Their names may sound funny, but their financial consequences are not. “Phishing,” “smishing,” “vishing” and “pharming” are just a few of the ways criminals gain access to personal information through your computer or smartphone.
If you’re not careful, identity thieves can use harvested information to open fraudulent bank or credit card accounts, take out loans, rent apartments or even charge medical procedures to your insurance plan.
Unfortunately, every time the authorities plug one hole, crafty criminals figure out new ways to trick unsuspecting victims. According to Visa, eCommerce is growing at a rate of 30 per cent annually across the Middle East and 85 per cent of the eCommerce volume stems from the UAE, Saudi Arabia, Kuwait and Qatar alone.
Here are some identity theft scams to watch out for:
Phishing
This is where you receive an email, purportedly from a trusted source like a government agency, bank or retailer, that asks you to supply or confirm account information, login IDs or passwords. These impostors are fishing for your personal information. Legitimate organisations never ask you to verify sensitive information through a non-secure means such as email.
Smishing (short-message service phishing)
Like phishing, only it uses text messages sent to your cellphone. Even if you don’t share any information, just by responding you’re verifying that your phone number is valid, which means it probably will be sold to others who will try to trick you into their own scams.
Vishing (voice phishing)
Where live or automated callers act like your bank or credit card issuer under the pretext of clearing up a problem (such as theft or overdrawn accounts). You’ll be asked to share personal or account information. Keep a list of toll-free service numbers for all companies you use so you can call them directly without fearing you’ve been given bogus information. I also program these numbers – but not account numbers – into my mobile phone in case I’m travelling.
Tips for spotting risky emails and texts:
• Never give sensitive information by responding to an email or SMS.
• Although the “from” line may appear to be from a valid company email address, that’s easy for fraudsters to mimic.
• Beware of subject lines and body copy that use ominous or threatening language, eg “Your credit card has been suspended”.
• Lack of a personalised salutation or closing details, eg “Dear Valued Customer” is a red flag.
• Watch for typos, poor grammar, punctuation, capitalisation consistency and other warning signs they are not legitimate.
• Scroll your mouse over any embedded links before clicking to check for suspicious domain endings.
Pharming
Where hackers redirect you from a legitimate website to an impostor site where your personal information is harvested or “farmed”. Social networking sites such as Facebook and Twitter are increasingly being targeted, so be wary of opening any links – even from trusted friends – because their account may have been hacked.
Tips to identify an unsafe website:
• Never click on a link embedded in an email. Even if sent from someone you trust, always type the link into your browser.
• Look for signs of legitimacy. Does the website list contact information or some signs of a real-world presence. If doubtful, contact them by phone or email to establish their legitimacy.
• Read the URL carefully. If this is a website you frequent, is the URL spelt correctly? Fraudsters will set up websites almost identical to the spelling of the site you are trying to visit.
• Check the properties of any links. Right-clicking a hyperlink and selecting “properties” will reveal the true destination of the link. Does it look different from what it claimed to lead you to?
• When visiting a website that asks for sensitive information such as credit card numbers or your other personal identification numbers, make sure that the website is encrypted over a secure connection – make sure URL of the website is HTTPS. Alternatively, another sign to look for is the lock icon that is displayed somewhere in the window of your web browser. Click on the “lock” icon to verify that a website is trustworthy.
• Remember to use your internet browser’s security tools. Make sure to install the most current version of your web browser. Most browsers have sophisticated filters that can identify and warn you of potential security threats.
Marcello Baricordi is the general manager for the UAE and the Mena global accounts lead at Visa
Follow The National's Business section on Twitter
