Tips on avoiding fraud and scams
We often advise customers on staying safe in the real world but these days, we all have to watch out for criminals in the virtual world. So much personal information exists out there and criminals are getting smarter in the ways they manage to get to your money.
We bring you tips and advice on how to avoid becoming a victim of identity theft, cybercrime and phone fraud scams.
Mobile phone scam: ‘WhatsApp update’
Earlier this year, the ‘WhatsApp scam’ made headlines, where hundreds of the mobile messenger’s users were tricked by scam SMS messages, which said “you have not updated to the latest WhatsApp Add-ons”. The SMS prompted the user to ‘click’ – or press in the case of a smartphone – on a link.
Unsuspecting victims activated the link, which opened up the phone’s web browser to a page with a big green button that said ‘continue’. Users didn’t notice the fine print at the bottom of the web page, which details how the service will deduct R7 per day off their phone bill. Left unnoticed, this added over R200 to your phone bill per month.
- If you are unsure of an SMS message, rather don’t click on any links.
- Speak to your mobile network to see if they have ways of preventing you from signing up for a service you don’t want.
Email phishing scams
Email is still a popular way to trick people into giving out all sorts of information they should be keeping private.
Typically you would receive an email that looks ‘official’ – it has the right logo (e.g. your bank’s, SARS, Facebook, Dropbox), sender address (e.g. firstname.lastname@example.org) and might use your first name. It will then ask you to reset your password or warn you of suspicious activity on your account. This article shows you how to study a potentially suspicious email.
Even if you are savvy enough not to enter information on a suspicious web link, if you accidentally click on anything – say a web link, then leave, or an email attachment – spyware may be installed on your computer. One type is key-logger software, which records everything you type on your keyboard. This, of course, includes things like your banking password and confidential emails.
With identity theft on the increase, experts recommend that you conduct a credit check on your name at least once a year to check for any unusual activity. TransUnion, for example, offers an annual credit report check that includes SMS or email alerts if there are any transactions (e.g. loan applications) in your name.
The latest cybercrime threat to watch out for is ransomware – a new version of malware that virtually holds your computer hostage until you pay a ransom amount. Typically, you will receive an email from a familiar contact – a friend or colleague – with a zip file attachment. NEVER click on this. If you do, a rogue computer code will spread through your computer and could even get into your physical or cloud back-up (such as Dropbox or One Drive).
Next time you switch on your computer, your files will appear locked or erased, and a message will give you 72 hours to respond with a ransom amount. If you think you might be infected, immediately switch off your machine and seek professional IT help.
- Before you click a link, hover your mouse over the button. This should display the URL that you’re about to visit. If it looks fraudulent – say, companyname.something.com – rather delete the email.
- Turn on fraudulent site warnings in your web browser. Also be sure to make use of regular browser updates as these will include the latest security updates.
- Always use the latest version of any of the major mobile browsers like Chrome, Safari, Firefox or Opera.
- Register for SMS notification services from your bank.
- Never access your online banking from an email. Always type in the address in your browser, and check for the security padlock symbol in the address line.
- Choose strong passwords and use different passwords for different accounts.