by Abigail O'Reilly
You can lock your windows and your doors. You can install a burglar alarm with
a direct line to Scotland Yard. You could have Her Majesty's Army set up camp in your back yard. You could even dig a moat around your own private castle to keep those unwanted intruders out, but
however security conscious you may be there's still one form of crime you can easily fall victim to in the confines of your own home; internet fraud.
With the government's financial watchdog, the Financial Services Authority (FSA), recently warning that there has been an 8,000% increase in fake internet banking scams over the last two years, it seems that more than ever we need to take the correct precautions when using online facilities to reduce our vulnerability to the sinister machinations of e-criminals.
Internet fraud can emanate from a number of different sources - from criminals using credit card bills and statements to access individual accounts; to 'hackers' infiltrating your computers, infecting them with viruses and extracting personal information; as well as bank account details being obtained online through a technique known as 'phishing.' Phishing is a relative newcomer to the cybercrime scene, involving the creation and use of counterfeit websites to entice people to submit their bank account details. Another method of phishing for information involves the sending of unsolicited e-mails, or spam, to internet users, either requesting verification of your bank details or asking for help to transfer money to your account, the latter commonly claiming to be of Nigerian origin.
Although the amount stolen to date is still relatively small, according to the Financial Standards Authority (FSA) there were 5,059 recorded incidents of phishing between January and June 2006, showing a significant increase on the 312 incidents reported for the same period in 2005, and this number is estimated to have risen by a further 90% throughout the New Year.
The possibility of exploitation in this way is very real, with the Gwent Police warning internet users from the beginning of February 2007 to be vigilant with their personal information when online. The alert
was raised following the receipt of a number of falsified emails informing online banking customers that their bank's database had crashed, and instructing them that they had to log back in and confirm
their identity and account details. A non-profit organisation known as The Internet Fraud Advisory has also been forewarning
UK residents about an online scam this month. Fraudsters have sent e-mails, claiming to be from HM Customs and Revenue, offering the recipients tax refunds, and providing a link to a fake website
which requests the submission of the user's credit card details. Considering that it is still early in the year, this does not bode well for the months ahead.
Wales has identified and addressed the need to fight online misdemeanours seriously, with the success of the E-Crime Summit held in Llangollen during January 2006 demonstrating that despite the severity of this problem it can be controlled if the correct precautions are implemented. A three-year action plan was devised, the first of its kind in the UK, in the presence of over 200 delegates from a number of different organisations throughout the country. This manifesto suggested a number of practical steps that need to be made in order to combat the problem that is spiralling on an international level, following the revelation from Symantec, published in Management Today in November 2005 that "two thirds of British Firms suffered a malicious incident through electronic means during 2004...By June 2005 over 5.7 million bogus e-mails a day were being sent worldwide, seeking financial information to commit fraud." The action plan proposed fighting cybercrime through a combination of raising awareness of the problem, sharing information, providing quality advice and implementing more stringent procedures when transacting online.
This is a problem that is detrimental to the individual as well as to businesses and
international commerce, and one the government is dedicated to alleviating through the provision of advice and information to help those susceptible to this crime. The website www.getsafeonline.org, which is the UK's first national internet security awareness campaign, provides internet users with helpful advice to
protect their computers from hackers and to safeguard their personal information. Having received sponsorship from a number of influential sources including HM Government, the Home Office, the CSIA (a unit of the UK Governments Cabinet Office), the Department of Trade
and Industry and the National Infrastructure Security Co-ordination Centre, this website is part of a growing initiative to tackle the ever
increasing threat of cybercrime.
Managing Director of GetSafeOnline, Tony Neate, is no stranger to the transgressions of the criminal underworld having spent thirty years working as a Detective for the South Wales Police Force, and he appreciates the implications a growth in ecrime could have for continued use of the internet.
A survey report carried out by ICM for the website in September 2006, which collated the results from the responses made by 1,300 people questioned across the UK, concluded that 24% of people are too concerned to bank online, 18% of people won't shop online, and 17% of those questioned now refuse to access the Internet at all.
"The main thing to remember," remarks Tony Neate, "is that security is easy as long as you take the right steps. There are four things you can do to safeguard your computer; make sure you've got adequate and up-to-date anti-virus software, enable the firewall, ensure you receive the latest windows updates and stop spyware from accessing your computer."
The installation of anti-virus software is beneficial for a number of reasons; it
can stop hackers from accessing your computer, prevent viruses called 'worms' that spread over the Internet, and it can also block outgoing traffic that may have emanated from a viral infection on your
work station. The firewall acts as a barrier between the computer and the internet, which works to keep viruses out, and this is why it is important that you receive updates regularly so that your machine is
prepared for infection and can adapt to fight the continually developing forms of attack as and when they arise.
"I always think of it like this," continues Neate, "A computer is not like other household appliances, it's not like a toaster, which you can just throw away when it's not working, it's more like a car; it needs to be serviced and maintained regularly in order to function properly."
The installation of software such as Microsoft Defender, Spyware Blaster or Ad Aware can protect your computer from being infiltrated by Spyware, (an unwanted program that runs on your computer allowing criminals to access the information stored locally), and being selective about what you choose to download can also lessen the risks involved.
"It's all about increasing awareness and educating people about the problems," asserts Neate, with GetSafeOnline's second annual report highlighting the need for greater publicity about the help available. A huge 72% of the people questioned claimed that they needed more information, and 40% remarked that they were unsure where they could get the advice that they need to go online safely. Informing people of the risks involved and the preventative measures that can be taken should theoretically reduce the number of reported cases of internet fraud. "I was in the police force before I became the Managing Director of getsafeonline," he continues, "and what we always said was that prevention is better than the cure. You wouldn't leave the door to your house open when you go out, and a computer is exactly the same."
"Computers are wonderful things," remarks Neate optimistically, "they just need
to be used properly. People should just take ten minutes to look at the site, and they can see that the correct security precautions can be taken easily. Let's look at tradition; you wouldn't just give
somebody your credit card details, and this is exactly the same principle."
GetSafeOnline, which claims to provide 'expert advice for everyone,' contains a wealth of useful tips for the individual and for businesses, which includes making regular backups of your work to ensure you don't lose information, ensuring that wireless networks are secure as they can be particularly vulnerable to external infiltration, block unwanted e-mails, or spam, and ensure that you use any instant messaging programs safely.
But perhaps just as importantly is the onus on the individual to display good judgement: "a colossal amount of money is exchanged over the internet," remarks Neate, "in the lead up to Christmas this year it is estimated that 7-9 billion pounds were spent online. To guarantee you are protected make sure you deal with properly secured, well-known websites."
Despite the predictions that there will continue to be an increase in incidents of phishing and internet fraud throughout the year, the more widespread knowledge of the problem becomes, the easier it will be to control it. By accepting a duty of care to our computers and to our personal information we can safeguard our time online.
Send a comment about this article to editor@itwales.com.
The next e-Crime Wales Summit takes place on 2 March 2007 at the Celtic Manor, Newport. Find out more and register online at www.welshevents.com/ecrime2007/content.php?id=5.