Phishing - Don’t let email be your weakest link

27 Nov 2019

Quick Update

A collection of news in brief from Investec Private Bank

Phishing is responsible for more than 90% of all hacks worldwide.

The perception is that hackers use fancy code and technical wizardry to force their way into our accounts and devices. Nothing could be further from the truth.

One fake email or SMS is all a hacker needs
 
All hackers have to do is send a fraudulent email or SMS to trick you into revealing your username and password. Once they have this, they can get their hands on your personal information and your money.
 
How phishing works
 
Hackers will send you an email or SMS with a link in the body of the email, SMS or as an attachment. If you click on the link, there is a 70% chance you will download a virus onto your device. The virus can then capture all the usernames and passwords you enter into your accounts.
 
When clicked, some links will reroute you to a new page or website and request you to log in using your username and password for that account. When you enter your login details, the site will capture your credentials and send it to the hackers.
 
Keep in mind, attachments can also carry viruses (like ransomware) and may look like a harmless PDF document or photograph, but
when clicked it will download a virus.
 
What to do if your phone is stolen?
 
If your phone is stolen, hackers need to get your password for the device to access your information. Once they’ve found your email address or cellphone number, they may send you a fake ‘Find my phone’ email or SMS with a fraudulent link. Once you’ve entered your username and password, the fraudsters can access your cloud account and any passwords saved in your keychain.
 
When you’re a victim of theft, you often feel panic and will fill in your details with a sense of urgency. Be aware of how criminals target you and the tactics that make you even more vulnerable to fraud.
 
Protect yourself against phishing
 
Email is the least secure communication channel and it is important that you follow these recommendations to secure your email account.
  • Do not click on links or attachments in emails that you are not 100% sure come from a legitimate source.
  • Do not enter login details in sites that you were directed to via a link.
  • Enter the URL or web address for any website manually. Don’t use links, including email login screens.
  • Don’t assume emails from people you are familiar with are safe (eg, friends or colleagues). These people could have been hacked themselves and the hackers are sending emails from their account.
  • Enable second factor authentication on your email account, this will protect you if you inadvertently reveal your login credentials. Not all providers offer this service, so switch to one that does.
  • Change your email password every six months.
 

If you have any questions or suspect fraud on your account, please contact our 24/7 global Client Support Centre on 0860 110 161 or +27 (0)11 286 9663.

For more Quick Update insights, click on the image below:

Get in touch

If you have any feedback or suggestions, please let us know