Fraud awareness and digital security
Smart tips to help protect yourself online, keep your personal data safe, avoid fraud and how to contact us if you suspect of misuse on your account.
Common risks to yourself
Social engineering
Fraudsters manipulate victims into providing confidential information or other actions that will compromise their security using social engineering techniques known as phishing, vishing and smishing.
Phishing
Phishing is the fraudulent use of emails to manipulate targets into revealing passwords and sensitive information or transferring money into other accounts. Phishing messages often contain links to fake websites that request password and account information or install viruses on to your devices.
How to stay safe
- Stay vigilant: Be alert to the style, tone and grammar of emails you receive, especially if they don’t use your name, even if they follow an existing email chain
- Personal information: Never enter any personal or security information to a site accessed through an unverified email link
- Unverified senders: Never click on links or open attachments in emails from unverified senders
- Remember: We will never contact you and ask for your PIN, passwords, payment authorisation codes or full account details. Nor will we ask you to make a payment or request access to your systems or PC.
Vishing and smishing
Vishing is the fraudulent use of phone calls or voice messages to impersonate trusted organisations to obtain sensitive information. Smishing is the fraudulent use of SMS text messages to get targets to click malicious links or hand over private information. Bank impersonation is a type of vishing and/or smishing, and both forms of fraud are growing threats.
How to stay safe
- Always be alert: Never assume a caller is legitimate because they know information about you
- Don’t rely on caller ID: Caller ID can be faked, so don’t rely on this as an indicator of legitimacy
- Stop and think: If a call or text creates a sense of urgency stop and think is it legitimate? Do you really need to rush?
- Don’t click links: Links received from suspected smishing text messages may contain viruses
- Contact someone trusted: If you get a suspicious call, end the conversation immediately and call the organisation on a number that you know and trust. Use a different phone as the fraudster can keep the original line open
- Remember: We will never call you and ask for your PIN, passwords, payment authorisation codes or full account details. Nor will we ask you to make a payment or request access to your systems or PC.
Invoice scams
Fraudsters can pretend to be someone you legitimately owe money to, such as a school, solicitor, holiday company or builder/decorator by taking over compromised email addresses or creating ones that look genuine. They send an invoice or bill either requesting payment or asking you to change the details of the account you pay into, which is an account that they control. They may also intercept on going email conversations.
How to stay safe
- Call: If you receive a communication asking for an unusual payment or requesting a change in payment or contact details, check with the apparent sender before you do anything else. Use a phone number that know you can trust, like a publicly-available number or one that you have used before and not one that is included in the request.
- Check: Check invoices and bills for irregularities, especially in the language, bank account details or company logos.
- Verify: Don’t action requests to amend payment instructions until you have verified that they are genuine.
- Dispose: Shred confidential information like bills and bank statements.
- Review: Keep a close eye on statements and report anything suspicious immediately.
Cyber fraud and public WiFi
Cyber fraud involves malicious software, known as malware, that can infiltrate your computer system, smartphone or tablet, to access your logins and personal information. It might be sent in a link or hidden in software that seems genuine, and infiltrate your systems without you even knowing. Using public Wi-Fi insecurely can make it easier for fraudsters to gain access to your devices or access your information, because the network is less secure.
How to stay safe
- Software: Insall anti-virus software on all devices, keep your firewall and security software updated and always install the latest security updates for your devices
- Remember: Never click on links or attachments until you are completely sure they are legitimate
- Passwords: Create strong passwords for home Wi-Fi, devices and accounts, update them regularly and don’t allow your web browser to remember them
- Multi-Factor Authentication: Consider setting up two factor authentication (2FA) also known as multi-factor authentication (MFA) to add an additional layer to your account security. Doing this makes it harder for criminals to access your online accounts, even if they know your password
- Check: Check with your official authority on cyber security for the latest threats, for instance the National Cyber Security Centre in the UK at www.ncsc.gov.uk or the Agence Monégasque de Sécurité Numérique in Monaco at amsn.gouv.mc.
Card and cheque fraud
Card fraud can happen when a fraudster gets access to your personal information or steals your credit or debit card details. This lets them spend with your card. They may get access to your card details by intercepting your account information when you’re shopping or subscribing online, stealing your card or ‘cloning’ your card using a ‘swipe machine’. Once they’ve got your information, they can buy things with your money, open new accounts and apply for loans in your name or have new credit or debit cards sent to them. Cheque fraud happens when someone steals or copies a cheque, often to buy high-value goods.
How to stay safe
- Padlock: Look for a padlock symbol in the address bar or browser window before you enter any personal or payment details – it means that the website is secure.
- Check: Check your accounts regularly, and report any suspicious transactions immediately.
- ATMs: When using an ATM, check before for signs of tampering and do not use them if anything looks unusual, shield your PIN and keep your card in sight when making payments.
- Review: Check your credit rating regularly – this can help you find out whether anyone has tried to apply for credit cards using your personal information.
- Remember: If you’re selling a high value item - a car, for example - to someone you don’t know, ask for a cash or electronic payment rather than a cheque.
Investment scams
Fraudsters can pose as salespeople or bank employees, offering investment opportunities such as shares, gold, bonds or digital currency with the promise of great returns. They often use hard-selling tactics to persuade you and may suggest that the offer is time-limited. Scammers may praise your understanding of risk and say you’ve been selected for an ‘exclusive’ chance.
The shares they’re pushing may be listed on an illiquid market so can’t be sold, or may be a small unquoted company that, the fraudster claims, is planning to list. In other cases, the company may not exist or the share certificates are fake.
How to stay safe
- Remember: Any so-called ‘investment opportunity’ you receive out of the blue is likely to be very risky or a scam
- Consult: Speak to a trusted friend or family member before investing, and consider consulting a qualified financial adviser
- Check: If you’re considering an investment, do plenty of research including consulting with your local financial regulator for trustworthy or suspicious firms before you invest:
- In the UK check the Financial Services Register: https://register.fca.org.uk/s/
- In Monaco, CCAF publishes accredited entities and funds at: https://ccaf.mc/en/funds/types-of-funds/fcp/
- The Dubai Financial Services Authority issues alerts, listed on its website: https://www.dfsa.ae/en/Your-Resources/DFSA-Alerts.