By: Richard Rattue, MD, Compli-Serve SA
The prevalence of online financial crime speaks to the value of personal and company data. At a recent webinar, Reuters, shared some important reminders.
Even though you may have taken the necessary precautions to keep yourself safe, scams evolve just as we do. Becoming familiar with the common clues and necessary precautions can help you spot danger, before it’s too late.
It’s a trust game
Be aware of unsolicited emails seducing you with the promise of receiving money with little work on your part. One of the multiple approaches is to appeal to your nature by asking for help in a difficult financial situation or, simply posing as a reputable company needing verification on personal information. What these types of scams have in common, is the personal connection instigated from the beginning.
For a scam to affect you, you need to engage (and I am encouraging you not to). Avoid clicking on suspicious links in an SMS or email or answering suspicious questions. “Jerome asked me to confirm this transaction with you, please click on the link below – it will be easier for me to work from it once you approve”. The confusion of the whole email is often why we click on the link. Who is Jerome? What transaction? Why don’t you remember this conversation? So, you click to double check…
But when in doubt, do not click. Chances are you don’t remember the conversation because it never happened…
Reuters highlighted how easy it is to be led astray by false indicators of success and wealth given the unstable economic conditions that many of us are in.
Ones to be particularly mindful of are phony variations of forex trading and cryptocurrency. Because these are still relatively new, and rules are still unclear, it is better to be cautious before committing to anything.
An example of such is the Initial Coin Offering (ICO) taking the place of an Initial Product Offering (IPO) that allows investors to purchase newly created ‘coins’ from a business, rather than the traditional method of buying shares. Because it is not a widely spread practice, it is easy for the scammer to claim that his financial successes are due to buying in himself.
Fraudsters hope that if they look successful, you won’t bother checking their credentials, so try avoiding falling for fancy titles, impressive company profiles, or licences without verifying their legitimacy.
Be sceptical of investment pitches that guarantee definite returns or promise grand profits in unrealistic timeframes. The reality is that every investment involves risk and needs time, therefore no salesperson should be able to make those kinds of promises. If after due diligence, you are still unsure, contact a compliance professional equipped with industry expertise and integrity to advise you accordingly.
Check your surroundings
The 2020 Reuters Cost of Compliance Report cites data protection as a challenge and a priority in compliance. A notable example took place in March this year when a (phishing) email circulated that appeared to be from the World Health Organization (WHO). It asked recipients to view an attachment that had information on how to protect against Covid-19. However, the email contained malicious links that would install malware onto the users’ devices and steal personal information or attempt to capture passwords through recording the users’ keyboard strokes.
Even though you might not have been the direct recipient of the email, your passwords, identity, and network are at the risk of being compromised, especially in the work environment where systems are shared. Having your personal details stolen and cloned to access your finances and data is a tedious process to rectify over and above having to prove that you did not authorize the motion to clear out your life’s savings.
Spread the right love
Encourage family, friends, and colleagues to avoid the impulse of clicking on all emails that they receive. Think about where the sender would have received your details from. If you cannot recall, or the email makes you feel uncomfortable, mark it as spam and notify the IT department at your workplace so they can alert the rest of the company as needed.
Although it may be time-consuming, practicing digital hygiene consistently is the best way to stay safe consistently too.