Cyber-attacks, and subsequent loss of money and sensitive personal data, is on the rise. The volume of attacks are increasing as criminals are using cunning new phishing tactics to take advantage of the general global panic.
What is phishing?
Phishing is when criminals try to convince you to click on links within a scam email or text message, or to give sensitive information away such as your bank details. Once you click, you may be sent to a website which will download viruses onto your computer or steal your passwords. Or it may be that simply clicking on the link will do this immediately.
Given the current coronavirus situation, cyber criminals are sending emails that claim to have a ‘cure’ for the virus or encourage you to donate to a good cause. Like many phishing scams, these emails are preying on real-world concerns to try and trick you into clicking.
We’ve even seen evidence that phishing emails are becoming ever more targeted to play into specific sectors’ fears. In February 2020 American researchers uncovered new coronavirus-themed email attacks that focused on industries that were concerned about disruptions to global shipping. In March 2020, victims in the UK were duped by clicking on “important COVID-19 updates” and infecting their devices.
Can I protect myself against phishing and cybercrime?
Yes. Scam messages (or ‘phishes’) can be extremely hard to spot and are designed to get you to react without thinking. If you think you’ve clicked on a bad link, don’t panic – there’s lots you can do to limit any harm. There are also steps you can take to protect yourself and your data, and to insure yourself against the financial impact of cybercrime.
What happens if I’ve already clicked a phishing email?
- If you’re using a work laptop or phone, contact your IT department immediately and let them know what’s happened.
- If you’ve been tricked into providing your banking details, contact your bank immediately and let them know.
- If you’ve lost money, report this crime to Action Fraud, the UK’s reporting centre for cybercrime. By doing this, you’ll be helping to reduce criminal activity and prevent others becoming victims of cybercrime.
- If you’ve provided a password that you use elsewhere, make sure you stop using that password on any of your accounts.
- If you have antivirus software, run a full scan and allow it to clean up any problems it finds.
Is it possible to minimise the risk of cybercrime?
Yes, it is. You can start by implementing the following suggestions:
- Keep your software up to date – this helps remove critical vulnerabilities that hackers use to access your devices.
- Use Anti-Virus protection & make sure you have a firewall in place on your operating system.
- Use strong passwords & use a password management tool.
- Be more aware of potential phishing scams (see below).
- Protect your sensitive personal identifiable information such as your name, address, phone numbers, data of birth, national insurance number, IP address, location details, or any other physical or digital identity data.
- Don’t log on to public Wi-Fi networks in coffee shops, on trains or elsewhere.
- Backup your data regularly so you can erase systems and restore with a recently performed backup if necessary.
- Review your online accounts regularly so you can quickly spot and report suspicious activity.
- If you do spot a suspicious email, flag it as Spam/Junk in your email inbox and tell your email provider that it’s potentially unsafe.
- Be aware of your digital footprint and what it reveals about you.
What’s a digital footprint?
We all have a digital footprint. This is the information that people can easily find about you on your website or social media accounts. Criminals often use this public information to make their phishing messages more convincing, so you can protect yourself by doing the following:
- Review your privacy settings for all your social media apps and online accounts.
- Before you post, think about what information you’re giving and who could see it.
- Be aware what your friends, family and colleagues say about you. online, as this can also reveal information that can be used to target you.
Condor’s five top tips for spotting phishing
Spotting phishing emails is tricky, but there are some quick things you can check before you click:
- Who is it from? Is the sender claiming to be from someone official (like your bank, doctor, a solicitor, government department)? Criminals often pretend to be important people or organisations to trick or intimidate you into doing what they want.
- Are you being pressured to respond quickly? Criminals often threaten you with fines or other negative consequences if you don’t respond quickly (and therefore don’t have time to think about what you’re doing).
- How do you feel when you read the email? Does the message make you feel panic, scared, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.
- Are they trying to provoke fear of missing out? Is the message offering something in short supply, like concert tickets, money, or a cure for medical conditions close to your heart? Fear of missing out on a good deal or opportunity can make you respond quickly without thinking.
- Does the email relate to something in the news? Criminals often exploit current news stories, big events, or specific times of year (like tax reporting time) to make their scam seem more relevant to you.
You bank or other such institutions will never usually ask you to supply personal information on an email. If you suspect that a message may be phishing, call the department/person who has apparently sent the message and check with them. Never use phone numbers or emails from the phishing email but look up official contact details on another website instead.
Why might you need cyber and data risk insurance?
Everything in your house which makes your life easier and better can be open to cyberattack. This includes smart TVs, laptops, phones, sound speakers, doorbells, heating devices & controlled thermostats. Consider these three scenarios:
- You’re working in your local coffee shop, using an open Wi-Fi connection. When you get home, you realise that your mobile phone has been infected, and that infects your home network and compromises the security of your bank accounts and sensitive data. What can you do?
- You buy a high value piece of artwork online. Criminals intercept the emails you’re exchanging with the seller and replace the seller’s bank details with theirs. You transfer the fraudulent payment, lose the money and the artwork. Do you have cover for forensic investigators to investigate and establish what happened and cover for all costs including the cost of the fraudulent money transfer and expert fees for investigation and advice?
- You write a negative review online about a bed and breakfast you recently stayed at. This goes viral and leads to a reduction in business for the owners. They bring a claim against you for defamation. How can you protect yourself against this?
These scenarios are taken from real life, but the good news is that we now offer cyber and data risk insurance so you will be protected if the worst happens to you.
Condor Private Clients cyber insurance
We work with a range of insurers, some of whom have elements of cyber insurance (e.g. cyber bullying) included within their policies. We also work with one specific insurer who offers Personal Cyber Insurance. This is automatically included in your household insurance and can cover you from £50,000 to £100,000 of cover. This Personal Cyber insurance plan includes cyber fraud, cyber bullying and cyber phishing.
If you’d like to learn more about our cyber insurance, please contact us today on firstname.lastname@example.org.
Posted 25th June 2020