News Old

Malware is a new word created by the tech industry, which describe a certain class of malicious applications that play havoc with our computer systems and mobile devices.

Similar to spyware or adware, malware is a particular type of tool used by cybercriminals to gain access to your computer to make it perform a function that is often aimed at stealing your personal identity.

Protecting our devices and sensitive information against malware attacks is a complex procedure. Going back twenty years, the computer literate could follow pretty simple instructions to delete bots and remove viruses from sub-folders. This has just made the cybercriminals to step up a gear to make advanced malware tools that are becoming harder and harder to detect.

Malware is now designed to hide in seemingly innocent directory folders where they set about creating their own web portals that can devastate your system and even reproduce your data stored in the cloud.

Malware is designed to spread

These viruses will make your PC automatically run through the instructions giving it access to other computers via a network or by attaching to a shared file. Once the infection has set in these file can be corrupted and even erased.

Malware can also attach itself to a device’s processing system much like a parasite.

Browser hijacking malware

These malicious viruses affect the programmes used to access web pages. You can experience browser hijacking in a number of ways:

• You notice your default home page has changed
• Your default search engine has changed without you instructing it to. If your default is Chrome, for example, and suddenly you are redirected to Ask Jeeves, then it is likely that your browser has been burgled.
• There is a sudden appearance of pop-ups
• There is a redirection to web sites unknown to you
• The loading of website pages becomes slower

Adware

The sudden arrival of various kinds of adverts in the form of alerts or pop ups is from the malware family and known as adware. By clicking on these you could be tricked into downloading unwanted programmes or be unaware of the fact that you are bookmarking this or saving it to your favourites.

This type of malware is used to prompt your web browser to display adverts not posted to websites you visit. If your computer has been attacked by malware of this sort. You will be plagued with unwanted pop-ups and alerts whenever you access any website. These will have nothing to do with the subject matter of the site. Adware is not as bad as spyware, but it is still not an ethical practice.

Spyware

Spyware is used to monitor and track your computer activity. Once a pattern has been ascertained your personal information, along with thousand of others, will be sold as a batch of IP address traffic or browser history. Beware, because not only will your files be compromised, images and even webcams can be accessed.

Malicious files

These usually arrive in via your in-box in the form of emails that encourage you to open them. Cyber crooks will lure you in with red flag warnings such as telling you your computer is at risk or emotional, seemingly personal subject matter such as “I am sorry, can you forgive me?”. Opening these can lead to the perpetrators taking over your device.

While the UK struggles to make progress towards the digital transformation many experts say it needs to ensure a secure, prosperous future for its citizens, other countries around the world are proving more decisive. Adoption of “foreign” technology, as well as concerns over civil rights and liberties, have been cited as possible obstacles to progress in this area among different groups within the British polity.

Perhaps for reasons of culture and history, some nation states adapt to and adopt change more quickly than others. As a recent international conference has shown, in the field of online digital identity verification, four countries in particular are making great strides in embracing this technology; to the benefit, as their leaders see it, of their states, businesses and citizens.

International cooperation during the pandemic

October 2020 saw a Global Government Forum on digital ID. This was, of course, a webinar; apart from other logistics involved in organizing such a forum in person, the global Covid 19 pandemic made any possibility of this redundant. Nevertheless, the forum went ahead. It was a meeting between an IT provider and leading civil servants from the governments of Germany, Norway, Estonia and Singapore.

If this collection of countries seems rather unlikely, that is not surprising. The first three territories lie in northern Europe, the fourth in south east Asia. Germany is the world’s fourth richest country, Estonia the 21st. Norway has a population density of 15 people per square kilometre, Singapore 8,358. There are many other factors which divide this collection of nations and economies, but one which unites them; E-Government.

In fact, Estonia ranks in the top three of the UN’s E-Government survey. It, along with other countries including Singapore, is showing the way forward in incorporating digital transformation as a mainstream national economic strategy, post-pandemic and into the 21st century. Crucial to these strategies is the adoption of online digital ID verification.

Relative ease of implementation

Estonia and Singapore have advantages over other countries in terms of implementing national digital ID systems. In Estonia, for example, the collapse of the Soviet Union and the Eastern Bloc in the early 1990s meant that the national government was able to start from scratch in many ways. One of these was in using technology to develop the country’s economy as quickly as possible.

Singapore, meanwhile, is defined by its island geography, and is a self-contained nation state. With tight control over its borders, who is allowed to cross them, why and when, the establishment of a digital national ID system presents far fewer problems than in many nation states. Singapore is also a leading financial services provider, and an IT innovator in its own right.

Success stories

Both Estonia and Singapore have used digital ID as a means of making their citizens’ lives easier, government more efficient, and businesses more profitable. For its part, Norway is looking to streamline a national digital ID scheme with its banking system; this has already seen a 92% adoption rate among its citizens. The German government, meanwhile, is hurrying to adopt digital ID before businesses within its own borders do just that, at a huge profit.

Identity theft is the crime of obtaining the personal or financial information of another person to use their identity to commit fraud, such as making unauthorized transactions or purchases. Identity theft is committed in many different ways and the end result is that victims are typically left with damage to their credit, finances, and reputation.

Identity theft occurs when someone steals your personal information and credentials to commit fraud.

There are various forms of identity theft, but the most common is financial.

Identity theft protection is a growing industry that keeps track of people’s credit reports, financial activity, and Social Security number use.

Understanding Identity Theft

Identity theft occurs when someone steals your personal information—such as your Social Security number, bank account number, and credit card information. Identity theft is committed in many different ways. Some identity thieves sift through trash bins looking for bank account and credit card statements. Other more high-tech methods involve accessing corporate databases to steal lists of customer information. Once they have the information they are looking for, identity thieves can ruin a person’s credit rating and the standing of other personal information.

Identity thieves increasingly use computer technology to obtain other people’s personal information for identity fraud. To find such information, they may search the hard drives of stolen or discarded computers; hack into computers or computer networks; access computer-based public records; use information gathering malware to infect computers; browse social networking sites; or use deceptive emails or text messages.

Victims of identity theft often do not know their identity has been stolen until they begin receiving calls from creditors or are turned down for a loan because of a bad credit score.

Types of Identity Theft

There are several types of identity theft including:

Financial Identity Theft

In financial identity theft, someone uses another person’s identity or information to obtain credit, goods, services, or benefits. This is the most common form of identity theft.

Social Security Identity Theft

If identity thieves get a hold of your Social Security number they can use it to apply for credit cards and loans and then not pay outstanding balances. Fraudsters can also use your number to receive medical, disability, and other benefits.

Medical Identity Theft

In medical identity theft, someone poses as another person to obtain free medical care.

Synthetic Identity Theft

Synthetic identity theft is a type of fraud in which a criminal combines real (usually stolen) and fake information to create a new identity, which is used to open fraudulent accounts and make fraudulent purchases. Synthetic identity theft allows the criminal to steal money from any credit card companies or lenders who extend credit based on the fake identity.

Child Identity Theft

In child identity theft, someone uses a child’s identity for various forms of personal gain. This is common, as children typically do not have information associated with them that could pose obstacles for the perpetrator, who may use the child’s name and Social Security number to obtain a residence, find employment, obtain loans or avoid arrest on outstanding warrants. Often, the victim is a family member, child of a friend or someone else close to the perpetrator. Some people even steal the personal information of deceased loves ones.

Tax Identity Theft

Tax identity theft occurs when someone uses your personal information, including your Social Security number, to file a bogus state or federal tax return in your name and collect a refund.

Criminal Identity Theft

In criminal identity theft, a criminal poses as another person during arrest to try to avoid a summons, prevent the discovery of a warrant issued in their real name, or avoid an arrest or conviction record.

The unprecedented events of 2020 have led to a number of developments in the United Kingdom, many of which will be with its citizens for years to come. Social distancing, remote working and self isolation have highlighted some of the benefits of digital transformation for individuals, businesses and the state. However, it is fair to say that the issue of technology and how people use it – and vice versa – is proving to be a thorny subject for the UK’s government.

For those who see online ID and documentation checking as a positive way forward for modern societies, some of the developing situations in Britain will make for disturbing reading. How successfully the government manages the digital economy and society in the coming months could be pivotal for many reasons.

IT’s high profile during lockdown

From the implementation of a national lockdown in the UK in March of 2020, the role of IT, the internet and telecommunications assumed an even greater significance than it had held already. With the closure of educational establishments, in particular, remote learning became the only way most students could receive any teaching. On top of this, the UK’s population were told to work from home wherever possible.

Zoom made its debut into the lives of millions of Britons. From parliament to virtual family get-togethers, this proprietorial piece of software and its boxes became a fixture of national life. As such, Zoom represented a positive contribution which IT could make to normal people’s lives.

At the same time, however, other promised IT-based developments had the opposite effect. In particular, the failure to initiate any kind of track and trace system, as successfully adopted early in other countries, became something of an issue. When the government then held a failed trial on the Isle of Wight, this blow to confidence in IT was compounded.

Concerns over data use

Whatever the perceived merits of IT among the British public, its merits are being promoted by the government. There have been announcements in the press about a desire to introduce a UK-wide digital identity system, to help both during and after the pandemic. With such a system, for example, it is argued that owners of pubs and restaurants will be able to instantly verify a customer’s age.

Civil liberties groups, however, are far from convinced that a national digital ID scheme is either desirable or practicable. They cite examples of abuses both in the UK and abroad. In 2019, the UK government was forced to apologize to EU citizens and its own Windrush subjects for data breaches. Elsewhere, a breach in India in 2018 led to the details of many millions of its citizens being leaked via an insecure ID card.

Careful management needed

There are many examples from across the world where secure, online digital ID verification makes a huge contribution to society and economies. This situation should be possible in the UK going forward, as the country has both the expertise and resources either in place or within reach. How the government negotiates its way through the end of lockdown restrictions and into a “new normal” could define how – or if – the UK is able to harness this technology.

Personal identity theft will almost certainly have a negative effect on your finances, but the other consequence from this criminal act is the impact it has on your mental health.

Online racketeering can leave you penniless, have you falsely arrested because of criminal identity theft or have bailiffs hammering on your door demanding payment for a loan taken out in your name.

As a result of this financial blow comes an impact on your mental health, an aspect of cybercrime which is often overlooked.

Financial

Financial complications caused by personal identity theft can last for months. If the cybercriminal has gained access to your personal details and has emptied your bank account, there is a chance your institution will not reimburse you.

So, never:

• provide your bank details to a caller or in an email from someone claiming to be from your bank or the police. If you willingly provide these details, your bank is unlikely to reimburse you.
• give a stranger your password or security codes to your accounts

And always:

• report any suspicious activity on your account to your bank’s fraud team
• freeze your account by calling the bank immediately once you realise your card has been stolen
• call your mobile phone provider and block your phone immediately if it has been stolen.

A sound credit rating is important to all of us and if the thief has taken out loans in your name then it might take months to restore your good credit. This could have a huge financial impact on those of us who are planning to apply for a mortgage or need to take out a loan ourselves due to unforeseen circumstances.

Emotional

Financial loss is one thing, but with personal identity theft often comes an emotional consequence that can take years to overcome.

Cybercrime victims are almost always traumatised to some degree when not only have they been robbed, but a myriad of emotions ranging from annoyance and anger to depression and guilt.

The emotional impact on the victim depends on the level of cybercrime. Some people might feel initial shock or annoyance, followed by anger, while others take the invasion of privacy far more seriously and experience anxiety and depression.

Guilt is a common emotion following many a cyberattack. If the victim was duped into providing personal information that led to the crime, they will feel that they should have known better. If the crime has a financial impact not only on the invidual, but a family or an organisation, the victim will experience all the more guilt.

If personal slurs have been put about on social media under your name, then this type of personal identity theft can have a devastating effect on your mental health. This type of acrimonious activity could be aimed at ruining your reputation and clearing your name is going to take time.

If you are a victim of a cybercrime of any sort the UK’s Cyber Helpline can offer a range of advise and support to help you through your dilemma.

From breaking into our bank accounts to bypassing our passwords, we are becoming increasingly familiar with the unpleasant effects of identity theft.

In the USA alone, losses of about $1 billion are registered every year relating to identity theft.

There are ways of keeping on top of your personal online security and it is important to keep up to date with the latest in cybercrime.

Enticing offers

Think twice about clicking on an advertisement pop-up or even filling out a form without reading the terms and conditions carefully. Even normal browsing activities like clicking on an enticing ad or filling out a form for downloadable content can lead to online identity theft when users don’t know what to look for. Keyloggers can be overlaid on seemingly legitimate banking or investment apps and intrusive tracking procedures can be signed off on by users who fail to read terms and conditions notices carefully.

Downloading files

Check that the site you are downloading from is secure before downloading any files. The main files to avoid are ones with extensions ending in exe, scr, bat, com or pif. Double extensions such as a file ending in exe.gif are dangerous too, so don’t download a file ending in either of these.

You can also validate a file’s digital signature by clicking on the publisher link in the security dialogue box when you first download a file.

Clicking on pop-ups

Pop-ups are small windows that appear over the top of web pages in your internet browser and although not all are bad, some can be devastating, delving into your data and wreaking havoc with your personal details.

Pop-ups that are up to no good often include a button that prompts you to close or cancel it, but this doesn’t mean it is going to dismiss the pop-up. Instead, it could trigger another pop-up or even download a virus. Most of us have the facility to block pop-ups on our computers and we should check that this is in place if we keep getting pesky and suspicious alerts.

Some don’t come from websites but from malware or a Trojan Horse that has been secretly installed on our systems. If you discover this and you use the computer for banking and online shopping, then change all your passwords immediately and have the computer thoroughly cleaned by using good security software.

Opening email attachments

Email attachments can carry potential dangers, especially if the email that arrives in your inbox is one you don’t recognise. Don’t be tricked into opening up an attachment even if it is marked “urgent”. In the click of a button your personal online identity could be compromised.

Using information taken from an initial email, cybercriminals can combine seemingly innocent pieces of data like an IP address and the software version you are using to send a more convincing email in the hopes that it’ll grab your attention. This is known as bait mail.

Your spam mail monitor should be reducing the risk of you opening a phishing email, but if by chance one escapes the net and lands in your box, then don’t open it or any of the attachments that come with it.

Posing as someone else is so much easier in this age of high technology with computers and mobile devices used to intimidate or dupe victims.

This is known as cyberbullying and while adults have their fair share, children are the ones who are most likely to feel the brunt of this harmful hectoring.

It is estimated that a staggering 75 percent of our teenagers have little or even no parental supervision while they are online. It is this lack of control that has made cyberbullying a type of abuse that can have catastrophic results such as teen suicide.

It is unrealistic for adults to be expected to be there at the computer or every time our children use their mobiles. There are ways, however, we can play our part in identifying and educating our youngsters when it comes to cyberbullying.

Spread the word

The best way to out cyberbullies is to share examples of their behaviour. Teachers often use role playing as an effective way of getting the message across. They encourage their pupils to come up with examples of what they perceive cyberbullying to be and then the class is expected to come up with solutions to this.

If your child has become a victim of online bullying, don’t hesitate to let the school know. Schools take bullying in any shape or form very seriously and will have tools in place to deal with this. Teachers, likewise, should alert parents and the headteacher if they come across this type of abuse.

Make regular checks

As we mentioned, we can’t be all places at all times and that there will be periods where your child will have unsupervised access to a computer or a mobile phone. This doesn’t mean to say you don’t implement any sort of controls. You can be aware of what they are doing online by keeping the computer screen where you can see it. Having a laptop, tablet or computer in a teen’s bedroom is not ideal. If possible, create a specific area for them to study.

Get in the know

Make it your busines to know what social networks your child subscribes to. If they are on Facebook, for example, make sure you show them how to block a user, report any abuse and set their own privacy controls. Warn them not to “friend” anyone they don’t know. Also, make them aware that others can create a Facebook page stealing their identity therefore putting the blame of cyberbullying squarely on their shoulders.

As much as they will protest, you should know their passwords to all of their social networking sites. It is either this or no computer or mobile time at all. It is important to establish clear guidelines of what you expect from them.

Examples of cyberbullying:

• Assuming someone else’s identity with a malicious intent to play pranks on them and others
• Spreading lies or rumours about someone via text messages, emails or messages via social media. This includes forwarding messages from others
• Tricking someone into revealing personal information or sending images
• Threats to physically harm someone or their family

There is a telephone version of email scams or phishing as it is called and this one is vising, the art of tricking someone to reveal personal information by thieves who can use it for their own gain.

Personal identity theft has found its way onto the internet and is a cybercrime, but criminals have found other ways of stealing your personal data and vishing is one of them.

A vishing crook typically pretends to be an official from a legitimate institute such as your bank. They have worked hard at honing their convincing skills and these calls are designed to generate fear and an immediate response from you. There is snap vishing, which are short, sharp calls to convince to you to provide your card details and then there is a longer, more coaxing method that entice you to part with most of your money.

How to be vishing vigilant:

They phone you

Be suspicious if you receive an unsolicited call. Organisations like banks or your chosen utility company won’t phone you out of the blue asking you to confirm information they already have for you. They won’t ask for passwords or security codes. Don’t provide the caller with any information, hang up, and call the organisation they say they are representing to report the incident.

An unknown number

A vishing call will be from a telephone number that is not in your contacts. You won’t have seen this number before. The number is not going to match the official contact details of any legitimate organisation or company.

Sense of urgency

A vishing caller will impart a sense of urgency. They aim to alarm you by saying that suspicious activity has been noted on your bank account. The only suspicious activity is the telephone call you are having with someone who is not who they claim to be.

Trust your gut

If your instincts tell you that something is not quite right, then it probably isn’t. You don’t have to be rude to the person on the other end, but don’t give in to them and hand over your details. This will almost certainly be a personal identity thief, who will cause you a great deal of anxiety and stress in the long run.

What to do if you have been “vished”

Becoming a victim of vishing can happen to the best of us, so don’t feel ashamed It is easy to fall for a vishing scam, especially if you are caught off-guard. The key focus is to act swiftly once you realise you have become a victim of vishing.

• Contact the organisation that was being imitated. The sooner you do this so that your cards can be cancelled and your account frozen, the better.
• Chang any shared information. If you provided the criminal caller with a password or a security code, then this should be changed immediately.
• If needs be, contact your local police or Action Fraud. If you have been robbed remotely, then call 101 or log on to the Action Fraud website. While it isn’t an emergency, it is a crime that needs to be reported. Get an incident number, just in case you need it for insurance purposes.