News Old

Although the actual act of cyberbullying is not a crime there are other laws that can tackle these cruel cyberattacks that can cause mental anguish to young children and teenagers and adults, costing the UK economy £2bn every year due to loss of productivity and sick pay leave.

Rather than wait for it to reach the stage of having the offender persecuted, there are ways to nip this abhorrent behaviour in the bud.

Don’t take the bait

Don’t respond to teasing or online name calling. If this is via text, block the sender and if it is on a social media platform like Facebook or Instagram unfriend them or block them as a follower. If they find other ways of communicating with you such as texts and voicemail, delete the texts, don’t open them and delete the voicemail without listening to it.

Instagram is where most young people will experience cyberbullying. A recent survey found that 42 per cent of those surveyed experienced harassment via Instagram. Cyberbullying is often a symptom of someone looking for attention, even if it’s negative.

Keep the proof, save the evidence

As easy as bullying has become thanks to cyberspace, it is also easier to prove that you have been a victim of bullying. Record all the acrimonious activity by taking screenshots of the abuse you receive. Young children and teenagers should take this evidence to their parents or teachers immediately. If you are being bullied by an ex or a co-worker, this evidence is vital if you have to take it down the prosecution route.

Don’t suffer in silence

It doesn’t matter how old you are, cyberbullying can have a devastating effect on your mental health and you shouldn’t keep this anxiety to yourself. There are online support groups for victims of cyberbullying. Choose one that is right for you and many offer one-to-one advice. Confide in a parent, teacher, friend, co-worker or immediate boss. Schools have rules against cyberbullying and the Health and Safety Act protects employees from being bullied. www.dosomething.org is an international online support service that gives you advice on how to deal with cyberbullying.

Don’t get gaslighted

Gaslighting is common type of bullying, often done online through an intranet in a place of work. It is when someone or a group of people gang up against the victim with the deliberate intent to control and manipulate them.

Persistent negative public comment, especially online, is a form of gaslighting where a group of an individual embarks on a smear campaign usually through social media or via internal group emails. These proclamations are often based on lies or exaggerations of the truth and is aimed at damaging your credibility or personal reputation.

Use websites’ safety centres

If the bullying is taking place via a website the perpetrator is going against the site’s terms and conditions. You should report the bully to the website administrator and if the proof is there, they will be expelled from the site. Many sites have safety centres where you can go and report any incident of bullying. The administrators will be able to take down the offensive posts and if the bully is anonymous, they will be able to uncover their real identity.

You might have heard about it in the news or even got wind of it in the office, but the only thing most of us know is that it is one of the arch enemies of our computers or operating systems.

Ransomware is as malevolent as it sounds. This malware method of cybercrime stops you accessing your files unless you stump up the cash. Of course, it’s not hard cash, but payment via credit card or cryptocurrency that’s going to release you from these fraudster’s grip.

This type of fraud stalks the cyber highways and byways and can catch you off-guard to successfully infect your computer. There are varying degrees of this cybercrime, you should take heed of all of it.

Not so scary scareware

This is rogue security software, and you may receive a malware alert claiming this can only be eradicated if you pay for a cybersecurity software programme. Ignoring it means you will continue to be assailed with constant alerts, but your files are unlikely to be under threat.

A reputable security software company won’t solicit you in this way. If you don’t have the software on your system, then there would be no reason for them to monitor your ransomware infection. If your system already has cybersecurity then there is no need for you to top this up.

Malspam alert

Malicious spam or malspam in cyber-speak, is when an unsolicited email delivers malware. The email is likely to include booby-traps in the form of attachments such as Word documents or PDFs. It could also present links to malicious websites. This type of virtual villainy relies on social engineering to trick us into opening attachments or clicking links that appear legit. This cybercrime knows no bounds, sometimes posing as the HMRC or the police to scare you into paying up to unlock your files.

Malvertising attack

Just by browsing trusted websites, you can be directed to criminal servers. They will swiftly catalogue your personal details and then pick the malicious ware best suited to sting you. Malvertising or malicious advertising is the abuse of online advertising to dish out malware with an advanced approach that involves an invisible webpage component to do its dastardly deed. This is likely to happen without your knowledge and you won’t be aware of it until it’s too late. It’s often called a “drive-by-download” for good reason.

Screen lock shock

This is almost as nasty as ransomware gets. When screen-lock scams infiltrate your system, it means you are frozen out of it completely. When you start it up, a window will appear usually with a government or law enforcement seal claiming you have committed a crime and will have to pay a spot fine to have it unfrozen.

Evil encryption

Encryption has to be the king of the ransomware pile though. This cyber crookery highjacks your files and encrypts them. Unless you pay up there is no chance of the files being decrypted and even if you do pay the ransom, there is no guarantee you’ll get your information back. This type of attack emphasises the importance of saving everything to the cloud.

Many high streets and other physical retail spaces have seen their businesses decimated by Covid 19 pandemic lockdowns, in most places around the world. Very few countries have escaped this phenomenon, which came on top of an already struggling retail sector in some major world economies. Perhaps ironically, some of the retailers hardest hit by this loss in business are mobile telecoms providers.

In March 2020, major provider T-Mobile announced that it was to close up to 80% of its retail outlets, as footfall had already dropped to unacceptably low levels globally; this at the very start of the pandemic and subsequent lockdowns. Meanwhile, in the same months, Verizon announced the closure of its outlets on Sundays, and reduction of both hours and employees for the rest of the week.

SIM registration and ID verification

One of several ironies in this situation is the great upsurge in the use of mobile devices caused by the pandemic. Not only were millions of people urged to work from home, but many millions more simultaneously looked to mobile devices to stay in touch with friends and family they could suddenly no longer meet with physically. For telecoms providers (also known as telcos), this situation has proved to be extremely frustrating.

Extra demand for mobile services should have been good news for telcos, but they were having to close the only means at their disposal of onboarding new customers. This is because of the need for customers to purchase and register SIMs.

In many countries, buying a new SIM requires the purchaser to provide an approved photograph in order to verify their identity; some countries’ governments issue these photos. For this form of ID verification to work, however, the customer has to be physically present when making the purchase. As of March 2020, this was no longer possible for millions of potential consumers.

Wider distribution and remote onboarding

The solution to this problem of demand and supply seems to be twofold. Firstly, telcos have already spread their supply chains into physical spaces where they previously did not reach. These include unmanned kiosks, where customers can by a SIM and register it later. Similarly, telcos are increasingly renting space at airports, so that passengers can take a SIM with them, either to use in-flight or at their new destination.

In both cases, final registration is achieved after purchase using online verification. Photographic ID is still necessary, but this can also be in the form of video or interactive engagement, which are already being rolled out throughout the digital verification industry. In fact, by making use of these latest techniques, registering a new SIM will in some cases be made more secure than before.

The coming of the eSIM

Another step forward in the remote onboarding of new telecoms customers is the eSIM. Google and Apple now produce devices which come with a non-removable SIM. Once the customer has verified their ID securely online, they can make use of the device’s eSIM functionality on the move. This can be to change service providers, or to use local networks in different countries, thus avoiding roaming fees.

In business terminology, the Covid 19 pandemic of 2020 (and probably beyond) is known as a black swan event. Referring to the rarity of a swan turning out to have black feathers, black swans in the business world are events which are impossible to predict; although some “experts” later assert that businesses should have seen them coming. Either way, black swan events are crises in the true sense of the word.

Whether or not a crisis like the Covid pandemic could have been predicted, for forward-looking businesses and other organisations, the point is to learn from them. In the case of a global health scare and subsequent lockdown measures, the lack of physical presence of customers is driving an inevitable conclusion; digital online ID verification is the future, and the sooner this is acted upon, the better.

Pluses and minuses of the pandemic

Of course, the global impact of an unprecedented health disaster is overwhelmingly negative. However, those responsible for running governments, businesses and even households always need to keep a cool head and analyse the effects of such a crisis for them. With this in mind, a respected economic consultant carried out a survey of business leaders in China at the start of the pandemic.

The survey produced two lists; one of three negatives, and one of three positives. The negatives were:

• inability to physically meet customers;
• large drops in sales;
• inability to restart production.

The positives, meanwhile, were:

• improved remote collaboration;
• high employee buy-in of the importance of IT and digital transformation;
• huge potential of online marketing and other online business.

For business managers with the eyes to see, then, there is massive potential for business growth in the online environment. This will be the case for the long term, whether vaccines are successfully rolled out across the world; the pandemic is a black swan like no other, and businesses must be more resilient and flexible.

Building resilience and growing business with online ID checks

The combined effect of both the negative and positives gathered from this feedback seems to point directly at a digital transformation; especially in online ID verification. An inability for organisations to interact physically with their customers or clients has forced them to do so remotely. Having done so successfully, future need for physical presence is no longer a priority.

Indeed, there are already success stories generated by this adoption of digital transformation. In Italy, which was one of the worst and earliest sufferers of mass casualties due to the virus, real progress has been made in business and e-commerce. The country is witnessing a huge uptake of e-learning as workers strive to adopt new skills; this in tandem with a surge in online shopping and video streaming.

Digital transformation showing the way

Of course, for all of this to be successful, secure, and sustainable, robust online ID and documentation checks are essential. Customer onboarding is vital, both in securely setting up new accounts, and carrying out transactions over any appropriate device, at any time. The crisis caused by the pandemic is driving smart businesses to see this situation as a permanent replacement to footfall in physical premises.

There are a number of ways cyber criminals can burglarise your computer and there are tell tale signs that will pop up to warn you that you are not alone.

Fake antivirus messages, sudden appearance of unsolicited toolbars and redirected internet searches are just a few ways fraudsters have broken into your system to make mischief.

Bogus antivirus messages

These usually appear as pop-up messages on your computer screen or even your mobile telephone. This pop-up bluff claims to be an antivirus cybersecurity product that has detected a multitude of malware infections on your computer.

There are a couple of reasons these fake pop-ups occur. It could be that your system has already been comprised, which isn’t good news. Hopefully, it hasn’t reached this critical stage, and nothing has been affected beyond the fake message.

These messages have usually found a way to lock your browser so that you won’t be able to exit the fake message without restarting your browser. Many of these antivirus messages claim to be from Microsoft and will ask you for an online payment so that Microsoft can clean up the viruses found on your computer. Microsoft will never contact you via a pop-up message and will never ask you for your credit or debit card details.

Hopefully, you can close the tab and restart the browser and the fake message will have been sent packing. Unfortunately, this is rarely the case and you will be forced to uninstall your browser and install it again. The worst is when the fake pop-up has comprised your system and this will involve a total reset of your computer. So, always save your important files to the cloud because a reset means you will lose everything stored on your system.

Bogus browser toolbars and PUPs

Suddenly you see new toolbars on your browser with titles that indicate this toolbar has been installed to provide you with support. Or the toolbar hijacks your Web browser and automatically pops you over to a different browser without your permission. Ask.com is famous for this and shoves Google or Bing aside and becomes your system’s self-proclaimed browser.

Some people will think this is malware or a virus, but it isn’t that bad. It doesn’t make it any less annoying though. The security industry have dubbed this PUP (Potentially Unwanted Programme). It usually occurs when you install a software application and don’t see the checkboxes or bother to read the fine print.

Having your searches redirected time and again is going to drive you crazy, so it is important to get rid of this browser jacking.

Most browsers will allow you to review active toolbars and you are able to remove any you don’t want to be a stayer. When in doubt it is best to remove it. You might have to reset your default browser back to its default settings and don’t forget to untick any check boxes and read the terms and conditions before clicking on “I Agree”.

Online opportunists have wasted no time in sussing how to use QR codes to commit cybercrime. As quick as counting to three, this way they can access your personal details and use them in a number of ways that can wreak havoc.

Fake QR codes are increasingly creating chaos with regular reports of unsuspecting users finding a zero balance on their bank accounts overnight.

QR stands for Quick Read or Quick Response and the method is designed to do just that – provide you or a service with information. Similar to POS (Point of Sale) products which have bar codes, the QR codes have been tailored for smartphones. It is made up of digital square dots and black modules on a square white background and can be read by your phone’s built-in camera or a QR code reader application.

Real QR in Print

Legitimate companies use them to track and identify products and direct consumers to their websites. They are often found in magazines, flyers and business cards. Newspapers often use a Quick Read code to save on print costs. By scanning the code you are able to read more articles and even access videos on the subject you are interested in.

Real QR in Track and Trace

A QR code is proving invaluable to the NHS too, for its COVID-19 track and tracing. It can be found clearly displayed in restaurants, pubs and leisure venues. It is compulsory to display this QR code to record your contact details, which will only be used to inform you if COVID-19 outbreaks occur at that particular venue.

Real QR in Marketing

The Quick Read method is also beneficial for brand marketing. The code will give the consumer the option for finding out more about the product by clicking on the code that will direct them to the relevant website.

QR Click Jackers

Sophisticated cyber crooks have developed variations of fraud via the QR code route. They substitute legitimate Quick Response codes with bogus codes. As soon as you point your smartphone at the image you will have been click jacked. You might be directed to malicious sites which are almost identical to the real deal. These may include malware giving the criminals access to all your personal data that is stored on your phone. In this age where most of us have our bank’s app on our smartphones, it is even easier for them to infiltrate and retrieve sensitive data for fraudulent means.

QR Phishing

Fake QR codes could lead you to a bogus website, which might convincingly mimic a trusted brand or service. Here, you will be asked to provide certain personal details that will enable the fraudsters to commit their crimes. Even an email address is enough for them to drill down to your personal information. Once they have this data it will be used in the form of identity theft.

Here are ways to avoid a QR Code Scam:

• Never scan a standalone QR code. Don’t let your curiosity get the better of you by clicking on a box which isn’t linked to a service or product.
• Don’t scan in public places. If you chance upon flyers or posters with QR codes on bus stops and buildings, for example, avoid them at all costs.
• Check if the QR code is on a removable sticker. If it is, walk away because it is almost certainly a fake.
• Download a scanner app that can check the website the QR code is directing you to.

The value of digital ID verification is well known and proven by and for governments, border agencies and large financial institutions. In terms of national and financial security, robust ID checks keep whole populations and economies safe, in a very real way. What is perhaps not so well appreciated is the actual economic value that digital identification brings with it.

The ongoing global health crisis is highlighting to a perhaps unexpected extent exactly how valuable digital ID and ways of its verification can be. Latest research by international economists, however, is shedding some light on exactly that. Governments of both developed and developing countries should take heed of their findings.

Unlocking Potential Economic Activity

Governments place a great deal of importance on their individual countries’ gross domestic product (GDP). This is perfectly understandable, as GDP represents, according to Wikipedia: “… a monetary measure of the market value of all the final goods and services produced in a specific time period”. Other national economic indicators may be obtained from this base, but GDP is regarded as the very best indicator of the health of any nation’s economy.

A recent report by esteemed global economic think tank McKinsey Digital was based on a study of what it considered to be seven of the world’s most indicative economies; they were Brazil, China, Ethiopia, India, Nigeria, the UK, and the USA. The report found that, across these nations, between 3% and 13% of hidden, potential economic activity could be realized by better digital identification.

These figures are extremely important, for many reasons. Any responsible government wants economic prosperity for its citizens; if this can come without having to rely on outside help, so much the better. In effect, the McKinsey report shows that each of these countries has its own, untapped, natural resources.

Inclusive Benefits of Digital ID

If this in itself was not good enough news for citizens in these countries, even better news is that those economic benefits can actually be realized by individuals who have a “good” digital ID. Perhaps more than any other recent technological development, McKinsey Digital reports that up to half of the economic benefit of national digital ID improvement will find its way to individual citizens and their families.

This proportion is far higher than any other major infrastructure investments, which tend to benefit people in certain geographical locations within a country. If, for instance, a new road project is announced, only those living proximity to the services to which it gives access will feel any benefit; this is especially true in large countries like Brazil, India and the USA.

Investment in digital infrastructure, however, can literally benefit any citizen who has the ability to access and use it properly. This can make any individual a customer, supplier, worker, entrepreneur, taxpayer, tax beneficiary, participant in civil society, or asset owner.

Privacy and Other Concerns

Of course, with the adoption of digital ID in wider society always comes the need to protect individual privacy. Issues of civil and human rights need to be rigorously addressed by governments keen to improve their citizens’ access to digital services. It is to be hoped that confidence in secure online checking systems will help administrations make the right choices.

Gone are the days when forging someone else’s signature was the most common form of identity theft, but these days this art of impersonation has found far easier routes and these don’t always involve illegal online operations.

Closer than you think

Hacking or exploiting a computer system is probably the hardest for the crooks to crack. These crimes are often committed when your personal details are accessed through a public Wi Fi connection. Going out for a few drinks after work or treating the family to a Sunday roast could prove far costlier than you think. If you need to go onto the internet and its not your own broadband connection, you should be aware of the risks. Sophisticated cyber criminals can access everything from your bank statements, card details, date of birth and passwords while you are out and about.

Minimise the risk

Despite the internet being a fairly recent invention, most of us use it in some form or another. Some might think that the convenience of it all outweighs the risk, but there have been far too many horror stories of the unsuspecting losing their entire life savings. So, it is wise to find ways of minimising the chance of someone taking advantage of the ease of personal information access.

Cover all bases

When looking at ways perpetrators can plunder your personal details, think outside the box and whilst forging a signature is passé these days, you’d be surprised at how even the most basic ways personal identity fraud can be carried out.

Don’t bin it

After you have finished with your bank statements, utility bills, council tax correspondence and wage slips, don’t chuck them in the bin. Canny criminals can spot a pile of paper through refuse sacks and after a quick rifle through your rubbish, they can have everything from your date of birth to your sort code and account number.

Secure sites

Where possible, ask for paperless correspondence from your bank and from reputable organisations. They provide secure sites and go to great lengths to protect your personal details. If there is any untoward activity on your accounts, then they will take responsibility for any losses you might incur.

To prevent this, choose to have your accounts online with strong passwords to support them. Most banks and reputable organisations have secure sites and if there is any fraudulent activity on your account they will take responsibility for it.

Invest in a shredder

For all those hard copy accounts that you have on file, invest in a basic shredder. These telltale document details can safely be rendered undecipherable in no time at all. Investing in a shredder is a small price to pay for keeping your finances safely out of the way of scammers.

Memorise your PIN

Once you have received a new PIN number in the post be sure to memorise it and destroy it as soon as possible. You would be surprised how many of us keep evidence of our personal identity numbers in our purses and wallets.

In the age of the selfie, it makes sense for many members of the online ID verification community that they be part of the onboarding process. With timestamps and high quality digital images, there is a strong argument that a selfie can be a legitimate element of the verification process. This is especially true if applicants have limited access to other forms of ID due to technical or access reasons.

However, the issue of selfie adoption is quite complicated across different nations and global regions. Governments can have different priorities, based on perceived levels of threat from terrorism and organized crime, to name but two. Whether taking a selfie will make inroads into official recognition systems is still very much a moot point.

Selfies and the Financial Sector

One area of particular difficulty for selfie recognition is the financial sector. In particular, many countries’ regulatory authorities are very keen to enforce strict anti money laundering (AML) laws. This in turn is a result of the growing recognition that previously unchecked sources of revenue have come from illegal activity; specifically, terrorist organizations, drug runners and modern slavers.

The issue of AML security is particularly important to authorities in the USA. In that country, there have been many high profile cases of money laundering over the last few years, leading successive administrations to demand much tighter regulations against this type of financial criminality. As the US has itself suffered from terrorism and drug related problems, this is an understandable stance.

Against this background, the federal government is insisting on a three tier security system for identity verification, the highest of which is face to face checking. It is hoped that reliable proof of identity will stop criminals setting up bank accounts and laundering illegal funds. Selfies, in this context, are only permitted as part of the lowest level of checks, provided they are backed up by other security measures.

National and Regional Standards

The situation regarding selfie recognition is more complicated depending on different countries and regions around the world. For example, there are seven national regulators in Europe which have slightly different standards of facial recognition for financial business purposes.

There is a push by the European Union to standardize such online recognition across the bloc, but at present these are being resisted by certain countries, whose governments are particularly concerned about money laundering and its sources.

Technical considerations play a part in the online recognition systems of some nations. Germany, for example, is moving towards a video based verification system, supported by documentary evidence. In this case, the likelihood that selfies will be adopted in Germany is almost non existent.

Worldwide Picture

Elsewhere in the world, Mexico is the only Latin American state to have its own banking and security regulator, while Asia has four, based in those Asian countries which rely heavily on the financial services industry. Outside of these five regulatory authorities, it is much more likely that selfies will be legitimate sources of online verification; it appears that, at the present time, financial institutions and countries which rely on them are very much looking the other way.

You might have heard of this new phrase on the cyber block but have never really understood what it meant.

Phishing is as flaky as it sounds – it is a fraudulent attempt to obtain sensitive data such as usernames, passwords and credit card details under the guise of a trusted entity via electronic communication.

Electronic communication is by and large done via the internet these days, so it is this platform that makes phishing particularly prevalent and pretty easy to do if you aren’t in the know.

Phishing in the Pandemic

As if COVID-19 were not enough to cause devastation, phishers are riding this tragic wave to malicious ends. Reports of phishing have risen dramatically since the onset of the pandemic and this art of deception seems to be becoming more sophisticated too.

Here are a few ways to keep yourself safe from phishing:

Spell check

Spelling mistakes or typos scream scam. If you receive an email supposedly from your bank and it is full of spelling mistakes and bad grammar, then it is more than likely a scam. Multi-billion-pound corporations such as banks have teams dedicated to presenting clean and clear correspondence. Even though cyber criminals are stepping up their game, they are still going to slip up somewhere.

Getting personal

Major organisations value your personal details almost as much as you do, and they won’t ever ask you for your credit card details or national insurance number by email.
If you receive a seemingly genuine email asking for this type of personal information, see it as a red flag. The email might lure you in with promises of a refund or rebate, but don’t jump at replying with the data they require.

No room for panic

Professional phishers will often try and get you to do what they ask by putting you under pressure. One way of doing this is claiming your bank account will be frozen due to fraudulent activity. Your knee jerk reaction might be to agree to move your money into a “new” account, which, you will soon find out, has nothing to do with you.

When you receive requests like this, report them immediately to the relevant organisation the emails are pretending to be from. If you don’t, these sorts of shenanigans will be able to escalate and the next person might not be as savvy as you are.

Too good to be true

If you receive an email with a link for you to claim an astounding cash prize, you should pause before you click. An unsolicited email should be shady enough, but one promising you that there is gold at the end of your rainbow is even more so.

Just have a good look at the actual email address and the link itself. There should be some clues in both of these to make you realise that you were right to be cautious. Simply hover the mouse over the link without clicking on it and the full URL will appear. If this doesn’t match a company or organisation’s website, then it’s fake.

Also, check even more carefully for slight alterations to URLs you visited often. It might be as simple as instead of http://www.bigdaddycompany.com it might appear as http://www.bigdadycompany.com.