Safeguarding Against Scamming

Human nature What social engineers want

To manipulate us

To access our personal information

To steal our money It is easier to manipulate a person than to hack a system! The Social Engineer’s Toolkit

We like to be liked Comply with authority

Urgency & deadlines There are five routes a fraudster can take into your home.

Can you name them? There are five routes a fraudster can take into your home. Home Phone: Vishing

Personal details are obtained by a fraudster posing as a trusted source over the telephone Vishing

This is the fraud The only way to Don’t report this You can trust department. secure your call, it could ruin me, I’m from Your money is money is to the investigation your bank, how at risk if you move it to this else would I don’t act NOW! safe account ... have your details? Internet: Online Fraud

Frauds committed using the internet. Can you name a few? Internet: Online Fraud

Account takeover Click fraud Advance fee frauds Domain name scams Bank card and cheque fraud Fraud recovery fraud Business directory fraud Government agency scams Business opportunity fraud Health scams Charity donation fraud Holiday fraud Clairvoyant or psychic scams Identity fraud Internet: Online Fraud Inheritance fraud Money muling Internet auction fraud Online shopping fraud Internet dialler scam Plastic card fraud Investment fraud Rental fraud Loan scams Romance scams Lottery scams Vehicle matching scams Mass marketing fraud West African or 419 scam Miracle health scams Work from home scams Internet: Phishing

Legitimate looking emails containing fraudulent links which allow the fraudster to obtain your personal details

Internet: Phishing

Phishing Mobile Phone: Smishing

Text messages are sent to victims to lure them into divulging their personal details Mobile Phone: Smishing Technology Fraud Letterbox: Identity Fraud • Protect your mail

• Ensure communal mail boxes are secure.

• Check your bank statements and credit file • Received by an 85 year old woman who lives alone.

• Her neighbour did not receive this letter.

• The woman appears to have been targeted. ‘this information must be kept away from the public to avoid unwarranted abuse of the programme or fraudulent acts from criminal minded and unauthorized person(s)’ Doorstep: Bogus Callers

Police Scotland campaign 2018 Doorstep Bogus Callers Remember me? I’ve come for my payment

Just because you don’t remember me, doesn’t mean I’m not owed money!

Vulnerable people are exploited to pay for non-existent or sub-standard work. Who is at the door? Who is at the door? P@s$w0rds123 Password Exercise

How many applications/systems do I use that require a password? Choosing passwords

Unique passwords

Not easily guessed Multifactor authentication

Passwords

Government Cyber Aware campaign

Three Random Words

www.cyberaware.gov.uk Any Questions?

Thank you for listening!

Follow us at @nhsscfs Contact Details National Services Scotland Counter Fraud Services 3 Bain Square Livingston EH54 7DQ

Direct Number:  01506 705200 Fraud Hotline:  08000 15 16 28

Fraud Online: www.cfs.scot.nhs.uk

Follow us at @nhsscfs

Presentation queries: [email protected]