It is probably once a week that I pick up a message in my email inbox asking me to get in touch with my bank about my account. These requests inevitably involve inputting password information. Usually the email is picked up by my spam filter but as this occasionally catches genuine messages I do sometimes retrieve emails that I think are genuine.
The odd thing is, the emails are usually from banks that I don’t have an account with. Phishing, persuading people to part with details about their bank accounts to bogus websites, is just one method fraudsters use in an attempt to get their hands on your money.
The advice is never to respond to any request to "verify" or "update" your customer account information online, however genuine it looks. Banks will never approach their customers in this way and any information you do provide will be captured by the criminals. Do not be taken in by the address in the "from" field on the email because it is easy to create fake entries.
You can often spot the fraud because the message will have been sent out at random to a bulk list of email addresses so it will be addressed to "Dear valued customer" or some other generic title and not to you by name. Sometimes the fraudsters will load a genuine bank website in the main browser window but place their own fake pop-up window over the top of it.
Never log into your online bank account by clicking on a link to an email since you could end up on a fake website. Always open your web browser and type in the bank’s address yourself.
Your home computer is one area of potential weakness in your defences against fraud but there are others. People often use internet cafes or libraries to access information when they are travelling while many sort out their financial affairs in a quiet moment at work. If you do access sensitive information in a public place, make sure you are not overlooked and that you do not leave the computer unattended. Close down the internet browser programme when you have finished to clear any security information from the screen.
The need to take personal precautions is made all the more urgent by the failure of many financial firms to protect the personal details of their customers, according to a recent survey by the Financial Services Authority, the financial watchdog. The FSA reviewed data security at 39 firms, including banks, building societies, insurance companies and financial advisers.
It concluded that many underestimated the risk of data loss and fraud their customers. Senior management often failed to recognise the value of their customers’ data to fraudsters. Managers were often unaware that staff could be as much a threat to data security as computer hackers and burglars. Some placed too much emphasis on computer system controls and not enough on staff awareness and training or regular risk assessments. All the more reason to take your own precautions.
By Charles Batchelor