In the wake of the meltdown at TSB and the harvesting of personal information from Facebook, people are increasingly nervous about managing their finances online.
Here, The Mail on Sunday looks at how safe our data is and what we can do to protect ourselves from scams and fraudsters.
Data security: Often, just a few details – including a name, address and date of birth – are enough for someone to steal your identity and maybe take out a credit card in your name
ACT ON NEW DATA PROTECTION LAW
A shake-up of data protection rules is being introduced this month aimed at changing the way companies handle personal information given to them.
Under a new ‘general data protection regulation’, it should be easier to control how our details are shared. This includes financial facts – such as where we bank, our account numbers and sort codes.
It also encompasses other personal information, including our shopping habits, medical records, email addresses and information that tracks where we are.
In the internet age many companies keep such information – profiting from selling it to other interested parties and using it for targeted advertising.
The new European Union backed laws are rolled out in just under three weeks’ time to replace the Data Protection Act 1998. The old rules, designed to ensure private information could only be used for ‘specific and stated purposes’, has proved ineffective.
Under the new regime, customers will have the right to insist firms do not hold or share information – even if you had earlier authorised it when ticking a terms and conditions box. You can also demand information is permanently erased.
Threat: Facebook users’ data has been harvested
Colin Tankard, of Harlow-based data security company Digital Pathways, says: ‘People need to realise how sharing any personal information makes them vulnerable to fraud. Now you will have the right to object to any such sharing, even if you previously gave consent.’
Some firms, such as Facebook, are playing hard ball. It has said it will ask customers to opt out if they do not want personal information shared or held.
Lisa McCarthy, of the Information Commissioner’s Office – a Government-backed body that aims to uphold privacy rights – says: ‘Personal data includes everything from names and addresses to medical records, religious beliefs and political opinions. The new rules build on previous legislation so information held by organisations can be erased in certain circumstances if that is your wish.’
ACTION PLAN: Do not tick any box allowing details to be shared if you wish your information to stay private. If you believe you have been victim of a data breach contact the Information Commissioner’s Office on 0303 123 1113.
BE VIGILANT WITH PERSONAL DETAILS
To fend off online burglars or a cyber-attack you should first ask yourself what a criminal wants. Often, just a few details – including a name, address and date of birth – are enough for someone to steal your identity and maybe take out a loan or credit card in your name.
Paul Giles, of banking trade body UK Finance, says those living in a block of flats with shared post boxes are particularly vulnerable to having personal information stolen. Thieves also use social media to discover dates of birthdays or when people are on holiday. Prying eyes on the high street can also result in PINs and card details being stolen.
He says: ‘Regularly check bank statements for any suspicious payments. If you discover any, contact your bank immediately.’
Giles also warns people of the danger of unsolicited calls, texts and emails. For example, if someone over the phone is asking to double- check your bank details – often by claiming you may have been a victim of fraud – simply ignore them.
ACTION PLAN: Resolutely refuse to share bank information to cold-callers – even if they claim to be on your side. Do not reveal personal details on social media websites.
Internet crime: So-called ‘phishing’ is a common email scam
LEARN TRICKS OF THE FRAUDSTER’S TRADE
Despite concerns over high-tech hacking – including attacks masterminded by Russian spies – most internet crime can be combated.
So-called ‘phishing’ is a common email scam. This involves crooks tricking people into handing over key personal banking information in the hope of then draining your bank account of money.
Variations include vishing (scam phone calls) and smishing (mobile text messages). Some fraudsters manage to download ‘malware’ – malicious software – on to people’s computers, enabling them to read login details for bank accounts.
Such activities need not keep you awake at night but do require you to be suspicious of anyone contacting you out of the blue. No matter what they say never give out a password or transfer money. Being vigilant is also key because high street banks rarely offer compensation if you have inadvertently authorised a payment that turns out to be fraudulent.
But a new ‘confirmation of payee’ bank safeguard is being rolled out before the end of the year. This will mean that anyone authorising payment from your bank account will have to prove they are who they claim to be.
ACTION PLAN: Never share a password or transfer money to someone who contacts you out of the blue – by phone, online or in person. Contact your bank immediately.
KEEP GADGETS SAFE FROM VIRUSES
Modern technology offers some great time-saving devices and high-tech gadgets, but they are prone to hacking. Once a cyber-criminal gets into your computer they can use malware that reads or destroys personal information.
It comes in a wide variety of forms – from ‘worms’ that infect computers to Trojan horses when software looks perfectly innocent but hides a criminal intent.
Not just computers: Your toaster too can be hacked by criminals
A fraudster can also use ‘ransomware’ so that they can demand money to avoid data being destroyed or shared – and ‘spyware’ to watch you online.
Colin Tankard, of Digital Pathways, says there is basic free anti-virus software available to detect potential cyber-attacks. Special software can also be bought. Among anti-virus software he recommends – free or paid for – are packages from Avira, Sophos and McAfee. Other providers include Bitdefender and Norton.
It is not just computers, smartphones and wi-fi that criminals use to hack into the home.
Tankard says: ‘You would be amazed at how inventive criminals can be – hacking toasters and computer games.’
He explains that the latest toasters can be hacked by criminals to discover your wi-fi password.
There have also been cases of burglars secretly watching and listening to what is going on in a person’s home through malware in games downloaded on to a computer.
Tankard also warns against using public wi-fi for transactions such as banking as they are easy to hack.
ACTION PLAN: Install anti-virus software on to your computer. Be aware most high-tech gadgets can be hacked.
SEEK SUPPORT TO TACKLE FRAUD
Help: Rachel Almeida, charity Victim Support
Public body Action Fraud is worth contacting if you are a victim of fraud – but it provides more advice than help in finding financial criminals. In truth, it is a buffer for police forces inundated by calls and only passes on cases if it feels there is something that can be done.
Many financial institutions pass the buck and encourage victims to contact Action Fraud – washing their hands of responsibility. But do not let them off the hook. Demand that they look into fraud and if they are unhelpful complain to the Financial Ombudsman Service. Also, contact the police directly.
Emily Boneham, of Action Fraud, says: ‘We assess any reported fraud and the viability of it being investigated by police. We pass on information if we believe it can be pursued.’
The charity Victim Support recognises that many fraud victims feel frustrated by the lack of redress – accentuating any anxiety caused by the crime. Spokeswoman Rachel Almeida says: ‘Victims of fraud often feel embarrassed and ashamed. We are able to provide specialist emotional support as well as practical help.’
ACTION PLAN: Victims should immediately contact their bank and the police with details of any suspected fraud. Get extra help from Action Fraud and Victim Support.
BRACE YOURSELF FOR A BANK SHAKE-UP
New ‘open’ banking rules have been introduced this year that could provide fraudsters with yet more opportunities.
Major banks are being forced to share customer data with other firms – part of a ‘second payment services directive’ from the European Union.
The idea is to make banking more competitive and easy to use, but it may also provide opportunities for scammers.
For example, a social media website could use your bank account details to transfer money to a friend under the new legislation – adding convenience but also increasing the risk of fraud.
The idea is that eventually we might be able to manage multiple accounts – for example a bank account, an insurance policy and a savings plan – from one place.
ACTION PLAN: Do not opt into ‘open’ banking until it has become more established and has been proven to be safe.
Secret code to storing all your passwords
GET HELP TO REMEMBER
Memory man: Dominic O’Brien has a strategy for codes
The curse of the forgotten password often strikes at the worst moment, just when you need it for paying a bill or making a website booking.
The temptation is to rely on easy-to-remember codes, perhaps using the names of pets or children. But such passwords are easy to crack by fraudsters who know most people use one code for all accounts.
Dominic O’Brien is eight times World Memory Champion and is included in the Guinness Book of Records for memorising the sequence of a record 54 packs of playing cards. He has no problem keeping hundreds of complex passwords in his head.
He says: ‘The secret is to use your imagination – ideally including a location and an odd situation so that an image stays stuck in your mind. It can help by turning shapes in an image into numbers.’
For example, he says if you want to remember a bank PIN number, you could visualise visiting your bank. Opposite this bank is a lake with two swans on it – each shaped like a ‘2’. You are seeing the bank manager at Christmas to ask for extra cash and he is dressed as a snowman – shaped like the figure ‘8’. The reason you have gone is that you have no money – ‘0’. From such a vision you can then create PIN ‘2280’.
ACTION PLAN: Ditch easy-to- crack codes. Instead, use your imagination – turning pictures in your mind into passwords.