As technology evolves, so does the threat of cyber crimes like finance fraud.
In this digital age, most of us use computers and phones to access an array of accounts and services which store our personal and financial details.
At Unity Trust Bank we take security very seriously and have a number of measures in place to prevent any criminal activity, including finance fraud.
To support the recent #TakeFiveToStopFraudWeek, Unity’s IT Security Officer Chris Hinton has highlighted the main risks to be aware of and what to do if you ever fall victim to email, phone-based or online fraud.
Don’t make it easy for fraudsters
You wouldn’t make it easy for burglars by leaving your windows open when you’re not at home. So, apply the same logic with your online security too and follow these few simple rules:
- Don’t use the same password for your accounts. Create different passwords and secure them safely using a recommended password manager.
- Always create strong passwords using random words, eg sunnyfrogyear, and turn on two-factor authentication wherever possible.
- Ensure your devices are set for automatic manufacturer updates and back up your data by saving a copy of your information to another device or to cloud storage.
Identify potential threats
Phishing emails are fraudulent messages designed to trick someone into revealing sensitive information or clicking on a link which could be harmful to your computer.
Alarm bells should ring if you receive any of the following:
- Emails demanding urgent action – Attackers often use this approach to panic recipients before they’ve had chance to study the email properly for potential flaws.
- Emails with spelling mistakes – Legitimate companies ensure their emails are correct so always beware of emails that contain bad grammar and spelling mistakes.
- Emails with an unfamiliar greeting – Exchanges between work colleagues usually have an informal salutation. Those that contain unfamiliar phrases, such as ‘Dear X’, should arouse suspicion.
- Inconsistencies – You can spot phishing by finding inconsistencies in email addresses, links and domain names. Cross check the sender’s address against previous correspondence and check if a link is legitimate by hovering the mouse pointer over it to see what pops up. If an email allegedly originates from, for example, Google, but the domain name reads something else, report it as a phishing attack.
- Suspicious attachments – Most work-related file sharing now takes place via collaboration tools so internal emails with attachments should always be treated suspiciously – especially if they have an unfamiliar extension, eg .zip, .exe and .scr.
- Emails requesting login credentials, payment information or sensitive data – Emails from an unexpected sender should be treated with caution. Spear phishers can forge login pages to look similar to the real thing but links can direct the recipient to a fake page. Whenever a recipient is redirected to a login page, or told a payment is due, they should refrain from inputting information.
- Emails that are too good to be true – These influence the recipient to click on a link or open an attachment by claiming there will be a reward of some nature. If the sender of the email is unfamiliar or the recipient did not initiate the contact, this is probably a phishing email.
What to do if you’ve been targeted
If you’ve opened something you don’t feel comfortable with, reset all of your passwords. Next, disconnect your device from any home or company networks and run a full anti-virus scan. For financial applications report it to your service provider to capture any abnormal behaviour.
If your device is not functioning as it should then switch it off and seek professional technical guidance. Do not re-connect the device until it is functioning correctly.
By following these simple guidelines and always being alert, it will help keep your personal data safe.
For more guidance on keeping yourself and your business safe, follow Unity Trust Bank on LinkedIn, Twitter, Facebook and Instagram
