Preventing Cybercrime- Everybody’s Responsibility !
Preventing Cybercrime- Everybody’s Responsibility !
We would like to inform you of an ongoing issue as we move increasingly to the online world. You may have seen such events as the ‘WannaCry’ ransomware attack which caused havoc in more than 150 countries earlier this year. The attack cut access to all the files on the infected computers which are ransomed for money, otherwise the files are either deleted or published online. These sorts of attacks becoming popular with Cybercriminals in Australia which cost an estimated $2b in 2014, these costs are rising each year.
Previously fraudsters tried to get your bank account and credit card information, but they are now trying to access funds from investment funds and superannuation funds.
How Fraudsters Access Super Accounts
Frequently fraudsters have been trying to access super accounts through emails / member logins and secondly by early access to super.
By gaining access to the members email account, collecting information about the member and internet accessible data fraudsters have enough information to create a convincing withdrawal form or email which is submitted to the super fund or financial adviser.
These fraudsters also submit forms for early access to funds by claiming hardship or departing Australia Payments. If the fraudulent transaction is processed, the funds are quickly moved offshore and in most cases, can’t be recovered.
Types of Cybercrime
- Hacking – This is where a person’s computer is accessed to collect personal and sensitive information.
- Identity Fraud – Illegally accessing identity information to steal money or obtain benefits.
- Malicious Software & Ransomware – software which gains unauthorised access to a computer. Used to steal, destroy or ransomware data.
- Phishing – an email posing as a company (which sometimes looks rather legitimate) asking for personal information.
- Bullying and Harassment – using technology intended to make a person feel offended, uncomfortable or fearful.
How You Can Stay Protected
- Use Anti-Virus software – a program which scans your computer looking for threats, many of these can be downloaded for free.
- Regularly Update – regularly updating your computer allows the latest security updates to help block access to external threats.
- Be Aware – Do not divulge personal information when requested by emails.
- Choosing a Strong Password – Good passwords are randomised alpha numerical. The strength of a password is based off the length and complexity (so don’t use password for your password!).
- Keep Up to Date – read more about Cybercrime and how to better prepare yourself by visiting the Government Website Stay Smart Online (https://www.staysmartonline.gov.au/).
- Socialising Online – try to remove or restrict access to personal information which could help a fraudster, such as email addresses, phone numbers, date of births and home address.
- Restrict use of Public Networks – Avoid using public networks for sensitive transactions such as internet banking or online shopping. If you need to use the network ensure your computers network settings are not allowing people to access your computer. On websites where you are inputting sensitive information look for a padlock or addresses starting with https:// instead of http://.
Case Study: Cybercrime
A email is received by financial adviser John Smith from his client Joe. Joe had been a client of John’s for many years and during retirement has been making frequent withdrawal requests for holidays and house modifications. The email that John received is asking for a withdrawal of $50,000, Joe states in the email that he is overseas and needs the money to help his daughter.
John didn’t know that Joe was overseas, but the email did come from Joe’s email and was sent in the same way as previous emails. John asks Joe to complete and sign a withdrawal form, Joe replies saying he is unable to sign the form and if John could process this for him and deposit the funds into his daughters account.
John didn’t know that Joe’s email was actually hacked, the hacker had access to all of Joe’s personal information which helped him write convincing emails to John. The withdrawal was processed and the funds were deposited to the nominated account. The transaction was later found out to be fraudulent and the $50,000 was not recoverable.
What We Are Doing to Prevent This
1. We Look for Irregularities- for example we will be suspicious if you normally communicate with us by phone and an email request is received instead.
2. We Ask for Proof – want to process your withdrawal to a different bank account? You will need to provide a statement to prove the account is yours
3. We Call – we know some of the withdrawals are of the essence, but we will not process a withdrawal until we have spoken to you either in person or over the phone.
Together We Can Prevent Cybercrime
If you have any questions please do not hesitate to contact our office
E: admin@ascentwm.com.au
P: (07) 3343 9228
Sources:
Stay Smart Online
Australian Institute of Criminology