The full impact of security breach like that experienced by Talk Talk may not become apparent for some time.
Once in possession of your personal information the fraudsters can afford to will wait until your guard is down before making their move. With the holiday season almost upon us we can expect them to strike while everyone is distracted with parties and presents.
Keep your cards close to your chest.
A common tactic employed by these criminals involves gaining the trust of their victim in order to get them to reveal passwords and pin codes. In order for this to work they must make direct contact with their intended victim and pretend to be a representative from their bank, internet service provider or some other organisation. Given that they already have your stolen personal information it’s not hard for them to sound convincing.
Once, your hooked you will be worked on (subtlety) answering questions or performing tasks that allow the criminals to fill in the gaps in the information that they have about you. By the time the encounter is concluded you will have fallen victim to their scam, although it may be several days or weeks before you become aware of their criminal activity. Your best defence against the scammers is to end the conversation promptly without revealing any information.
Remain alert and don’t let the thieves in.
The thieves may make contact using a variety of media e.g. email, phone calls, letters, etc. some things to consider are…
- Emails can contain links to fake websites that enable the criminals to capture your passwords and install malware on your PC, phone or tablet. Treat all links with suspicion and do not click on them.
- Although internet scammers can produce very convincing fake websites modern web browsers can alert you to suspect sites. Your browser will always display a padlock in the address bar when you visit an official website. Next to the padlock you should also be able to see that the website address is prefixes with “https://”. Do not use the website if either one of these indicators are missing or if you receive any security warnings from your web browser.
- Treat all phone calls from people purporting to representatives of an organisation that you have dealings with as suspicious. Avoid validating / confirming any information that they may already have about you however persuasive their argument. Don’t give out passwords, post-codes, email address, phone numbers, etc.. Don’t use the same phone to contact the organisation to establish if the original call was genuine as only the caller can terminate the call. This allows criminals to pass the phone over to another member of the gang who will pretend to be a representative of the organisation.
- Ask the caller for their name, extension number and the department in which they work. Use a different phone line to contact the organisation using a phone number that you have taken from an official document such as a bank statement or letter.
- Report any suspicious phone calls or emails to the organisation concerned.
- Regularly check your bank and credit card statements for any suspicious activity.
Report any unusual transactions to your bank as soon as they are discovered.