People are worrying about the financial risks of online scams as the cost of living crisis grows, according to a new social media poll* run by Menlo Security, a leader in cloud security. When asked what their biggest fear is about online scammers, over half of respondents (55%) are concerned about their money being stolen, compared to less than a quarter who worry about their identity being stolen.
The poll explores the degree of trust that consumers have in their digital lives as the number of online scams continues to rise during increasingly challenging economic times. Figures from UK Finance show that more than 1.3bn GBP was stolen from victims tricked into authorised push payment fraud (APP) in 2021, with the number of incidents up 27% on the previous year. APP fraud involves criminals impersonating organisations such as the NHS, banks and government departments via calls, texts, emails, fake websites and social media posts to trick people into handing over personal and financial information, which is then used to convince account holders to make a payment.
Spending online, which often involves entering confidential financial details, is a particular concern as many face the prospect of a struggle to make ends meet. Online shopping fraud dominates the list of scams, with 44% of respondents worrying about this the most, ahead of phishing emails (27%), social media scams (17%) and catfishing and online dating (13%).
When asked about the most recent scam message they had received, 40% of respondents say it appeared to be from a postal or delivery company, while more than a third (37%) say it appeared to be from a public sector source, such as HMRC, the Government or the NHS. These fraudulent sources were much more frequent than banks or utility providers (16%), or friends and family (7%).
It is perhaps no surprise then that people trust friends and family (51%) more than anyone else for online security advice. More so than work colleagues (21%) and news sources (15%). Official sources like the Government and other authorities are the least trusted – with just 13% of votes.
Tom McVey, Solution Architect, Menlo Security, comments: “It’s human instinct to warn others about dangers, especially if a friend or family member has been the target of an attack themselves – and many of us have been. Perhaps this is the reason that we trust friends and family over any other authority when it comes to security advice. With threat actors trying any tactic that exploits the trust we hold in the services or businesses that they impersonate this caution is understandable. But as individuals, we also need to be taking greater prevention steps to secure ourselves in the first place.”
Reassuringly, the survey found that almost a third of people now use two factor authentication as the main way of protecting themselves online. This may be due to the vast majority of banks and retailers now requiring a second form of authorisation like a passcode and are driving this uptake. But the other results were split almost equally, with around a quarter using other forms of protection, including deleting suspicious links, using virus protection and creating strong passwords.
Menlo’s Tom McVey adds: “Prevention tactics are an important way of stopping attacks in their tracks before they have an opportunity to reach you. Password security and virus protection can help, but they don’t stop you from being a target. A far more effective method is through isolation technology, which essentially wraps a secure bubble around you whilst using any web browser.
“Cybercrime continues to rise in nearly every guise. Phishing attacks happen regularly, they are only getting more sophisticated, and they are profitable. It’s clear that whilst our trust in the internet and those that serve us online is being tested, we need to arm ourselves with the knowledge and tools to ensure that spending time online is as safe and secure as possible.”
Menlo Security’s Tom McVey also shares the following top tips:
– When being asked for your details, take time to stop and think before sharing your information. Question why they need your information and don’t be afraid to challenge them on this. It’s ok to reject or refuse to give your details away.
– Make sure to have individual passwords for every account, this helps to limit the damage if an attacker does get hold of a password. Inexpensive tools called password managers can help you keep track of many different passwords without the need to remember them all.
– Never share the short multi-factor authentication code with anyone. Fraudsters looking to ‘phish’ details from you will try any means; whether that be email links or over the phone. Be extra vigilant to phone calls from people representing the companies or banks you use.
– Keep your devices and apps up to date. Updating to the latest software will apply any fixes to known bugs or security vulnerabilities; allowing you to surf more safely and protect your data.
– If you have been the unfortunate victim of online fraud, be sure to report it to the necessary authorities. This includes your bank or building society and Action Fraud. The National Cyber Security Centre (NCSC) is also a UK government organisation that has the power to investigate and take down scam email addresses and websites.
*Drawing 10,384 responses, the Menlo Security Twitter poll was conducted week of 3 October 2022.