Citizens Advice is running another Scams Awareness week after its earlier campaign in May.
While the charity’s data suggests that over-75s are the most commonly targeted, and most often via telephone, the next most at risk age-group is those aged 18 to 24, usually via text or mobile messaging. Some of the most frequently encountered forms of scams involve impersonation of officials, Citizens Advice points out.
Dame Clare Moriarty, Chief Executive of Citizens Advice, said: “Anyone can be targeted by a scam and sadly anyone can fall for one. As scammers get ever more sophisticated it’s more important than ever that we all work together to raise awareness, report scams and share our experiences to help protect ourselves from their tricks.”
Five scams that the charity singles out are:
Parcel delivery scams – texts or emails claiming to be from a delivery company to reschedule or pay additional delivery fees in an attempt to get people’s personal information or bank details. Or false tracking information is given for items bought online, which never arrive.
Banking scams – correspondence claiming to be from one of the banks attempting to get people’s bank details
Online shopping scams – items bought online which never arrive, often once the seller has the money they block all contact from the buyer. This can also happen with sales through social media and apps
Investment scams – get-rich-quick schemes
Tax or government support related scams – correspondence claiming to be from the government about support available for energy bills, and asking for personal information including bank details.
Comment
Matt Aldridge, OpenText Cybersecurity, says: “Scams are a significant danger to businesses as they systematically exploit human vulnerabilities, thereby weakening the integrity of the organisation’s cybersecurity. Business Email Compromise is a very serious example of a scam that can have a massive financial impact on a business, while phishing attacks can open the door to huge business impacts from ransomware and significant data loss.
“For maximum preparedness, businesses should integrate real-time anti-phishing into any security solutions deployed on employee endpoint devices. Hackers make money from successful phishing attacks and are therefore constantly changing their techniques and tactics to get the highest rate of return. Powerful threat intelligence technology that uses machine learning to identify the latest threats can be enormously helpful when it comes to protecting against these ever-evolving scams. Strong, multi-factor authentication (MFA) can greatly help to neutralise these types of attack, but it is no silver bullet. Company processes and procedures relating to financial transactions should also be carefully scrutinised to ensure that a single employee falling for a scam cannot result in financial loss for the organisation.
“It’s also crucial that staff are properly trained to identify threats. There’s no use investing in sophisticated cybersecurity software and services if employees continue to click on dangerous phishing links that slip through the net, granting cybercriminals access to the business network. It’s like turning on a home security alarm while leaving the window open. Top cybersecurity training providers work continuously to update the content in their courses and simulations to reflect the latest threat landscape. Businesses ought to roll out a comprehensive and consistent education programme as well as the latest anti-phishing technology. Only then will they be able to truly improve employee vigilance and stand the best chance of defending the network against scammers and cybercriminals.”
