Crooks are using more sophisticated tricks to steal your information and money. It’s time to improve your defences.
Throughout the past decade, consumers have been rocked by one massive data breach after another. Some 500 million Yahoo users were hit by a 2014 data breach that compromised e-mail addresses, passwords and other information. Since then, thousands of other breaches exposed the data of millions of consumers, who have come to assume that their personal data has been laid bare somewhere. Need we mention the HSE hack in Ireland?
Fraudsters have now shifted from large-scale hacks to more-focused attacks—on businesses also. In 2020, the total number of data breaches dropped by 19% compared with 2019, according to the Identity Theft Resource Center. The ransomware strategy, through which criminals encrypt data on a network computer and then demand that you pay for a key to decrypt it, received much attention after hackers forced down Colonial Pipeline in the USA, a major supplier of petrol and jet fuel, causing panic. A similar attack was made on the HSE in Ireland, but we know little about how this was resolved.
Consumers still have plenty of reason to stay on guard in their personal lives, too. Identity thieves haven’t given up on data breaches. Plus, your PPS number and date of birth are unchanging bits of information that criminals can use years after stealing them to carry out crimes such as opening a new credit account or filing a tax return in your name. And crooks continue to capitalize on current events—especially those involving health, the economy, COVID and disasters—to wring money or personal information from victims, says Adam Levin, founder of identity-protection service CyberScout. Increasingly, criminals are contacting consumers directly using scams designed to draw out personal information, and victims now often recall the moment they interacted with a criminal text, call or e-mail, rather than having no idea how their identity was stolen, according to Javelin Strategy & Research.
We are outlining below some of the precautions you should take to avoid being caught out.
Phishing schemes
The problem:
Through e-mails and text messages, criminals contact consumers and pose as legitimate institutions—say, the Revenue, the Dept of Welfare, a bank or a well-known business—in attempts to gain personal information or money. You may, for example, receive a fake e-mail requesting that you provide your credit card information to continue receiving service from a utility or other entity or advising you to click on a link to reset your account password.
How to protect yourself:
Make sure you know the signs of a phishing e-mail or text message. Less-sophisticated attempts aren’t terribly difficult to spot—they often include spelling and grammatical errors, use a formal or generic greeting, and attempt to invoke a sense of urgency for you to take action. Even if an e-mail looks legitimate, check the sender’s e-mail address; if the domain doesn’t seem to match the business from which the message claims to originate, or if it’s from a personal service such as Gmail.com or Yahoo.com, the e-mail is likely fraudulent. Look closely at a domain that appears genuine at first glance, too—it may, for example, include the number zero where the letter O should be.
Common Scams currently
An Post:
You may receive an email that purports to be from An Post, looking for a small amount of duty to be paid on a package of indeterminate origin. The emails look VERY convincing and have the Logo and colours correct. DO NOT follow the links.
Bank/Paypal:
Your account has been restricted due to suspected fraudulent activity” is the most common of these. The emails will have the correct logo, but if you hover your mouse iconover the Internet Address of the sender (sometimes just shows as PTSB/Bank of Ireland, etc), you will find that it does not originate from the correct email address. Sometimes you are unable to see this on your phone – switch to a PC or laptop to be certain. Your banks will not contact you by email or ask you to enter your full PIN.
Text:
You can get a Text claiming there is a package awaiting delivery, and to follow the link for more details. Do not follow the link – log in to the carrier or vendor website if you are expecting a package and trace the carrier from there. If there is an import fee due, the carrier or courier will contact you giving details of your order when asking for you to pay.
Phone Calls:
There was a spate of calls from Irish Mobile numbers where, if you answered, you were greeted by a recording staring you were being investigated for revenue fraud, or something similar. These are designed to scare enough people to pay up, and are done by criminals ordering phone numbers online and automating calls. They do not have to be in Ireland to do this, but authorities have been putting pressure on the carriers to spot and block many of these.
Stay Aware!
Written by Joe Carroll, Client Services Manager, Clevermoney