At Burton Copeland, we deal with complex investigations and proceedings which require specialist knowledge. In particular, we often deal with cases involving cyber crime offences which see our clients fall foul of various acts such as the Computer Misuse Act 1990 and Fraud Act 2006.
We regularly defend clients accused of these offences and are well aware of the methods used. We have also been the subject of attempted cyber crime. Although many people assume they don’t need to have a good understanding of cyber crime, we all need to be aware in order to try to avoid being a victim to increasingly sophisticated scams and hacks. We asked our Accounts Manager Rustine Parker-Quayle to offer advice on what to look for and what you can do to protect against cyber crime.
“Cyber crime covers a variety of areas including the following types of attack:
Phishing – sending emails containing links to false websites looking to obtain your login details. This type of attack is on the rise as it gives access to both work and social accounts as most use the same password. You should protect yourself by exercising great caution when opening emails and clicking on links within them, even if they do look genuine.
Ransomware – This is usually an app or software which finds its way onto your device by disguising itself as another type of program or file. This can then encrypt your data, rendering your device useless and all of your files inaccessible. For individuals, this is likely to be distressing or at least very inconvenient. For small businesses it can be absolutely devastating. Once your system is hijacked, cybercriminals usually then demand payments in order to un-encrypt your files. But beware, there is no guarantee you will get your data back if you make payment. Prevention is better than cure, so you should always exercise caution when you receive an email and never open an email attachment unless you know exactly what it is and who it has come from. Rogue ransomware is usually disguised as an innocent file such as a Word or PDF document. Ensure that you backup your data regularly and have up-to-date antivirus software able to scan attachments in emails.
Malware – This comes in many different forms and can include keyloggers which can record each time you hit a button on your keyboard before forwarding these “key strokes” on to criminals. Although it will record all keys pressed, it is simple for a cybercriminal to work it out using the following example.
It should not be difficult to see that after typing a letter I have visited an online banking page and then typed:
“RPQualye” – my username
“121281” – my login PIN, and then;
“Bengy35” – my password
Pretty dangerous, don’t you think? Again, prevention is better than cure. Be very careful when opening emails, do not download any kind of programme or software from a website unless you are absolutely sure what they are and that they are reputable.
Identity Theft – Attackers can do all kinds of things with your identity, from impersonating you on social media to seizing control of your bank accounts or applying for credit in your name. Many people assume they will never be the victim of such crimes but there are thousands of victims of this type of fraud every year in the UK and it is on the rise. You may be surprised by how sophisticated cybercriminals can be to try to get information about you. Using social media sites such as Facebook, criminals can find out a great deal of information about you which can then make it easier for them to pose as you. Most people post on social media without giving cybercrime and identity theft a second thought, but you need to think twice before you post anything.
Imagine I post on Facebook, an innocuous picture of me with my dog with a message, “Can’t believe I’m 36, but having a great birthday with my best friend”.
Now imagine that the date is the 12th December 2017, I’m 36 years of age today and my dogs is called Bengy. Can you guess my online banking details?
I don’t think it would take long for a seasoned scammer to make an educated guess, and take control of my bank account, remember…
“RPQualye” – my username – my name
“121281” – my login PIN – my date of birth
“Bengy35” – my password – my dogs name plus my age (up until my 36th birthday)
I should point out that of course none of those details are true. I don’t have a dog, my birthday is not in December and a lady would never reveal (and should never be asked) her true age!
More tips to help prevent you becoming a cyber criminal’s next victim.
- Be vigilant and don’t share personal information
- Know who your friends are on social media
- Don’t accept friend requests from people you do not know
- Before accepting a friend request, ask yourself ‘do you trust them to see everything you post, or what somebody else posts about you?’
- Ensure your privacy settings on social media are appropriate
- Make sure your letterbox or post boxes at home are secure and nobody can steal your mail
- Report and investigate unexpected mail. If you receive an email or item of post that you are not expecting, investigate it. But don’t trust that the telephone number or contact details on that letter or email are true. Investigate independently. If you receive an email which purports to be from Barclays it may not be, so get the telephone number from elsewhere to investigate. Equally it may actually be from Barclays and may be the result of somebody attempting to pose as you so don’t ignore it
- Use a credit reference agency to monitor your credit rating. Many of these companies offer a monitoring service which automatically notifies you if somebody searches your credit history or applies for credit in your name
- If you believe that you have been the victim of identity theft contact Action Fraud immediately