Safeguarding Against Scamming
Human nature What social engineers want
To manipulate us
To access our personal information
To steal our money It is easier to manipulate a person than to hack a system! The Social Engineer’s Toolkit
We like to be liked Comply with authority
Urgency & deadlines There are five routes a fraudster can take into your home.
Can you name them? There are five routes a fraudster can take into your home. Home Phone: Vishing
Personal details are obtained by a fraudster posing as a trusted source over the telephone Vishing
This is the fraud The only way to Don’t report this You can trust department. secure your call, it could ruin me, I’m from Your money is money is to the investigation your bank, how at risk if you move it to this else would I don’t act NOW! safe account ... have your details? Internet: Online Fraud
Frauds committed using the internet. Can you name a few? Internet: Online Fraud
Account takeover Click fraud Advance fee frauds Domain name scams Bank card and cheque fraud Fraud recovery fraud Business directory fraud Government agency scams Business opportunity fraud Health scams Charity donation fraud Holiday fraud Clairvoyant or psychic scams Identity fraud Internet: Online Fraud Inheritance fraud Money muling Internet auction fraud Online shopping fraud Internet dialler scam Plastic card fraud Investment fraud Rental fraud Loan scams Romance scams Lottery scams Vehicle matching scams Mass marketing fraud West African or 419 scam Miracle health scams Work from home scams Internet: Phishing
Legitimate looking emails containing fraudulent links which allow the fraudster to obtain your personal details
Internet: Phishing
Phishing Mobile Phone: Smishing
Text messages are sent to victims to lure them into divulging their personal details Mobile Phone: Smishing Technology Fraud Letterbox: Identity Fraud • Protect your mail
• Ensure communal mail boxes are secure.
• Check your bank statements and credit file • Received by an 85 year old woman who lives alone.
• Her neighbour did not receive this letter.
• The woman appears to have been targeted. ‘this information must be kept away from the public to avoid unwarranted abuse of the programme or fraudulent acts from criminal minded and unauthorized person(s)’ Doorstep: Bogus Callers
Police Scotland campaign 2018 Doorstep Bogus Callers Remember me? I’ve come for my payment
Just because you don’t remember me, doesn’t mean I’m not owed money!
Vulnerable people are exploited to pay for non-existent or sub-standard work. Who is at the door? Who is at the door? P@s$w0rds123 Password Exercise
How many applications/systems do I use that require a password? Choosing passwords
Unique passwords
Not easily guessed Multifactor authentication
Passwords
Government Cyber Aware campaign
Three Random Words
www.cyberaware.gov.uk Any Questions?
Thank you for listening!
Follow us at @nhsscfs Contact Details National Services Scotland Counter Fraud Services 3 Bain Square Livingston EH54 7DQ
Direct Number: 01506 705200 Fraud Hotline: 08000 15 16 28
Fraud Online: www.cfs.scot.nhs.uk
Follow us at @nhsscfs
Presentation queries: [email protected]