Cyber fraud: 10 tips to beat ‘silent stealing’

Cybercriminals are targeting people on a massive scale in an attempt to steal small amounts of money as part of a technique known as “silent stealing”, according to a new study.

It is just the latest in a wide range of methods scammers can use.

Here is a round-up of the top tips from police and cybersecurity experts on how to stay safe online and avoid falling victim to cyber fraudsters.

1. Have strong passwords

A person’s passwords are the keys to their online life, so making sure they are strong and secure is vital to cybersecurity.

Criminals can easily guess simple passwords linked to family names, pets and sports teams so use a collection of random words instead, and always have a different password for your main email, where the largest collection of sensitive information can be found.

2. Keep software updated

Cybersecurity is an ever-evolving issue, with new threats constantly being discovered and fixed. This is why it is crucial to always download and install software updates as they patch any vulnerabilities or holes in software that could allow hackers in.

3. Use anti-virus software

As well keeping device software up to date, anti-virus software can help further detect any breaches that occur, identifying and removing any malicious software (malware) which gets on to your system.

4. Always back up your data

Files, photos and contacts are likely to be among the most important things on someone’s computer, so making back-up copies ensures they are not lost if a computer breaks or is infected.

5. Use two-factor authentication

A key extra layer of security, two-factor authentication (2FA) can help protect an account even if the password is stolen by hackers, as it requires a second layer of information – for example, entering a code sent to a user’s phone via text message – before it lets someone into the account.

Turning on 2FA for all accounts where available can help keep criminals away from sensitive information even if they manage to steal someone’s passwords.

6. Avoid public or free wifi networks for sensitive activities

Free, public wifi networks are available to everyone, meaning anyone can watch the traffic sent between your device and the internet, so hackers could potentially monitor everything you are doing and steal personal information as you use different accounts.

As a result, it is best to adopt the approach of not doing anything on public wifi that you would not be happy for a stranger to see.

7. Don’t click on suspicious links or attachments

If you receive an email or text message that is unexpected or suspicious, do not click on any links or attachments they contain, as this could infect your device and give criminals access to it.

Hackers often try to disguise messages so they appear to have come from official sources, but recipients should be suspicious of any message which asks for log-in information or payment details, and remember that many services do not make such requests via email.

The National Cyber Security Centre (NCSC) has also created a suspicious email reporting service, where users can forward any suspicious emails they receive to the agency for investigation. The public can forward emails to report@phishing.gov.uk.

8. Share less on social media

Social media is a great tool for keeping in touch, but details can also be used by criminals to build profiles or give them vital personal information.

Cybersecurity experts encourage people to check their privacy settings so that they only share details with friends, and to avoid sharing personal information such as home address, date of birth and other identifiers on social platforms.

9. Always question requests for personal details

Experts say people should never hand over personal details to anyone asking for them out of the blue, whether on the phone or over the internet.

People should take the time to check the details of who has contacted them and verify they are who they claim to be.

10. Report cybercrime

All reports of fraud and cybercrime are important in helping police disrupt and catch cybercriminals.

So even if someone does not lose any money when being targeted, all cyber crime should be reported to Action Fraud.