The ever increasing technological innovations will continuously make businesses and individuals more reliant on technology. People who are even not involved in an overly technical sector as their core work will start using technology.
As such, online activities and electronic transactions will tend to increase. Many people will be sending and receiving money mostly through electronic means (Mobile money transfers, foreign remittances, credit & debit cards transactions, internet payments, ATM transactions, etc.).
This also presents a good opportunity for cyber-criminals to exploit. Their approach and dynamics in launching their fraudulent attacks is not going to be too different from the previous year’s attacks. Their attacks come in various forms and normally designed not to only target technological weaknesses but also to exploit people.
This article tends to offer precautionary measures in order to stay cyber safe as we explore the year 2020 and beyond.
Perform transactions on a secured site
Before performing any transaction online, be sure the website is secured.
To check whether a website is secured, look at the URL of the website. If it begins with “https” instead of “http” it means the site is secured using anSSL Certificate (thes stands for secure). SSL Certificates secure all of your data as it is passed from your browser to the website’s server.
You can also look for a padlock icon on the URL address bar at the top of your browser, usually to the left of the URL. Fake websites might not have a lock icon or they might create a fake one. Click on the lock icon to check for more information about the website.
Beware of phishing attack
Phishing is a method of sending messages usually in the form of email which are designed to appear as if it is from a legitimate institution, or business such as your bank or familiar retailer. They aim to trick you into revealing your personal details. The emails usually contain fraudulent web page or links which when clicked, download malicious software or take you through to a hoaxed website to collect your personal and confidential details.
For this year, be very wary of emails from institutions or organizations offering deals or cash prizes. Check the email address and do not click on any links embedded in the message.
Scammers normally send emails that would ask you to click on a link to enter your details to arrange a delivery. They know definitely you might have ordered something online and would be expecting it. In such case, you may be requested to enter your credit card details to verify the delivery. Be suspicious if the email does not tell you the content of the ordered items and if you are in doubt, recheck your order trail and call the seller you are expecting a delivery from to confirm.
Be suspicious of attractive WhatsApp messages
Cyber-criminals can use WhatsApp platform to carry out their operations. WhatsApp users will be receiving very attractive messages that appear to be sent from or forwarded by your phone contacts. Following the link will take you through to another site that looks genuine and would be requesting your personal details.
Please do not click such links but rather delete the message even if it is coming from someone you trust or know and immediately install security software (anti-virus) if your device does not have one.
Public Wi-Fi are not secured: avoid performing financial/sensitive transaction using public networks
Free Wi-Fi, often offered by hotels, guest houses, shops and bars may be very useful but are extremely vulnerable. A cyber-criminal can set up their own fake hotspot or easily hack into a public network and access your user details. Never perform banking transactions on a public network. If you are banking or shopping online use your own personal internet or hotspot from your phone or wait until you get home.
Avoid “Freebies” on Facebook
Cyber-criminals can also create enticing offers on their Facebook walls asking users to “like” and “share”. In an attempt to do so, you will be asked for personal details which can be used for fraudulent purposes. Please check if the Facebook account is verified with a blue tick, before performing any action.
Take immediate action if you think you’ve been scammed
If you are scammed call your bank immediately. They can intervene and stop any payment initiated. Even if payment goes through, your prompt action may help the bank to retrieve the funds from the cyber-criminal’s account.
Be mindful that banks are not responsible for reimbursing customers who have been deceived into making payments. Banks will only refund customers who have been defrauded or a transaction actioned without their authorization. In addition, when making the call, call your bank from your contact list, not from any mobile number provided to you in a possibly scam email.
You can also report the incidents to the National Cyber Security Centre through SMS/call 292 or WhatsApp on 050 160 311.
Stay Vigilant! Stay Cyber- Safe this this year!! Afehyia pa!!!
Author: Seth Frimpong-Manso
Chief Information Security Officer, Opportunity International (Member, Institute of ICT Professionals Ghana)
For comments, contact author firstname.lastname@example.org