Since the internet and, specifically, online banking became popular, there have been numerous warnings about the risks of phishing, or the use of faked emails to obtain personal information. Most of us will now be familiar with how to spot a fake email and how to type the web address of the bank or organisation into a browser window rather than copy and pasting, or clicking the link in the email itself. However, did you know that it’s not just fraudulent emails you need to look out for? When it comes to keeping your personal information, and finances, safe, add spoofing and smishing to your list of fraudulent activities to be vigilant about.
Phishing: a reminder
Just in case you’re not familiar with phishing yet, or want to refresh your memory, all the information you need about staying safe online and avoiding falling foul of the latest criminal scam, here’s the Lifesure guide to online security.
What is spoofing?
Spoofing calls are where the perpetrator uses software to “spoof” a phone number, so the recipient’s caller ID function displays the number of the organisation they are claiming to represent. After all, if you recognised your bank’s phone number, you’d have no reason to be suspicious about the call, would you?
Those fraudsters behind the call aren’t just relying on people recognising the number either; they’re asking doubting recipients to check that the number they see on their caller display is, in fact, the correct number for their bank. Of course, when they check online or on a statement, it is. Except it’s not. The software enables the would-be thieves to clone the bank’s number and have it displayed instead of the number they are actually calling from.
The fact that a caller asks you to verify the number is a giveaway in itself – a representative of a bank is very unlikely to do this.
You may think it’s easy enough to hang up and phone your bank to check the call was genuine, but you need to be wary here too. There have been cases of the fraudsters pretending to hang up and playing a fake dial tone so the customer believes they are actually getting through to a representative of the bank. We recommend that you hang up and call a friend first to make sure that your line is clear of the fraudsters, and then call your bank directly.
Of course, your bank will never ask you to transfer money to another account, which they specify, or to give them full details of your credit card. Regardless of how the call was made, you must always end any call that results in a request of this nature.
Financial Fraud Action UK have reported cases where victims were asked to hand their card over to a courier for replacement, to transfer money to a so-called secure account or to confirm their full PIN or telephone banking code. No bank will ever ask for any of these to be done.
Remember, even if you are almost certain that it is your bank calling, do not provide any information if you have even the slightest doubt about the authenticity of the call.
What about smishing?
Basically, smishing is phishing via text message. If you receive a text purporting to be from your bank and requesting that you reply with your account details or passwords, click a link to log in to your account, or call a specified number to discuss a problem with your account, do not respond in any way.
Take a screenshot of the message, including the number from which it was sent (if possible) and forward it to your bank’s fraud team.
If you do tend to access your bank accounts via mobile, here are a few extra tips for staying safe:
- Never access your accounts on a jailbroken or rooted device, as these are potentially easier for fraudsters to gain access to
- Always keep your device updated to the latest version of operating system or software
- Only use your bank’s official mobile app
- Don’t store your bank details and/or passcodes on your mobile device
- Install anti-virus software if it is available for your model of phone
Again, here’s our guide to online security. You can never be too safe!
If your “bank” asks you to do any of these, it’s definitely a scam
This list contains transactions and activities that no genuine bank would ever request of their customers, but quite a lot of fraudsters do. If you receive a call, text or email of this nature, hang up or do not reply (as appropriate) and alert your bank to the attempted fraud. Most major banks now have a dedicated phishing/spoofing/smishing alert service, normally an email address which you can send details to. The email address or contact telephone number will be available from the bank’s website, in branch or via telephone.
- Reveal a PIN or passcode in its entirety
- Hand cash, cards or valuables to a courier or other visitor to your home
- Share sensitive information by email or text
- Click on an emailed link to a log in page
- Complete a “test” transaction online
- Invest in diamonds or other commodities after an unsolicited call
- Transfer money to a secure account
- Enter banking information into any app other than the bank’s own official one
As a broker we have access to a wide range of insurance policies that are not available through price comparison websites. Talking to our advisors can save you time and money as we can source the right the policy for your needs, whether it be home insurance, caravan insurance, park home insurance, car insurance or anything else! Call us on 01480 402460 for more information.