It’s a few weeks into the festive season, and you want to get the perfect gift for a loved one. While you may have received that hint that your family member wants a new laptop, you cannot decide which one. To find the right brand, you harmlessly reach out to your social media community for suggestions.
Unexpectedly, you receive an e-mail from a colleague, who often comments on your online posts. Apparently, they’ve got some top tips for you for finding the right one and here’s the link with all the details.
Merry Christmas! You’ve just been spear phished. Within a split second, you’ve been duped by a carefully constructed, highly-targeted scam and your personal data is now in cybercriminals’ hands.
While this may sound foreign to many of you, this simple example has been used effectively to scam many unsuspecting consumers of their hard earned money around the festive season.
Criminals are aware that consumers are out to shop during this time and also have received bonuses and these thieves are looking to cash in on this behaviour.
Festive fraud is on the rise
A Decade of Data Breaches reports recently revealed that phishing is fast becoming cybercriminals’ easiest and most productive attack vector, and is now responsible for almost half of all documented breached records by root cause. According to Symantec, spear phishing is today’s dominant infection vector, employed by as many as 71% of organised cybercriminal groups.
Phishing in all its embodiments is undeniable and a rapidly growing threat. However, for many, the holiday season brings perfect conditions for its evil to thrive.
What are the most popular festive scam strategies?
While the obvious example might seem to be through email (Phishing), there are many other avenues these criminals use in order to bait you. MTN highlight some of the common and most dangerous tactics used to do this.
Fake call centre agents
One scam involves fake call centre agents soliciting information from customers under the pretence that the agent is trying to block an illegal SIM swap – thus asking for personal security information in order to correct the ‘illegal activity’.
Unauthorised addition of a secondary SIM card
This is where they add another SIM card to the customer’s primary line without their knowledge or consent. The targeted customer would be shocked to get a hefty bill on a number that is registered to their line.
Consumers should also be wary of free Wi-Fi hotspots due to their permeable security. “Some Wi-Fi hotspots offer poor security and some have been set up to gather customer’s data on their IP address.
Through social media timelines, fraudsters can easily create a detailed profile of their target based on the information that has been unwittingly shared, such as birthday's, children’s birthday, anniversary dates, favourite things, friends and where they stay.
“Based on one’s profile, a computer program can, within minutes, configure possible password combinations that one may use to conduct fraudulent transactions so it is best to use a variety of passwords and to change them regularly,” she said.
How to avoid falling into a dangerous trap?
Kovelin Naidoo, Chief Cyber Security Officer at FNB, provides some tips on how to protect yourself against fraudulent behaviour.
- Never save usernames, passwords or PINs onto your cellphone or computer, as it may allow others to access your banking without your permission.
- Always do internet banking on a secure computer that you regularly use at home or work. Never do Online Banking in public areas such as shared computers, as you can never know what software is loaded that may compromise your transactions.
- Log on to your bank’s website by typing in the web address yourself instead of accessing it via Google search as this may lead you to a spoofed site.
- Never open suspicious or unfamiliar e-mails or attachments, and never click on links in emails or SMS’s. Criminals make emails and SMS look legitimate and often bait you with scare tactics to confirm your account details or to log in to prevent your account from being closed.
- Remember to change your passwords and PIN’s regularly and to keep them secure.
- Only make online purchases with your card on reputable websites that are verified as secure sites (look for the lock icon in your browser and ensure that the address starts with https://).
- Never use the same username and password for banking as you use on other apps and websites like social media and email.
- Update your smartphone and computer with the latest software and app updates.
- Monitor your phone’s reception. If you have lost signal for an unusually long time, you may be a victim of sim swop fraud.
- Criminals may sometimes call you and pretend to be from your bank, service provider or a reputable retailer. During this conversation, they may ask you to verify personal and banking information or download software for them to “assist” you. It will be safer for you to hang up and call the company directly to verify if the call is legitimate.
Stay vigilant, stay safe
Taking special consideration when sharing personal information and to ensure you protect yourself against fraudulent activity, make sure you keep all your cards, pins and other information safe and only share them if absolutely necessary or in case of emergency.
If there is one gift you can give yourself and others this season, then make it the gift of having peace of mind and knowing that you can have a stress free and cheerful festive season with your loved ones.
Let us Help You Reach Your Customers
If looking for communication solutions to reach your audience, why not contact us here, and we can devise the perfect communications strategy for your business! From Mobile Development to standard bulk messaging solutions, we provide and manage it all.
iTouch is one of the few messaging companies in Africa that abide by GDPR and POPI security standards. Let us worry about the legal and security protocols so you can focus on growing your business.