1. Do not trust strangers
This is the most obvious piece of advice, but it is not always followed.
Be very wary if someone contacts you by telephone, fax, post, email or in person and asks you for personal information such as your date of birth, your mother’s maiden name, your account details or other personal data. In the case of a telephone call, if something seems suspicious, ask for their number and call them back.
Never open an email or attachment from someone you do not know, or from someone you do know but would not expect that type of message from. It is quite easy for criminals to fake a sender’s email address.
Be vigilant: deceptive emails almost always look suspicious if you look closely enough. They may not address you by name, and they could try to make you do something unusual, such as clicking on a link, entering your personal details or opening an attachment.
Always remember that no bank asks its customers to provide confidential information via email. The same is true for requests via SMS or telephone.
2. Report suspicious activity
If you receive a suspicious email, clearly identifiable as a phishing attempt, immediately warn the bank or organisation the mail claims to have come from and also notify the relevant authorities.
Almost all banks offering online banking services have a telephone number or email address for reporting online fraud. If the bank does not have a specific number or email address available via its website, report the event to your branch or to the customer service team.
Here is a typical example of a phishing email, with a link that the user is invited to click on, exploiting the popularity of the international online payment system PayPal.
Security Center Advisory!
We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address and we have reasons to belive (sp) that your account was hijacked by a third party without your authorization. If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you.
If you are the rightful holder of the account you must click the link below and then complete all steps from the following page as we try to verify your identity.
If you choose to ignore our request, you leave us no choice but to temporaly suspend your account.
Thank you for using PayPal!
3. Use different passwords
Do not use the same password to access numerous websites and online services. Using different passwords takes more effort, but it is one of the easiest ways to prevent online fraud. In addition, avoid using obvious or easily guessable passwords such as your mother’s maiden name, date of birth, your children’s names, favourite football team, etc. Protect your passwords: do not write them down and never store them in your wallet or purse, diary or on your PC.
4. Destroy evidence of your identity
Carefully shred or destroy any letters or bills which state your name, address and/or other details about you before throwing them away. If possible, throw pieces of the document into different bags at different times. This is especially important for bank statements, old debit and credit cards, gas, energy, telephone and credit card bills.
|
 |
5. Be vigilant
Be on the lookout for signs which could mean that your personal information is being used in a fraudulent manner. If for example you receive invoices, requests for payment or receipts for goods and services that you have not purchased, this could be a sign that someone has stolen your identity and is running up bills in your name.
6. Check your statements
Always check your credit card and bank statements carefully and frequently. Any suspicious transactions or unauthorised payments, even for small amounts, to unknown beneficiaries, should be reported immediately. Often, cybercriminals do not empty an account immediately, but will withdraw small amounts over a longer period to avoid being discovered. The quicker you report anything suspicious, the less damage they can do.
Protect your credit Cards for online use by using “Verified by Visa/ MasterCard SecureCode” – adding the protection of a password which must be entered before your card can be used to make any online purchases. This adds an extra layer of security from your card details being copied and used without your permission.
7. Think twice before you click
Never click on a link contained within the body of an email even if it seems to be a real web address. Instead, move the cursor over the link to view the URL in its entirety. If the link contains several numbers and letters and numbers, or is mis-spelt in any way, it is likely to be a fake. When you do need to visit your bank or an online retailer’s website, always type the link in yourself.
8. Monitor website security
When making online purchases with a credit card, always check that the website uses basic security measures before entering personal data. Always check that the prefix https:// is present in the address of the website. Also make sure that the “locked padlock” icon appears in the browser status bar.
9. Secure your PC
Make sure that the PC you are using to perform online transactions is protected by basic security tools such as updated anti-virus software and a firewall, and that it is not used to visit insecure websites. Updating anti-virus software generally only takes a few minutes and is free of charge – you should be alerted by the vendor when updates or “patches” are available and be given instructions describing how to download them.
If you can, avoid making online transactions or accessing your online account from Internet Cafés or from a non-protected PC. Furthermore, avoid using your PC to download music and videos through free sharing programs, which can be vehicles for “Trojans”, and other malicious code.
10. Research your bank’s security measures
Before opening an online bank account, ask your bank what measures it is taking to protect your identity and your funds. There are many methods available and some banks use more than one. Some are visible to the user and require an action (e.g. the entry of a numeric password generated randomly by a small portable device), others work behind the scenes, checking the behaviour of the account without the customer even knowing about it. |
