News Old

If you play a popular online game, keep your wits about you because you could be fair game for fraudsters who take advantage of the fact that this cyber sector is a money mecca ripe for the picking.

When your online gaming account is compromised it is critical that you act fast. If you suspect that all’s not right, don’t wait until it is too late and you can’t get back into your game or, worse still, you can’t even turn on your device.

Change your password

If you can still log into your account, then go to the game’s settings and change your password immediately. Don’t make it one you have used before and even one that has similarities to your old one. This password should be strong, making it difficult for the cybercriminals to infiltrate your device.

Turn on two-factor authentication

Most online gaming account provide this option for the very reason that cyber crooks are lurking on every turn. A lot of us avoid the two-factor authentication because it is a bit of a schlepp, but it is worth getting used to because it will protect you against the fraudsters.

Change all log in details

If you have any online accounts with similar log in details as your gaming account, these need to be changed too. Cybercriminals aim to be one step of the game and will probably be checking other popular sites as soon as they gain access to your gaming portal.

Tell the gaming provider

As soon as you have secured your end, it is crucial for you to let your game provider know that your account has been compromised. Reputable providers will have an evidence gathering procedure in place. This report by you is essential, especially if you need it in a legal case further down the line.

Check your security settings

Once you have altered your password and the two-factor authentication is in place you need to check the gaming account’s security settings. You will have to go into the security settings part of your account. See what devices and applications are connected and if there is any you don’t recognise, then disconnect them. Also, check recent log-in activity and if you are suspicious, then screenshot the info of these unwelcome guests. You should then have the time, date, IP address, browser and device type on an image, which you can send over to the gaming provider.

While on your settings, check your account activity to get a clearer picture of how the cyber thief managed to gain access to your account. Purchase and download history could provide some clues.

Check for malware

There are a number of ways the cyber crook might have gain access to your log in details. They may have taken advantage of a past data breach on the site, have guessed it or seen you type it in. If they have been able to have installed malware on your device, then this will give them access to all your data and you could become a victim of personal identity theft.

HMRC (Her Majesty’s Revenue and Customs) warns tax payers to stay vigilant when it comes to fake emails and phone texts claiming that you are in receipt of a refund.

This type of crime surges at the end of the tax year when the HMRC is actually processing tax refunds. Fraudsters will take advantage of this and will compose fake correspondence designed to trick you into believing you have received a tax rebate and convincing you to part with your bank account and personal details.

Don’t be Fooled

These HMRC hoaxes often take the form of an email and have pulled the wool over thousands of people’s eyes. The email will carry a realistic HMRC logo at the top and most of the time the wording will be professional. The email might contain information like your NI number that will make you think that it is for real.

The Real Rebate Process

HMRC will only inform you of a tax refund via a letter sent directly to the address they hold for you or they will pay you directly through your employer. They will never send you an email, text or voice mail messages. If you receive this type of notification it is imperative you don’t click on the links that usually accompany this correspondence.

Remember that the tax year is from April to April and calculations will be formulated at the end of each tax year and any rebates will be ready for recipients between June and October. Real rebates generally won’t be ready in the months before June and won’t be processed after October.

Sound the Alarm

If you receive either an email, text or automated message be vigilant. HMRC only informs you about tax refunds through the post or through your pay via your employer. All emails, text messages, or voicemail messages saying you have a tax refund are a scam. Do not click on any links or, better still, don’t open the email or message. HMRC advises you forward it to: [email protected] and then delete it.

How HMRC Handles Hoaxes

HMRC is constantly taking action to protect the public from scams, including:

• Taking down malicious websites claiming to be HMRC-related. In 2018 the HMRC took down nearly 15,000 of these sites by reporting them to the relevant authorities.
• Recording and removing almost 800,000 phishing email or text message referrals.
• Implements the latest firewalling for text messages. The HMRC continually works with firewall experts to reduce this type of text message abuse and, as a result, there was a 90 per cent decrease in reports of abuse of protected HMRC SMS tags.

Here is what the HMRC advises

• recognise the signs – HMRC will never contact you to ask for your PIN, password or bank details
• stay safe – if you receive an email or text that you were not expecting don’t reply, download attachments or click on links.
• take action – forward suspicious emails claiming to be from HMRC to [email protected] and texts to 60599, or contact Action Fraud on 0300 123 2040 to report any suspicious calls. You can also report it on the online fraud report tool: www.actionfraud.police.uk.

Cyberbullying has caused devastation to people’s lives and there have even been cases of teen suicide due to this form of online harassment.

Unfortunately, cyberbullying is not a crime in itself and is not covered by law in the UK. This can be frustrating to those of us who have had our children or even ourselves falling victim to cyberbullying.

This is not only internet intimidation, but it has also found its way onto every digital device like cell phones and gaming consoles. It is usually carried out using texts and social media apps such as Facebook, Instagram, Snapchat and Tik Tok. It includes sending, posting or sharing harmful content on these public platforms about someone. Reddit’s online forums and chatrooms and even online gaming communities are other ways to virtual bully victims.

All is not lost though because cyberbullying can be put to rights through a number of other laws that make it illegal to cause a person fear or distress via acts that don’t involve actual physical violence.

Communications Act

Passed in 2003 this act makes it an offence to send grossly offensive electronic communication that is deemed “indecent, obscene or menacing”. If the cyberbully is found to have caused anxiety and distress to their victim with an onslaught of messages via email or social media, they can receive a custodial sentence of up to six months and a fine or both.

Protect from Harassment Act

Even though it is not recognised as a crime, there are other laws in place that do make it unlawful such as the Protection from Harassment Act that was passed in 1997. This law makes it a criminal offence for anyone to knowingly to victimise through sending multiple abusive emails with the full intention of causing distress and alarm. If found guilty of this offence, the bully could receive up to six months in prison and receive a fine. The act also gives the judicial system the power to grant restraining orders against those found guilty of an offence that threatens the victim. It goes one step further and if the perpetrator is found guilty of causing fear of violence on at least two occasions they could go to prison for up to five years.

Malicious Communications

The Malicious Communications Act goes back more than 30 years. This act makes it an offence to send someone a communication that is “indecent or grossly offense. If it is proved that this has caused distress or anxiety to a victim the offender can receive a fine of up to £5,000, six months in prison or both.

Public Order Act

Passed in 1986 it became an offence to use “threatening, abusive or insulting word, behaviour, writing or any visual representations likely to cause harassment, alarm or distress within the hearing or sight of a person”. This act is helpful when cyberbullying comes in the form of camera or video functions found on most Smartphones. The defendant can face a jail sentence of up to six months and a fine or both.

Workplace cyberbullying

It is important to know that, although indirectly, cyber bullies can have their day in court if they make their victim’s life a misery. Cyber bullying is not confined to young children and teenagers, workplace bullying is rife. It is estimated that bullying at work cost UK companies about £2bn annually is lost productivity and sick pay.

New types of fraud are emerging all the time and it is not surprising that most of it is conducted online. Cyber criminals are able to be not seen or heard and can carry on their illegal operations undetected.

Law enforcers in most countries have special teams dedicated to cybercrime, but it is a long and tedious process and is very often not worth their while pursuing.

Prevention is therefore better than cure and making yourself aware of the different methods these criminals implement can help stop it happening to you.

There are five main types of internet fraud:

Identity Theft

This is otherwise known as payment fraud and is the major type of e-commerce deception. This type of scam doesn’t deal with stolen cards per se. Instead it uses IP addresses, email accounts, postal addresses and the devices you use.

Fraudulent online purchases are just the start of it. This type of scammer can create fake accounts and manipulate traffic through if they manage to hack into a major

Friendly fraud

This might seem strange using “friendly” and “fraud” in the same sentence. This can happen purposefully or by mistake. It means that the buyer pays for a service or product and then claims they have never received it or that it arrived damaged. If you are selling something on one of the major online sites such as eBay, you could fall victim to this type of scam.

If you own a small business and rely on the internet for your bread and butter, then you might have to go as far as going down the chargeback route. This can be extremely time consuming and frustrating. To avoid this, make sure you use a reputable courier service and have each delivery signed for. Make sure you see if the buyer’s star rating before going ahead with the transaction. Friendly fraud can occur by design or by mistake.

Clean fraud

Once again using these two words together seems paradoxical. Unfortunately this is happening more and more as scammers take on this type of illegal online activity with great success.

Clean fraud means that the cyber crook is using a stolen credit card and the transaction isn’t flagged up. This is because the scammer will have all your personal details on hand, including the three-digit security number on the back of the card.

If your card is stolen and you haven’t reported it then it can be used with wild abandon by the thief. Convincing a retailer to issue a chargeback can be challenging as the onus is with you to have the card blocked.

Fake Sites

It is so easy to create a website these days and fraudsters have been quick on the uptake. Fake sites entail the con-artists enticing people to buy a service or product, which doesn’t exist.

This way they are able to obtain all your details, which they then either use themselves or sell your information on the dark web. When you buy anything on the internet do your homework on the merchant before clicking the checkout button. A reputable online merchant will have contact details such as address and a telephone number. If you are in doubt, call first to make sure that it is a bona fid company.

Phishing

Phishing is a cybercrime targeting you through emails, phone calls and text messages. On the face of it these appear to be from a legitimate company or organisation. It is aimed at getting you to part with sensitive data such as your personally identifiable information, passwords and banking or credit card details.

Think twice before responding to or clicking on any link that could leave you vulnerable to a phishing attack.

Among the noise and hubbub which 2020 has brought, one positive step towards reliable online identification use has sneaked through almost unnoticed. Before the global health crisis enveloped all of civil society as well as much else of the world’s attention, the UK government revealed a considered approach to the issue of secure digital ID and documentation use.

Although this important issue has indeed been highlighted by some of the consequences of the Covid pandemic, subsequent lockdown and economic affairs, the underlying need for clarification of the future of this potentially vital part of modern life going forward has maintained an underlying momentum. When the country regains some kind of calm, its citizens may at last see progress towards widespread digital online verification.

Replies to Call for Evidence

What seems a long time ago, in 2019, the Department for Digital, Culture, Media & Sport (DCMS) issued a country-wide survey entitled a “digital identity Call for Evidence”. This went out to any and every potentially interested party, which had strong feelings of any kind relating to the importance or otherwise of digital documentary and identity verification. The response was deafening; if the Minister for Digital Infrastructure (MDI) had an inkling that progress was wanted, he is now in absolutely no doubt.

Indeed, on 1st September 2020, the DCMS issued a statement that it had heard the Call, and plans to do something about it. It has begun a consultation process with a broad range of stakeholders, with a view to finally nailing down exactly how the government, in conjunction with private organizations, the legal profession, and individuals, can best create a robust system of online verification which is fit for purpose in the UK in the 21st century and beyond.

Specifically, the consultation will seek to clarify issues of individual rights, sources of redress, oversight responsibilities, privacy and technical standards.

Economic drivers

In taking this action, the MDI and the Cabinet Office are responding to the loudest reply of all; digital identity can and should play a massive part in developing and securing the health of the British economy. As such, it is widely felt that only the government itself has the power and tools to take the lead in pushing this agenda.

One example quoted in responses is house buying. This signifier of economic health can be greatly facilitated by the use of digital identity checks. Traditionally, the process of finding and securing a property is notoriously slow, and stories of people falling foul of “the chain” are very well known; documentary and ID checking being the main hindrances.

Commitment to progress

Speeding up house buying is one concrete example of the economic benefits of effective digital verification; there are many others, at both micro and macro level. As the UK strives to find its place in the world post Brexit, the digital economy is acknowledged as being one of the strengths to which it should play. The DCMS says it is committed to ensuring that digital identity is central to this strategy.

Although the actual act of cyberbullying is not a crime there are other laws that can tackle these cruel cyberattacks that can cause mental anguish to young children and teenagers and adults, costing the UK economy £2bn every year due to loss of productivity and sick pay leave.

Rather than wait for it to reach the stage of having the offender persecuted, there are ways to nip this abhorrent behaviour in the bud.

Don’t take the bait

Don’t respond to teasing or online name calling. If this is via text, block the sender and if it is on a social media platform like Facebook or Instagram unfriend them or block them as a follower. If they find other ways of communicating with you such as texts and voicemail, delete the texts, don’t open them and delete the voicemail without listening to it.

Instagram is where most young people will experience cyberbullying. A recent survey found that 42 per cent of those surveyed experienced harassment via Instagram. Cyberbullying is often a symptom of someone looking for attention, even if it’s negative.

Keep the proof, save the evidence

As easy as bullying has become thanks to cyberspace, it is also easier to prove that you have been a victim of bullying. Record all the acrimonious activity by taking screenshots of the abuse you receive. Young children and teenagers should take this evidence to their parents or teachers immediately. If you are being bullied by an ex or a co-worker, this evidence is vital if you have to take it down the prosecution route.

Don’t suffer in silence

It doesn’t matter how old you are, cyberbullying can have a devastating effect on your mental health and you shouldn’t keep this anxiety to yourself. There are online support groups for victims of cyberbullying. Choose one that is right for you and many offer one-to-one advice. Confide in a parent, teacher, friend, co-worker or immediate boss. Schools have rules against cyberbullying and the Health and Safety Act protects employees from being bullied. www.dosomething.org is an international online support service that gives you advice on how to deal with cyberbullying.

Don’t get gaslighted

Gaslighting is common type of bullying, often done online through an intranet in a place of work. It is when someone or a group of people gang up against the victim with the deliberate intent to control and manipulate them.

Persistent negative public comment, especially online, is a form of gaslighting where a group of an individual embarks on a smear campaign usually through social media or via internal group emails. These proclamations are often based on lies or exaggerations of the truth and is aimed at damaging your credibility or personal reputation.

Use websites’ safety centres

If the bullying is taking place via a website the perpetrator is going against the site’s terms and conditions. You should report the bully to the website administrator and if the proof is there, they will be expelled from the site. Many sites have safety centres where you can go and report any incident of bullying. The administrators will be able to take down the offensive posts and if the bully is anonymous, they will be able to uncover their real identity.

You might have heard about it in the news or even got wind of it in the office, but the only thing most of us know is that it is one of the arch enemies of our computers or operating systems.

Ransomware is as malevolent as it sounds. This malware method of cybercrime stops you accessing your files unless you stump up the cash. Of course, it’s not hard cash, but payment via credit card or cryptocurrency that’s going to release you from these fraudster’s grip.

This type of fraud stalks the cyber highways and byways and can catch you off-guard to successfully infect your computer. There are varying degrees of this cybercrime, you should take heed of all of it.

Not so scary scareware

This is rogue security software, and you may receive a malware alert claiming this can only be eradicated if you pay for a cybersecurity software programme. Ignoring it means you will continue to be assailed with constant alerts, but your files are unlikely to be under threat.

A reputable security software company won’t solicit you in this way. If you don’t have the software on your system, then there would be no reason for them to monitor your ransomware infection. If your system already has cybersecurity then there is no need for you to top this up.

Malspam alert

Malicious spam or malspam in cyber-speak, is when an unsolicited email delivers malware. The email is likely to include booby-traps in the form of attachments such as Word documents or PDFs. It could also present links to malicious websites. This type of virtual villainy relies on social engineering to trick us into opening attachments or clicking links that appear legit. This cybercrime knows no bounds, sometimes posing as the HMRC or the police to scare you into paying up to unlock your files.

Malvertising attack

Just by browsing trusted websites, you can be directed to criminal servers. They will swiftly catalogue your personal details and then pick the malicious ware best suited to sting you. Malvertising or malicious advertising is the abuse of online advertising to dish out malware with an advanced approach that involves an invisible webpage component to do its dastardly deed. This is likely to happen without your knowledge and you won’t be aware of it until it’s too late. It’s often called a “drive-by-download” for good reason.

Screen lock shock

This is almost as nasty as ransomware gets. When screen-lock scams infiltrate your system, it means you are frozen out of it completely. When you start it up, a window will appear usually with a government or law enforcement seal claiming you have committed a crime and will have to pay a spot fine to have it unfrozen.

Evil encryption

Encryption has to be the king of the ransomware pile though. This cyber crookery highjacks your files and encrypts them. Unless you pay up there is no chance of the files being decrypted and even if you do pay the ransom, there is no guarantee you’ll get your information back. This type of attack emphasises the importance of saving everything to the cloud.

Many high streets and other physical retail spaces have seen their businesses decimated by Covid 19 pandemic lockdowns, in most places around the world. Very few countries have escaped this phenomenon, which came on top of an already struggling retail sector in some major world economies. Perhaps ironically, some of the retailers hardest hit by this loss in business are mobile telecoms providers.

In March 2020, major provider T-Mobile announced that it was to close up to 80% of its retail outlets, as footfall had already dropped to unacceptably low levels globally; this at the very start of the pandemic and subsequent lockdowns. Meanwhile, in the same months, Verizon announced the closure of its outlets on Sundays, and reduction of both hours and employees for the rest of the week.

SIM registration and ID verification

One of several ironies in this situation is the great upsurge in the use of mobile devices caused by the pandemic. Not only were millions of people urged to work from home, but many millions more simultaneously looked to mobile devices to stay in touch with friends and family they could suddenly no longer meet with physically. For telecoms providers (also known as telcos), this situation has proved to be extremely frustrating.

Extra demand for mobile services should have been good news for telcos, but they were having to close the only means at their disposal of onboarding new customers. This is because of the need for customers to purchase and register SIMs.

In many countries, buying a new SIM requires the purchaser to provide an approved photograph in order to verify their identity; some countries’ governments issue these photos. For this form of ID verification to work, however, the customer has to be physically present when making the purchase. As of March 2020, this was no longer possible for millions of potential consumers.

Wider distribution and remote onboarding

The solution to this problem of demand and supply seems to be twofold. Firstly, telcos have already spread their supply chains into physical spaces where they previously did not reach. These include unmanned kiosks, where customers can by a SIM and register it later. Similarly, telcos are increasingly renting space at airports, so that passengers can take a SIM with them, either to use in-flight or at their new destination.

In both cases, final registration is achieved after purchase using online verification. Photographic ID is still necessary, but this can also be in the form of video or interactive engagement, which are already being rolled out throughout the digital verification industry. In fact, by making use of these latest techniques, registering a new SIM will in some cases be made more secure than before.

The coming of the eSIM

Another step forward in the remote onboarding of new telecoms customers is the eSIM. Google and Apple now produce devices which come with a non-removable SIM. Once the customer has verified their ID securely online, they can make use of the device’s eSIM functionality on the move. This can be to change service providers, or to use local networks in different countries, thus avoiding roaming fees.

In business terminology, the Covid 19 pandemic of 2020 (and probably beyond) is known as a black swan event. Referring to the rarity of a swan turning out to have black feathers, black swans in the business world are events which are impossible to predict; although some “experts” later assert that businesses should have seen them coming. Either way, black swan events are crises in the true sense of the word.

Whether or not a crisis like the Covid pandemic could have been predicted, for forward-looking businesses and other organisations, the point is to learn from them. In the case of a global health scare and subsequent lockdown measures, the lack of physical presence of customers is driving an inevitable conclusion; digital online ID verification is the future, and the sooner this is acted upon, the better.

Pluses and minuses of the pandemic

Of course, the global impact of an unprecedented health disaster is overwhelmingly negative. However, those responsible for running governments, businesses and even households always need to keep a cool head and analyse the effects of such a crisis for them. With this in mind, a respected economic consultant carried out a survey of business leaders in China at the start of the pandemic.

The survey produced two lists; one of three negatives, and one of three positives. The negatives were:

• inability to physically meet customers;
• large drops in sales;
• inability to restart production.

The positives, meanwhile, were:

• improved remote collaboration;
• high employee buy-in of the importance of IT and digital transformation;
• huge potential of online marketing and other online business.

For business managers with the eyes to see, then, there is massive potential for business growth in the online environment. This will be the case for the long term, whether vaccines are successfully rolled out across the world; the pandemic is a black swan like no other, and businesses must be more resilient and flexible.

Building resilience and growing business with online ID checks

The combined effect of both the negative and positives gathered from this feedback seems to point directly at a digital transformation; especially in online ID verification. An inability for organisations to interact physically with their customers or clients has forced them to do so remotely. Having done so successfully, future need for physical presence is no longer a priority.

Indeed, there are already success stories generated by this adoption of digital transformation. In Italy, which was one of the worst and earliest sufferers of mass casualties due to the virus, real progress has been made in business and e-commerce. The country is witnessing a huge uptake of e-learning as workers strive to adopt new skills; this in tandem with a surge in online shopping and video streaming.

Digital transformation showing the way

Of course, for all of this to be successful, secure, and sustainable, robust online ID and documentation checks are essential. Customer onboarding is vital, both in securely setting up new accounts, and carrying out transactions over any appropriate device, at any time. The crisis caused by the pandemic is driving smart businesses to see this situation as a permanent replacement to footfall in physical premises.

There are a number of ways cyber criminals can burglarise your computer and there are tell tale signs that will pop up to warn you that you are not alone.

Fake antivirus messages, sudden appearance of unsolicited toolbars and redirected internet searches are just a few ways fraudsters have broken into your system to make mischief.

Bogus antivirus messages

These usually appear as pop-up messages on your computer screen or even your mobile telephone. This pop-up bluff claims to be an antivirus cybersecurity product that has detected a multitude of malware infections on your computer.

There are a couple of reasons these fake pop-ups occur. It could be that your system has already been comprised, which isn’t good news. Hopefully, it hasn’t reached this critical stage, and nothing has been affected beyond the fake message.

These messages have usually found a way to lock your browser so that you won’t be able to exit the fake message without restarting your browser. Many of these antivirus messages claim to be from Microsoft and will ask you for an online payment so that Microsoft can clean up the viruses found on your computer. Microsoft will never contact you via a pop-up message and will never ask you for your credit or debit card details.

Hopefully, you can close the tab and restart the browser and the fake message will have been sent packing. Unfortunately, this is rarely the case and you will be forced to uninstall your browser and install it again. The worst is when the fake pop-up has comprised your system and this will involve a total reset of your computer. So, always save your important files to the cloud because a reset means you will lose everything stored on your system.

Bogus browser toolbars and PUPs

Suddenly you see new toolbars on your browser with titles that indicate this toolbar has been installed to provide you with support. Or the toolbar hijacks your Web browser and automatically pops you over to a different browser without your permission. Ask.com is famous for this and shoves Google or Bing aside and becomes your system’s self-proclaimed browser.

Some people will think this is malware or a virus, but it isn’t that bad. It doesn’t make it any less annoying though. The security industry have dubbed this PUP (Potentially Unwanted Programme). It usually occurs when you install a software application and don’t see the checkboxes or bother to read the fine print.

Having your searches redirected time and again is going to drive you crazy, so it is important to get rid of this browser jacking.

Most browsers will allow you to review active toolbars and you are able to remove any you don’t want to be a stayer. When in doubt it is best to remove it. You might have to reset your default browser back to its default settings and don’t forget to untick any check boxes and read the terms and conditions before clicking on “I Agree”.