Author and personal finance coach, Usiere Uko, writes on ways to protect your money from identity thieves
It is holiday season again and the
children are home. We tend to spend more while at the same time get more
exposed to risks as the children browse and download all manner of
stuff on the family computer. It is also high season for online scams
and identity theft – someone stealing your details to login into your
account or use your card details as if it was you. As Nigeria is
gradually going cashless, identity theft will likely increase as robbery
and kidnapping become less attractive due to limited access to cash.
There are many ways identity thieves obtain your information. Common ways include but are not limited to:
Hacking, spyware and malware
These are thieves without borders who can
launch an attack from anywhere in the world. Some hackers patrol
cyberspace looking for exposed system to attack. Others access your
system through a spyware or malware – software that collect your data
and transmit back to base.
Continue reading after the cut....
These are usually from downloads from some
websites, often bundled with ‘free’ downloads. When you download some
software free, you also download some programs that may be used to steal
your personal data. Some come in form of a virus (malware) which also
inflicts damage in addition to stealing your data.
Often the stolen data is stored in your
browser. Browsers usually offer to save your passwords, which means they
collect it first before they can save (you cannot save what is not in
your custody). I am shocked when I log into my account online and my
browser prompts me to save my password. Bank websites are supposed to be
secure enough to disable this functionality. Never save your bank login
to your browser. If you can help it, that goes for your email account
too – you can pay heavily for that convenience. Many have had their
email account hacked into and mails sent out on their behalf soliciting
for help. I know of some cases people actually paid without verifying by
calling the person directly.
Free wifi
We love free things, especially free
internet access. Hackers and identity thieves know this also, so they
spring a trap where people tend to gather in numbers e.g. airports,
eateries, malls etc. You see free wifi and get excited when you connect
without a password. If something is too good to be true, it usually is.
Someone may be sitting in a car or room close by accessing your system
(since you are connected to his network to browse) and trying to access
your private information.
Phishing attacks
This is one of the most common. You get
an email from ‘your bank’ or a bank you have no account with, warning
you that your account may be suspended if you do not click on a link to
update your details. If you hover your mouse over the link, you will
notice a strange URL. If you click on it and provide your details, it
will be received with thanks by identity thieves. No bank will ask you
to update your details by clicking on a link. You should know your
bank’s website address and login in by typing in same. Millions of these
mails are sent out every day and a 0.1 per cent success rate is bonanza
for the thieves.
Another trick, though not related to
phishing or identity theft, but email harvesting is when mails are sent
out for you to join a good cause, pass on to others, win a prize etc. It
is common on Whatsapp and email. You get a chain mail asking you to
forward to others. For example, Bishop A’s TV broadcast is about to be
banned in the US and they need signatures to overturn the ban (they need
Nigerian signatures to overturn a pending US ban?). Apple wants to give
out a free phone, please forward to your friends. As you forward the
mail to your contacts, one smart Alec is collecting email addresses free
of charge for sale to marketers.
Shoulder surfing
Sometimes the thief is someone in your
vicinity – someone who can look over your shoulder to memorise your
details as you type them in. The person then accesses to your system
when you are not on seat. I have had to change my phone passwords
severally as my children memorise my login. I often catch them playing
with my phone which was supposedly locked. If they were thieves, they
would have had access to my account balance information through credit
alerts etc. Often we leave our computers for others to make use of,
without creating a separate guest profile for such; hence they have
access to our private information. They can easily download our
passwords from the browser before we return.
Many people do not clear their browsers
and files when they sell, give away or send their computer for repairs.
They give it away with their login details stored in their browsers as
well.
Take measures to protect yourself
One basic way to protect yourself is to
reduce the amount of idle cash in your account. Save and invest first
before spending. Don’t leave large amount of money in your account on
idle mode for long. It should be working for you somewhere. When you
must hold some cash for a period, you can leave it in a savings account
without internet banking or ATM card linked to it. That means you can
only access that account via the banking hall. This is inconvenient and
old school but protects you from identity thieves online. The person has
to physically impersonate you to access the account.
Another way is to enable pin (pass code
or secure code) for online transactions (different from your normal
pin). Most foreign websites only ask for card number, expiry date and
security code. Few ask for billing address and post code. This means
anyone can copy your card details and go shopping online on your behalf.
Online pin adds another level of protection. However, as stated
earlier, someone can steal your passwords from your browser through
spyware. That is why it is critical to invest in a good antivirus and
keep it up to date. Some banks require a one-time password which is sent
to your phone by SMS in order to complete transactions on a 3rd party
website. That way, even when someone obtains your details, he still
cannot use your card without your phone. The same principle applies with
tokens for online account transfers.
These are just some of the ways your
details can be compromised online and ways you can protect yourself.
There are syndicates that operate offline – steal your wallet or trap
your ATM card in the machine etc. You need to remain up to date on how
to protect yourself from these threats. Happy holidays.
- financialfreedominspiration [usiere@gmail.com]
Share your thoughts.....thanks!
No comments:
Post a Comment