Financial fraud has evolved continuously over the past couple of decades, and unfortunately the pursuit of new, connected technologies is only making things easier for the criminals at work. It used to be that your biggest fear would be having a criminal peer over your shoulder at the ATM. Then, we saw cash machines being sabotaged with hidden cameras and other devices that would skim your card details.
Of course, ATM skimming still goes on, but you’re likely more familiar these days with the concept of malicious emails, text messages, calls, or software, all of which is designed to harvest your bank account information. But what if we told you that hackers could already be monitoring your email inbox waiting to strike?
Criminals targeting business invoicing
It starts with a hacker gaining access to your email inbox. You could’ve clicked on a suspect link, found yourself infected with spyware like a key-logger, or something else entirely. Or, you may have been unlucky and had your data vacuumed up by a major breach to a website that holds your data; this happens more often than you’d think. And if you’re the kind of person to reuse passwords, your email inbox could be at risk.
Of course, if the scammers are playing the long game, then you may not even know until it’s too late. One of the rising tactics used is to await an incoming invoice for goods bought, then to intercept the email and change the account details that the recipient has been sent. The recipient will then make a payment into the altered account belonging to the scammer.
As a result, this places businesses or frequent online shoppers particularly at risk. Especially when you consider that goods paid for post-purchase are usually high-cost items such as home renovations and contractor agreements. Or, more worryingly, this scam could hit you right as you are asked to transfer the funds for a mortgage deposit.
A simple Google search for “mortgage deposit transferred to scammers” reveals that this is a widespread problem that’s all to easily executed by cyber criminals.
Ideally, you want to avoid relying on email communications for sending and receiving payments. Though the worst will likely never happen to most of us, there’s always a risk and you could be unaware that you’re affected. Instead, consider the following bits of advice:
- If you DO rely on email communication, advise your clients that your financial information will never change unless advised face to face;
- Consider abandoning email invoicing entirely, however prehistoric that may sound. Instead, rely on postal invoices, face to face meetings, or telephone calls;
- If you’ve been asked to make a very large transfer, for example as part of a house purchase, then call the recipient once their account information has been provided and ask them to confirm the details again.
Additionally, don’t forget our rules on choosing strong and secure passwords, whilst changing them regularly to ensure that you’re best protected:
- Don’t use simple, easily guessed words like ‘password’, ‘qwerty’, or ‘123456’, all of which commonly feature on the “Worst passwords of the year” lists like this one;
- Don’t use any combination of your name, date of birth, popular public dates, or anything else obvious;
- Consider condensing easily-remembered phrases into mnemonics. For example, you could set your password to “Timnsp100”, meaning “This is my new secure password 100”.
Plugging other security holes
No matter how strong your password is, you could already be putting yourself at risk by using an unsecured machine that’s infected with or at least prone to viruses and malware.
Fortunately, this is one avenue that can be locked down securely with a good, complex antivirus software solution – and the best thing is, there are many great options out there for free.
For advice on securing your machine and avoiding the threats posed by malicious software, give WiseGuys a call on 0808 123 2820 and we can help you out.