Over-50s finance: How to avoid the big phish
Charlie Weston on protecting yourself from online financial fraud
PROTECTING against computer and internet-based fraud and financial exploitation are key concerns for everyone - but especially those over the age of 50.
Banks are pushing more and more of us online and away from face-to-face customer-service desks. But those unfamiliar with technology risk being left behind, and are more open to being scammed.
Lack of familiarity with internet security and scams such as 'phishing' and 'spoofing' can dupe people into giving out personal financial information, according to Frank Conway, the founder of MoneyWhizz.org, a financial education initiative.
Phishing scammers create authentic-looking emails, text messages, and internet pages in order to entice their victims to disclose financial information such as credit card details, bank or credit card account numbers, personal identification numbers (PINs) and personal public service (PPS) numbers.
The messages may appear to be from organisations you do business with, such as your financial institution, Mr Conway says.
They may threaten to close your account or take other action if you don't respond. The senders are 'phishing" for your private account information so they can use it to commit fraud or identity theft against you.
"Spoofing" scammers disguise an email address to look like it is coming from someone else. For example, you may receive an email that looks like it is coming from a friend who needs immediate funds to cope with an emergency.
Take these precautions with your personal computer to reduce your risk of a computer/internet attack:
• Do not email financial information or account numbers. Email is not a secure method of transmitting personal information.
• Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses (or other malware) that can compromise your computer's security.
• Use passwords that will be hard for hackers to guess. For example, use a mix of numbers, symbols and letters instead of easily guessed words.
• Shut down your PC when you are not using it.
How to respond to a phishing or spoofing attack
Even if you use security software, chances are that some questionable messages will get through. Some of these messages look very realistic. Mr Conway has the following tips for protecting yourself:
• Do not open any message that comes from an unfamiliar source. If you open a suspicious message, delete it.
• Delete email and text messages that ask you to confirm or provide personal information). Legitimate companies never ask for this information via email or text.
• If you are concerned about your account or need to reach an organisation that you do business with, call the number on your financial statements or on the back of your credit card or in the telephone book. Do not call the telephone number the caller or spoof website provide.
• If you receive an email that looks like it is from a friend or relative asking you to send money, call to verify that the email really came from them.
Victims of phishing can become victims of identity theft, Mr Conway says. Identity theft occurs when thieves steal your personal information (such as your PPS number, birth date, credit card numbers, personal identification numbers, or passwords). With sufficient information, another person can become you and use your identity to commit fraud or other crimes.
If you might have been tricked by a phishing email, act promptly to avoid financial loss or damage to your personal credit rating.
How to avoid identity theft
• Protect your PPS, credit card and debit card numbers, PINs, passwords, and other personal information. Never provide this information in response to an unwanted phone call, fax, letter, or email, no matter how friendly or official the circumstances may appear.
• Be mindful of those who may be "shoulder surfing" (trying to look over your shoulder) while you use the ATM, and seeking to steal your PIN.
• In case your wallet is lost or stolen, carry only the identification you really need: cheques, credit cards, or debit cards. Keep the rest, including your PPS, in a safe place.
• Keep your financial rubbish "clean". Thieves are known to pick through rubbish looking for pieces of paper containing PPSs, bank account information, and other details they can use to commit fraud. Before tossing out documents that could hold valuable personal and financial information, destroy them, preferably using a shredder.
• Keep a close watch on your bank statements and credit-card bills. Monitor them each month and contact your financial institution if there is a discrepancy in your records or if you notice something suspicious, like a missing payment or an unauthorised withdrawal.
• Review your personal credit report annually (a copy can be purchased for €6 from ICB.ie) and report suspect/fraudulent activity. Review your credit report carefully for warning signs of actual or potential identity theft. For example, items that include mention of a credit card, loan, or lease you never signed up for, and requests for a copy of your credit report from someone you do not recognise could be a sign that a con artist is snooping around for personal information.