,000 Irish adults also showed that when asked about the channels or environment where they felt most vulnerable, people in Ireland pointed out mainly fraudulent SMS (65%), phone calls (61%), online shopping (46%) and fake adverts on social media sites (39%). On the other hand, dating apps and websites were only pointed out as the main source of concern for 4% of the respondents.

Consumers need more education to combat scams

Despite the ubiquity of fraud, consumers indicated that more education would help them  prevent and protect themselves from scams and fraud.

According to Revolut’s Dynata research, 1 in 10 respondents said they did not know of the methods individuals can use to protect themselves against scams.

6% said they would not be able to spot a scam generally, while 67% said they were only somewhat confident they would be able to detect a fraud. Only 28% – less than a third – said they were extremely confident that they could spot a scam.

Also, 12% said they could not spot a fake ad on social media, with 65% saying they were somewhat confident they could do so. Only 24% – less than a quarter – said they were extremely confident that they would be able to do so.

Revolut’s research also showed that 14% of people say they would not know what to do if they fell victim to a scam, with a further 61% saying they would need to take time to research what to do. Only a quarter – 25% – said they knew the immediate steps they should take if they fall victim to a scam.

Respondents also said that the entities which should be held most accountable for scams were “social media companies who do not have the right systems in place to prevent fraud and scams from occurring on their platforms” (59%) and “telephone companies for not stopping fake callers and spoofed telephone calls” (50%).

However 98% of respondents said they felt that the right education would help them feel more prepared to avoid or deal with scams.

On the basis of these findings, Revolut is taking a novel approach to raising its customers’ awareness of scams and helping defend themselves against fraudsters, with the launch of its new course.

The course will include five lessons: an introduction to fraud, purchase scams, investment scams, impersonation scams, and account takeover fraud, and has been developed by Revolut’s in-house fraud experts, and covers the most prevalent types of fraud.

Each lesson will include materials explaining the different types of fraud, how customers can protect themselves, and share examples of how these scams can take place, drawing on real-life examples. Customers can then test what they have learnt, completing the lesson.

The course is free, and can be accessed in the Revolut app* by heading to Home > Hub > Learn.

Aaron Elliott-Gross, Head of Fraud and Financial Crime at Revolut, said: “Through the launch of our new in-app course on fraud, we aim to use education to empower our customers to feel more aware, more in control and better armed for action to spot criminals when they come across them online, on social media or over the phone.”

Revolut invests heavily to protect customers, with more than a third of our workforce working in a financial crime related role. The bank analyses every one of the 500m transactions its customers make every month for signs of fraud, and when its fraud model detects a scam risk, it intervenes and warns the customer.”

Aaron went on to say: “Customers also play a vital role in protecting themselves from scams, and our new Fraud Learn course aims to help them spot a scam when they might be experiencing one. If you are unsure, and you see one of our warnings; heed them and don’t complete the transfer.”

Fraud Alert: new ‘Live chat’ scam to gain remote access to customers’ PCs and banking information

Bank of Ireland is warning about a new wave of fraud that has been targeting customers of banks in Europe, the UK, the US, Australia, and New Zealand and is now in operation in Ireland.  The fraudsters are mainly targeting business banking customers at this time, duping them into allowing remote access to their computers and bank accounts.

Reports of this type of scam to Bank of Ireland’s fraud line are increasing daily, as the fraud gang target Irish customers.

This spike in fraudulent activity has occurred as Bank of Ireland launch a major national fraud awareness campaign to warn customers of the prevalence of fraud, with 96% of consumers believing they will be targeted in the next six months, and 82% saying they are targeted at least once per month.

What happens?

  1. The customer gets a phone call from someone claiming to be from Bank of Ireland.
  2. The caller asks the customer to log into their online banking as normal.
  3. The caller (fraudster) then asks the customer to go to another new website address, saying that this is: “for a live chat service” or “to verify the customer’s PC”, but in reality it allows the fraudster remote access to the customer’s PC.  The fraudster can now see the customer’s screen and access all of the customer’s files and programmes.
  4. The caller will set up payments on the customer’s online banking and ask the customer to read out the one-time codes from their BOI app to approve the payments.Bank of Ireland’s advice 
  1. If you get a call from someone who asks you to go to a website or to click on a link that they will send to you, just hang up. 
  2. Never allow a caller to take remote access of your PC.
  3. If someone asks you for a one-time code from your online banking app, they are a fraudster.  Never, ever share those codes with anyone, even if they say they are from Bank of Ireland.
  4. Be very careful when logging on to your online banking website.  The safest thing is to type in the website address yourself or to log in through the main Bank of Ireland website at bankofireland.com 

Commenting on the current wave of fraudulent messages, Nicola Sadlier, Head of Fraud, Bank of Ireland said: “Fraudsters operate a range of scams that target people, all designed to access people’s bank account details or dupe them into transferring money. This new scam is of particular concern as fraudsters are convincing people to allow access to their PCs via a fake ‘live chat’, where they can access Business customers’ online banking, and other personal files and information.  

“We are urging customers to take extra care when logging into their online banking, to ensure it is a legitimate site.  People are currently being directed to fake sites, receiving follow-up phone calls from fraudsters and then being convinced to allow remote access. This scam is multi-layered and the international nature of the scam shows that it has been highly effective for the fraudsters elsewhere.   

“Unfortunately fraud has become an everyday part of people’s lives. We know that 96% of people surveyed by Red C say they expect to be personally targeted by a fraudster in the next six months and 82% say they receive a fraudulent attempt at least once a month.  Most people who have been a victim of fraud said they fell for the scam because they were distracted or too busy at the time. Which underlines the need for vigilance.  

 That’s why we are reminding customers that, often, all is not what it seems while fraudsters continue to masquerade as trusted businesses and organisations.   The message is: Stop, Think, Check – access your banking only through the official website or by typing in a website address and treat every unsolicited call, text or email as a potential fraud attempt”.  

Bank of Ireland has introduced a new national advertising campaign reminding customers that fraudsters are active on a daily basis and to ‘Stop, Think, Check’ in all transactions relating to their banking or personal information.

For more advice and information on fraud, visit Security Zone

Irish Insurance market to embrace email intelligence to fight fraud

Shane McCabe, strategic account manager, Insurance, Ireland, LexisNexis Risk Solutions 

An Garda Síochána (Ireland’s National Police and Security Service) lists the ‘Advance Fee Fraud of Ghost Broking and Car Insurance Fraud’ as one of the six most common types of fraud happening in Ireland today.  A new survey by LexisNexis® Risk Solutions of Irish insurance customers certainly seems to back this up.  Our findings show that over a third (34%) have been tempted by an advert for cheap insurance on social media – a common sales channel used by ghost brokers – and 16% of 17-24 year olds have actually bought insurance through a social media advert.  Equally concerning is the fact that just 24% of the people surveyed know about ghost brokers.

Ghost brokers promote unrealistically cheap car insurance on social media and sell on bogus policies using stolen ID to unwitting younger or high-risk drivers who are in search of a cheap policy.  Little wonder over half (58%) of the insurance customers we surveyed are worried their identity could be compromised for insurance fraud and the vast majority (89%) now expect insurance providers to undertake identity checks.

There is no denying that fraud costs the Irish insurance industry dear.  Aside from ghost broking, insurance providers face the growing problem of people deliberately misstating information in an application for a cheaper quote – 25% of Irish insurance customers in our study thought that this is somewhat or completely acceptable, rising to 43% of the 17-34 year old population.  

Despite investment in educational campaigns warning of its danger, an estimated €200 million is lost to insurance fraud each year which inevitably impacts upon insurance premium prices for innocent policyholders.  In fact, approximately €50 on every motor insurance policy goes towards covering the cost of fraudulent claims on an annual basis

Countering fraud starts with confirming that an applicant is who they say they are and not linked to fraud, often using public records data and data shared amongst insurance providers. This continues to provide a strong basis for identity validation, but can prove time-consuming and may cause friction when the vast majority of genuine customers deserve a quick and painless application and purchase experience. 

The next evolution in identity validation uses email address intelligence.  This has worked to great success in the U.K insurance market where it is providing flags for fraud early in the application process and helping to cut cancellation costs. Now insurance providers in the Republic of Ireland are set benefit.

An email addresses is a unique global identifier and one of the most commonly used components for any online transaction.  An email address is also linked to multiple online accounts and transactions. This means each individual email address creates a digital footprint which can make it one of the most powerful tools for detecting application fraud. 

Solutions such as LexisNexis® Emailage® Rapid provide an instant risk score at the point of quote to indicate a genuine identity, whether the identity has previously been linked to fraud or whether it could be a fraudulent ID created to either procure insurance with the sole intent of making a fraudulent claim, or to sell insurance on as a ghost broker. It can also indicate whether the email address and domain even exist, when the email address was first seen, or whether the email address bears a close resemblance to the proposer’s name for the policy.

This solution leverages billions of online transactions and email address data points, including 82,200 fraud events shared on average daily.

Internet penetration stands at over 90% in Ireland and as nearly one third (32%) of younger people  aged between 16 and 29 years either bought or renewed existing insurance policies online last year,  it is easy to see how vulnerable they might be to fraud but also how susceptible the insurance market is to online fraud.  

As the volatility of the macroeconomic environment continues unabated, it is more important than ever for insurance providers to conduct robust fraud prevention strategies.  Innovations such as email identity validation can help to boost the Irish insurance market’s resilience to identity fraud, protect unwitting motorists from the threat of ghost brokers and ensure a streamlined quote experience for the genuine customers.

In February 2020, LexisNexis Risk Solutions acquired Emailage, a fraud prevention and risk management solutions provider. LexisNexis® Emailage® is a proven risk assessment tool that is fuelled by continuously updating global digital insights and uses a patented, proprietary analytic approach to reimagine fraud detection.

SEON Raises $94 Million Series B to Address Exponential Growth of Online Fraud

SEON, a London-based Anglo-Hungarian startup that powers online fraud prevention raised $94 million in Series B funding. Led by Silicon Valley-based IVP, the round also includes existing investors Creandum and PortfoLion, as well as, angel investors including founders and senior executives from the very best product-led tech companies: Aiven, Coinbase, DataDog, DoorDash, Figma, G2, GitHub, Public, Slack, Supercell, UiPath, Veriff, and Wise. The funding, which comes just a year after the company’s Series A, will be used to expand SEON’s presence in North America, LATAM, and APAC, build partnerships with leading e-commerce platforms, heighten product functionality, and integrate additional data sources to help customers better fight fraud. 

As the pandemic accelerated consumer activity and transactions online, identity fraud has grown exponentially. Fraud is a problem faced by every company that transacts with customers online from the world’s most significant financial technology companies to online marketplaces, digital health, education, gaming, and e-commerce companies. Bad actors are becoming increasingly sophisticated and companies need better tools to fight back. Historically, effective fraud tools were only readily accessible to large enterprises with the budget and staff to handle complex implementations. SEON democratizes access to fraud-fighting technology, making the internet a safer place for business.

“SEON is bringing something different to the fraud prevention market by offering an accessible and flexible solution, which delivers instant results. Once discovered, our solution can be trialed by potential customers in less than 30 seconds and up and running in less than a day,” said Tamas Kadar, CEO and Co-founder at SEON.

With an API-first approach, SEON allows enterprises to plug into their system and go live within 24 hours. SEON’s Data Enrichment module uses data to establish an individual’s digital footprint based on their email address, phone number, IP address, or location in real-time. This GDPR-compliant approach to analyzing a user’s digital footprint helps companies accept more transactions while blocking fraudulent ones. SEON’s Full fledged platform leverages the company’s advanced machine learning capabilities to help global enterprise teams set rules, wean out false accounts, and detect fraud in real-time. The company’s solution can verify users with zero friction, enabling businesses to save money and fully complement their KYC / IDV checks.

SEON experienced significant growth in 2021 and is now the go-to fraud prevention solution for companies like Revolut, NuBank, Afterpay, Patreon, Sorare and mollie. In 2021, the company more than tripled its annual recurring revenue, grew its headcount by 4X, and opened new offices in Austin, and Jakarta. 

Along with welcoming IVP into its portfolio of investors, SEON will appoint Michael Miao, Partner at IVP to its board. 

“Identity is one of the most important and biggest problems on the Internet. This product-led team is making a remarkable dent in fraud prevention by making it easy for every business to adopt its data-driven solution. As fraud explodes at an exponential rate, IVP is honored to help guide this talented group as they work to expedite the fight against online fraud,” said Michael Miao, Partner at IVP.

For more information about SEON and its Series B announcement, please visit SEON’s blogpost or watch their announcement video.

About SEON:

SEON is the go-to fraud prevention solution for ambitious FinTech leaders, like Revolut, NuBank, Afterpay, Patreon, Sorare and mollie. By offering rapid integration and pay-as-you-go flexibility, SEON is able to offer a simplified, modern way to fight fraud. The company’s industry-leading solution uses AI and fully explainable machine learning to adapt across sectors. 

Since its formation, SEON has served over 5,000 merchants and reviewed over 1 billion transactions. In turn, this has helped the company to save its customers more than €50 million in potentially fraudulent transactions. The globally focused business operates offices in Austin (TX), Budapest, London, Jakarta and Singapore.

With specialties in the neo banking, crypto, eCommerce and Buy Now, Pay Later (BNPL), Web 3.0 sectors, SEON is well-equipped to deal with the demands of modern online fraud prevention and has recently launched an AI-based fraud detection and one click prevention app on Shopify.

How to Deal with Friendly Fraud and Chargebacks

In order to have successful business operations, every company or organization needs to keep an eye on every element that makes those operations a success. From marketing, sales, engineering, accounting, HR to security, business can’t be successful if all of those elements are not doing as well as the others. While most of the businesses try to keep all of them in balance, a lot of them still don’t pay as much attention to the area of security as they should. Fraud and cyber attacks have become an ever present threat that can impact any business or organizations, which is why it is no longer possible to keep your head in the sand and ignore the threats. Since the start of the Covid-19 outbreak, the volume of cyber-crime and cyber-attacks has become significantly more prevalent around the world with the rate of attacks skyrocketing by over 600% compared to previous figures.

 

Protecting their business from the threat of fraud should become everyone’s priority, but ecommerce shops are under bigger risk than any other sector as they are one of the favorites targets. There are various types of fraud that can impact ecommerce shops from triangulation, transaction fraud, card testing or even an account takeover, but the one ecommerce businesses find hardest to deal with.

What is Friendly Fraud?

Even though this type of fraud is called friendly , it is nothing friendly in any type of fraud as they all cause significant damage to the ecommerce store. It is called friendly because it is conducted by legitimate cardholders and not by fraudsters using stolen card or payment details. SEON’s view on friendly fraud separates them into 5 different categories ranging from accidental to malicious fraud.

Unintentional Friendly Fraud: This happens as a genuine mistake as the customer either didn’t recognize the transaction on their bank account or they completely forgot about the purchase.

Intentional Friendly Fraud: This type of fraud happens when a customer deliberately requests a chargeback from their card provider even though they have knowingly made a purchase. 

Merchant Error: According to Braintree, this happens when a customer requests a chargeback because of merchants issues like a delayed delivery, missing products or even unclear merchant descriptors.

Shared Card Fraud: Also known under the name family fraud, CNBC explained that this type of fraud happens when unauthorized purchases are made with the shared card, often by the child that is using parents devices.

Policy Abuse Fraud: This happens when customers take advantage of flexible return or refund policies which is why it is imperative your return policy is accessible and easy to understand.

Protecting your business from friendly fraud

Main problem with friendly fraud is that customers don’t try to contact the merchant in order to resolve the issues but they go directly to the bank requesting a chargeback. This can cause even bigger financial damage to the merchant than just losing a revenue from sale, as they would have to pay a chargeback fee and in the worst case scenario the bank might terminate their account as they consider them a high risk. This is why it is extremely important that merchants are easily reachable and their contact info is clearly stated on their website. 

Second step you need to do is to update your return policy and clearly state all the terms and conditions that the customer is required to follow in order for you to process a refund. It needs to be easily understandable and more importantly accessible to prevent unwanted chargeback just because customers didn’t have access to your return policy. 

Next, you should implement a cybersecurity protocol that will help protect your business from different types of fraud, including friendly fraud.

86% of chargebacks are likely causes of friendly fraud which means 86% of chargebacks could’ve been prevented by clear return policy and open communication between merchant and customer.

7 tips to avoid scams and protect your money when shopping online this Christmas

While most people are aware that there are dangers associated with shopping online, many are unaware of how their data is used and what the consequences could be. Cyber criminals can use your personal data to open credit card and bank accounts in your name, make purchases using your accounts (including illegal items), obtain credit cash advances and even steal your identity.

This holiday season could be a lucrative time of year for these criminals who anticipate that consumers may lower their guard slightly during the rush to bag the best deals on sought after items.

Tom Gaffney, Security Consultant from F-Secure, is issuing advice to consumers on how they can stay safe when shopping online in the run up to Christmas and beyond…

 

  1. BE CAREFUL WHERE YOU SHOP

You may be desperate to get hold of that best-selling toy that’s at the top of your little one’s wish-list, or the new PS5/Xbox Series S/X for your teen, but be careful where you buy from as scams can take place on any kind of online platform, from Amazon to Facebook. It’s also not uncommon for fraudsters to set up fake ecommerce sites.

Firstly, keep in mind that if anything online seems too good to be true – it probably is. If a seller is actually selling a very high-demand item, expect the price to be high.

If you’re wary of a site, do your research – Google is full of retailer reviews. Saying that, online reviews can be faked so if you see nothing but positive feedback and can’t tell if the writers are legit, follow your instincts. Also, check the website for a physical location and customer service information and see if their social media channels are active. Another key feature to look for is the little lock symbol that appears in the corner of the URL field. This indicates that the website you’re on is safe. Also make sure that the website you’re on is “https” not “http” as the ‘s’ stands for secure.

Once you’ve checked that it’s a legitimate site, use a credit card where possible for added safety as most offer consumer protection against fraudulent sites.

If you’re buying directly from someone i.e. via Facebook marketplace make sure you talk to the seller and ask for more information if necessary, for example the pictures of the product itself with a handwritten note to prove legitimacy. Never give out your details directly to the seller over email or messaging apps, but use the marketplace’s functionalities or services such as PayPal to do the transactions. Never use PayPal Friends and Family transactions when buying things online as PayPal does not reimburse payments sent using this functionality, or transfer money directly into their bank account.

 

  1. CREATE STRONG UNIQUE PASSWORDS TO PROTECT YOUR ACCOUNTS

Most ecommerce sites will require you to set up an account to make a purchase. The average person has 18 password protected accounts and worryingly, recent F-Secure research found that 41% of people use the same password on multiple accounts and 56% use the same password with only slight variations. This means that if your login information gets stolen on one website, it’s likely that your other accounts will also be compromised.

It’s vital to have strong, unique passwords for accounts to be protected and that you regularly change these. A password manager such as F-Secure ID PROTECTION can help you remember all your login details so you don’t need to worry about losing or forgetting them.

To give your online account additional protection, where possible you should also turn on two-factor authentication (2FA). This is a way for the service you’re using to check you really are the person you claim to be when logging in.

 

  1. REGULARLY DELETE COOKIES FROM YOUR BROWSER

Cookie banners pop-up every time we visit a website and most of us will click ‘accept’ without thinking. Cookies are small files that websites send to your device that the sites then use to monitor you and remember certain information about you i.e. what’s in your shopping cart, or your login information. Basically, cookies track you as you browse.

It’s important to delete cookies because:

  • They pose a security threat whereby hackers can potentially gain access to your browser sessions and steal your personal data

  • Over time you could accumulate a lot of cookies which will slow your browser down

  • Cookies store your personal information and enable websites to track and follow you round the web, developing a profile of your online habits and targeting you with ads

  1. AVOID SHOPPING IN PUBLIC – YOU CAN ENJOY A HOT DRINK BUT NOT THE PUBLIC WIFI

 

Using public Wi-Fi to shop online while at your favourite coffee shop may be convenient but it’s not cyber safe. Avoid making purchases via public Wi-Fi as you could end up compromising your data and financial information. Cyber criminals often target these hot spots to steal confidential information from unsuspecting users, such as passwords or credit card details, leaving them susceptible to identity theft and fraud.

If you must use public Wi-Fi then make sure you have a VPN installed such as F-Secure FREEDOME. VPNs offer you complete privacy for your activities online, no one will be able to track you or see what you are doing, not even your Internet Service Provider. A VPN will block harmful websites and hacking attempts, encrypt data to protect your real IP address and online traffic and protect you when you’re using public Wi-Fi.

 

  1. BE CAREFUL WHAT YOU CLICK ON AND STAY ALERT TO PHISHING SCAMS

Between April 2020 and March 2021, online shopping scams were up 65% on the previous year, with a whopping £69.9m lost to fraudsters. Beware of adverts which encourage you to click on links. If you receive an enticing offer, rather than click on the link, go directly to the website to verify that the offer is legitimate.

Phishing scams, where online criminals trick you into handing over personal details which are then used for account takeover or identity theft, are especially common during Christmas and Black Friday seasons. Consumer group Which? recently reported that three in five of us have had fake delivery company texts over the past year. The message often contains a link that takes you to a scam website and may warn of a failed parcel delivery and ask for payment. They are often sent using a fake appearance of huge brands that you trust and expect communication from like DPD, Royal Mail or FedEx.

To avoid being caught out don’t click links in SMS messages, especially if they say you have limited time to respond as this is a common tactic scammers use to pressure you. Check the URL of the link to make sure it matches the company website address. Do not call the number provided and under no circumstances hand over personal information such as your card details.

 

  1. BROWSER SECURITY – DOWNLOAD F-SECURE TOTAL AND START BROWSING THE INTERNET SAFELY AND SECURELY

Many people are unaware that they should configure security settings within their browser to enable safer internet surfing. Regardless of which browser you use (Internet Explorer, Safari, Chrome or Firefox), each gives you options to disable cookies and block security risks such as malicious software (malware) that can sneak in through infected pop-ups, plug-ins and extensions, compromising your security.

Default browser settings leave your data exposed so at a minimum you should:

●      Disable pop-ups and redirections as cyber criminals could use these to spread malicious software

●      Don’t allow automatic downloads as these could contain malware and viruses. Ask to be prompted before downloading anything

●      Turn on “Send a do not track request” to help prevent websites from tracking you

●      Don’t allow browsers to save passwords as although it’s convenient it creates a security risk. Malware that captures keystrokes can steal information. Also, if a laptop falls into the wrong hands, it doesn’t take much for a hacker to find the stored password information

At the very least, make sure you update your browser on all your devices regularly as using old software can provide a way for hackers to break into networks. Updates will address security issues and also help your browser run better. F-Secure TOTAL will give you all the protection you need to secure your online activities, your devices and yourself.

 

  1. KEEP AN EYE ON YOUR CREDIT CARD AND BANKING TRANSACTIONS

If your credit card information gets compromised, there can be charges without you knowing. Review your monthly statements to find any suspicious activity. Contact your bank immediately in case of anything unknown.

A good way to protect your money online is to restrict which countries your credit card will work in. Just remember to change the settings back when you need your card abroad.