Tuesday 22 August 2017

How to protect yourself from a hack attack in the digital age

Fraudsters are becoming more advanced in the technologies they're using to steal your information, but there are safeguards you can put in place, writes Sinead Ryan

Hillary Clinton may be facing an uphill battle as she heads into the final days of her presidential campaign. But she's not the only one who needs to worry about the hacking of emails. Every one of us is in danger from that, and more.

Whether it's your bank account being compromised, email phishing, or your identity being stolen, new technology is advancing at a far greater speed than the means to control it. Cyber attack has become an everyday occurrence and the worst thing is that most of us don't even realise when it happens.

At its most harmless, your social media account details can be accessed and passed on to sources who will just end up spamming you with unwanted products.

Those random pages you click on Facebook, for instance - the cute, sick child whose mom believes 100,000 hearts will save her baby's life? They won't. It's probably a generic image run off an account by a spotty teenager in South Korea. His mission? To pass along a 'database' when it's reached critical mass to sell. Real moms of sick babies are too busy attending to them in hospital to manage thousands of followers.

What about a 'giveaway' from Apple for the latest iPhone for the lucky 'few' who like and share? Not a chance. That's not what's made the tech giant the richest business on the planet, but it's certainly how the rogue operators run theirs.

A more sinister approach is the phishing email. This is an attempt to acquire sensitive information such as username, password and credit card details by masquerading as a trustworthy organisation like Revenue, or your bank.

You have won a 'prize', are due a 'refund' or are being threatened with an 'invoice' or cancellation of service. Invariably, it asks you to click on the link or attachment and may look extremely convincing with correct logos and appropriate language.

Never click through. If you feel it might be real, open a new tab, go onto the official website yourself and check it out from there. Delete the rogue email without opening it and empty your spam box regularly.

A step up, and your credit or debit card is skimmed. This can happen in any number of ways. The most common is when you're abroad, and hand it over in a restaurant to pay for a meal. The 'waiter', who is in on the scam, swipes its details in a fake scanner, before taking the valid payment.

A dodgy ATM for a legitimate bank might have been tinkered with, a false 'insert' plate cleverly placed over the real one, scans your card, stealing all its details to be used by thieves later on. By the time you notice, it's too late; it has already been copied hundreds of times.

Even carrying your humble debit card in your wallet on the Luas can lead to theft. 'Contactless cards' can potentially be skimmed and the contents stolen. It's not the €30 limit you need to worry about; it's the stealing of your name and number via the e-signal.

Banking expert Frank Conway of MoneyWhizz says he never goes anywhere without a foil-lined cover on his cards to prevent this. "The newest generation of RFID cards transmit an encrypted, one-time security code alongside the card number and expiry date to authenticate each transaction. A fraudster scans the RFID card dozens of times in a public place in a matter of seconds, without the cardholder knowing, and captures the security codes that the card transmits.

"A cloned card is then programmed to 'replay' those codes at a store's payment terminal. The credit card company would only catch on to the fraud when the real cardholder tried to make a subsequent contactless purchase with a security code that had already been used by the scammer," he says.

The good news at least is that if your debit or credit card is compromised fraudulently, banks are obliged legally to refund you any loss, which is why they take security and fraud detection so seriously. However, they can make you jump through hoops for it, especially if they believe you were careless, for example having your PIN number with your card.

In reality, this is difficult for them to prove, so they prefer to keep an eye on all transactions. If they believe yours to be dodgy, they'll text or email you, or, in some circumstances, stop your card without telling you. It's annoying, but for your own good.

How to protect yourself: apps and devices

Europol has some advice for people who want to avoid getting scammed via their mobile device.

- Install apps from trusted sources only. This means checking out elsewhere (Google, boards etc) if the company/publisher is valid. Check reviews and ratings from users. Read the app's permissions - what are you giving them access to?

- If you make a payment for a product or service, log out of the site immediately afterwards; don't just close the browser.

- Never save usernames or passwords in your mobile browser or apps.

- Don't bank or shop online using public Wi-Fi connections. Your details can be 'overheard' by a scammer.

- Don't allow apps to use your location services unless they need to and turn it off afterwards.

- Back up your data. It means you can easily restore your personal data if the device is ever lost or stolen.

- Install a mobile security app if one is available. It detects and prevents malware, spyware and malicious apps, alongside other privacy and anti-theft features.

Irish Independent

Editors Choice

Also in Life