Alexander Forbes has warned members of the public to be on the lookout for increased incidences of fraud through impersonation and phishing.
Nuno Duarte, Group Information Security Officer at Alexander Forbes said these types of cyberattacks were happening regularly across the financial services industry. “Everyone needs to have basic security in place to protect your emails. As a minimum – multifactor authentication or two-step verification, which is offered by email service providers. This means you login to your email you have to enter a code which is usually SMS’d to you,” Duarte said.
If your email account has been hacked, disabling it will prevent hackers from using it to commit fraud. “Changing your password is a critical first step, but will not prevent the account from being compromised again.”
Duarte recommends that the compromised email account be disabled and shut down, and a new one created. This action may sound drastic, but it is the right thing to do. “Fraudsters could have changed background settings, recovery questions and email addresses, or set rules to enable them to receive or hide emails arriving in your account. This would enable them to continue monitoring your emails or even to take over your account again.”
There has also been an increase in impersonation attacks, “where someone acts as if they are a member of a financial institution and emails you, requesting that you make a transfer of funds into a bank account”. Duarte cautions that people validate any banking details before making transfers, to avoid accidentally paying money into fraudster’s accounts.
While phishing attacks are now quite well known, the latest are “vishing” attacks. “This is when a fraudster phones you and tries to convince you they are someone you trust, or from an organisation you trust, and after gaining your confidence, obtains access to your money.”
Duarte said members of the public needed to be constantly on the look-out for con-artists. “Be aware this form of fraud can happen to you, not just other people.”