What online security threats should I know about?
Security threats
We are acutely aware of the potential threats from would-be online fraudsters and hackers. Globally we have seen an increase in identity theft & 'phishing' attempts.
The fraudster targets static passwords and many people use the same password or PINs for multiple applications. This is why RaboDirect doesn't use static passwords. Sure, they're a little bit more convenient but it's not worth the risk - to you, or to us.
What is 'phishing'?
Phishing, pronounced 'fishing', is the term coined by hackers who imitate legitimate companies in emails to entice people to share passwords or credit card numbers.
An email is broadcast from a fake server address, pretending to be the real company or financial institution, containing an invitation to verify or to enter Username password. The fake website looks like the real one from the financial institution.
What are the dangers with 'fake emails'?
As we receive more and more emails and unsolicited emails called 'spam', watch out for fake emails as they will often:
- Ask you for personal information. Fake emails often contain an overly generic greeting and may claim that your personal information has been compromised and ask you to re-confirm your user numbers and codes.
- Appear to be from a legitimate source. While some emails are easy to identify as fraudulent, others may appear to be from a legitimate address and trusted online source. However, you should not rely on the name or address in the "From" field, as this is easily altered.
- Tell you've won a prize or a free gift. You'll be asked to provide personal information in order to collect the prize. Of course not all of these are fake. You should confirm that the prize or gift is from a company that you know and trust.
- Link to fake web sites. Fake emails may direct you to counterfeit websites carefully designed to look real, but which actually collect personal information for illegal use.
- Contain attachments like word documents or PDF files which can contain viruses or might be tampered with to abuse security leaks in Microsoft Office or Arcobat Reader.
How do I recognise fake web sites?
Fraudsters often try to direct people to fraudulent websites via email and pop-up windows and try to collect your personal information. In many cases there is no easy way to determine that you are on a fake website because the URL (Domain Name) will contain the name of the institution it is faking. However, if you type, or cut and paste, the URL into a new web browser window and it does not take you to a legitimate website, or you get an error message, it was probably just a cover for a fake website.
What are fraudulent pop-up windows?
Pop-up windows are the small windows or ads that appear suddenly over or under the window you are currently viewing. The vast majority of these are legitimate ads and pose no threat. Fraudulent pop-up windows are a type of online fraud often used to obtain personal information.
Pop-up windows are often the result of programs installed on your computer called "adware" or "spyware." These programs monitor your web surfing activity and regularly come hidden inside many free downloads, such as music-sharing software or screen savers.
Many of these programs enable harmless advertisements, but some contain "trojan horse" programs that can record your keystrokes (for account login) or relay other information to an unauthorised source.
