Blog View Page

Watch out! Watch out! There are scammers about!

David Mitchell (adviser at Dennehy Weller & Co.)

Posted by:
Membership level: Free
Did you know that in Nigeria, email scammers are admired by many, who believe they provide a role model for young people, given the scammers’ skill in removing money from the bank accounts of wealthy westerners? Such crimes, known as “419 Crimes” as they fall under Section 419 of the Nigerian Criminal Code, are given extra resonance, through apparent Biblical recognition of “419 Crimes”. As the Book of Psalms Chapter 41 verse 9 (41:9) says “Yea mine own familiar friend, in whom I trusted, which did eat of my bread, hath lifted his heel against me.”
Fortunately, here in the UK confidence tricksters are not considered with high regard, or to have such Biblical endorsement. But their activities are nevertheless on the increase, with an average of 21 people defrauded every minute solely as a result of giving too much information away on social media.
Scams are becoming more sophisticated and in spite of the relative ease with which prevention methods can be put in place, such fraudulent activity is becoming more diverse.
Few realise how easy it is to intercept their emails or internet transactions, or to give away their personal details, allowing access to the kind of information which can make sophisticated fraud that much easier for criminals. The simple steps below can dramatically reduce the likelihood of such opportunistic breaches of security.
Personal information
Do not give personal information (name, address, bank details, email or phone number) to organisations (such as banks, the Financial Conduct Authority, the police or individuals) without verifying their credentials. Even then, it is worth being careful. 
We have had instances where a scammer has not hung up after telling a victim to ring the genuine organisation, thus leaving the line open. Thus the victim dials the correct number but doesn’t get through and it is easy for the scammer to get back on the line, at which point the victim is convinced he is speaking to the genuine organisation.
To prevent such an intercept in these circumstances, ring the organisation to confirm authenticity using a different phone eg if the original call was on a mobile, call to check from a landline or vice versa.
Many frauds start with a phishing email. Remember that financial institutions will not send an email asking you to click on a link to confirm your bank details, so do not trust such emails even if they look genuine. You can always call the bank using the phone number on a genuine piece of correspondence.
Hacking and malware
Make sure your computer has up-to-date anti-virus software and a firewall installed and that your software programmes are regularly updated to the latest version.
This is a list of the different types of security offered by “total protection” solutions:
  • Anti-spyware
  • Antivirus
  • Malware & ransomware
  • PC cloud backup
  • Firewall
  • Password manager
  • Secure VPN (Virtual Private Network)
  • Parental protection
The above list is not exhaustive, but it certainly covers the biggest threats.
Also enable two-factor authentication (this requires two pieces of information such as a password and a random number, valid only for a limited time, sent by text message) - if the company concerned offers this facility, use it!
This is your first line of defence, so it is worth ensuring that it is strong and effective. You may want to use an online password checker to see how effective are passwords which are configured in a similar way to your own passwords (best not to submit any of your current live passwords to the checking website!). The checker will indicate how strong a password like yours can be expected to be.

They may, for example, indicate how long it would take for sophisticated software to crack a password like yours.  Below are some examples showing how strength varies dramatically with complexity and randomness:

Time for computer to crack
money 123
2 hours
1 month
47 million years (more like it, but hard to remember!)
Password rules
  1. Avoid the obvious (the word “money” on its own would be a very obvious password, especially for a bank account! so pretty useless.) Make it hard to guess and avoid dictionary words or geographical names of places, even if adding numbers at the end, as specialist software can crack through all combinations of actual English or foreign words, places, mountain ranges, cities, seas, lakes and rivers etc, all in a matter of minutes.
  2. It should be as long and complex as you can manage – a random 8 letter password can be easily cracked, so mix upper and lower case, digits and punctuation marks, aiming for 14 characters or longer.
  3. Use one password for each account – don’t re-use.
  4. If this is too daunting, consider using an online “password manager” which will store all passwords. But in this case, you will need a particularly strong password for the manager account.
The next step
The effects of financial fraud can be quite devastating for individuals and their families, so the more of the above measures you can adopt and put into practice, the more you will protect your assets . . . and your peace of mind! 
Topic: Market commentary


Would you like to leave a comment?

Register with FundExpert or Log-in

Loading loading...
  • Page 1 of 1
  • 1
  • Comment by: AG Worcs 23.10.2019 @ 23:45:45PM

    Sound advice - thanks for sharing. I work in the IT Security Industry and although the same principles behind computer breaches and malicious activity have existed for years - attackers are getting ever more sophisticated and at the same time the attack surface (opportunities and scale of targets) keeps growing.

    Scams I'm experiencing at home right now include telephone calls claiming to be from BT support offering to troubleshoot and improve my internet connection which they claim is showing issues from their monitoring. They try and get you to go straight into your computer and help them troubleshoot the problem - which isn't a good idea! If you get any contact from legitimate tech support from such companies they will establish real credentials that prove who they are.

    Another one that is regularly being directed to one of my families personal email accounts is someone claiming to have taken over the computer and using the PC camera (why not cover it over with some tape if not used) to capture images and other internet activity that they threaten to share with all of your contacts unless paying them a ransom. They will send so many of these emails out and if they only get a small % of people react to it that can still be significant.

    I would advocate the password manager approach you mention and use one myself - passwords need to be complex and different across accounts so how can you possibly remember them all and writing them down or saving in an unprotected file of course defeats the object.

    If you have the option and are confident to use it - 2 factor authentication is a good thing too. More and more websites and apps are using this and the two factors can be a combination of password, fingerprint, facial recognition, mobile phone challenge response to name a few common mechanisms.

    Be safe and enjoy your online life.

Loading loading...
  • Page 1 of 1
  • 1

FundExpert on Twitter Twitter