The Veritas team was saddened to learn this morning that one of our clients was caught in a telephone scam, which resulted in their entire bank account being cleaned out. We are taking this first opportunity to remind you that everyone – including businesses, big and small – are targets for cyber criminals.
Cybercrime is big business and is a highly organised, multinational, collaborative underground industry that operates across all jurisdictions. It is becoming increasingly sophisticated. And the Covid-19 pandemic has provided this underground industry with fertile grounds to grow and thrive.
You may recall the story we shared last August about how the FBI had found US$41 million in cash in the apartment of a Nigerian man they had arrested. He had 13 luxury cars and about two million records of people he and 11 accomplices were targeting.
With many millions of people being forced to vacate their corporate offices and are now working on-line from home, with many likely to continue doing so for some time to come, maybe even as a permanent new way of earning a living, cybercriminals are taking advantage of this period of “business unusual” and the preoccupied state in which we try to juggle work, children, and home schooling. The many distractions in working from home can often disrupt critical thinking and put you off guard.
SAFEGUARDS AND PRACTISES
More than anything, if you do receive a call from someone claiming to be calling from your bank (or any associated institution), the easiest, safest and quickest response is for you to end the call and immediately phone your bank before doing anything further.
Phishing
- Phishing remains the most common way cybercriminals are preying on people and the best way to protect yourself against it remains not clicking on a link in an email before verifying the authenticity of the link. To determine the authenticity of a link, hover over it and review the URL. Phishing emails will divert you to an unrelated website.
- Look out for communications that contain requests to act quickly, or those that elicit a degree of fearmongering. A simple way to defend against being taken for a ride is to apply common sense and interrogate communications you receive. If you haven’t entered a competition or applied to receive COVID-related funding relief, ask yourself: why am I getting this correspondence? Take the time to STOP, THINK and VERIFY before you respond. But remember: phishing is particularly effective when people are distracted.
- Expect more sophisticated, targeted phishing attacks. Criminals are now automating their attacks by using software that allows them to sift through social media accounts and then build automated, personalised phishing attacks based on the information they glean.
- Limit what you share about yourself online.
Vishing
- These days, cybercriminals have added voice phishing (vishing) scams to their repertoire and make use of deep-fake technology to create manipulated videos which appear to be from high profile individuals and intended to dupe unsuspecting victims.
- Vishing can also mimic the voice of a real person. Even if criminals have a few seconds of voice notes, they can recreate an actual person’s voice and insert this in a message to give it greater authenticity and persuade you to do whatever they want you to do.
Passwords
- Use a password manager. It will help you store, generate, and manage your passwords and login details for apps and websites. If you don’t feel comfortable using a password manager on your top risk accounts, make sure you set a strong and unique password.
- Don’t reuse passwords across different platforms or save them on browsers.
- Make sure you use strong passwords – a good idea is to avoid using an English word. It will make it harder for cybercriminals to access your data.
Back up
- Back up data regularly and keep anti-virus software up to date.
0 Comments