Upload File

cyber crime campain messages_poster_final

3
PHISHING Phishing is a method of deceitfully obtaining personal information such as passwords, identity numbers and credit card details, by sending e-mails that look like they come from trusted sources, such as banks or legitimate companies. Typically, phishing emails request that users click on a link in the email which will direct users to a spoofed website – a site designed to fool users into thinking that it is legitimate – to obtain, verify or update contact details or other sensitive financial information. This spoofed website will look almost exactly like a legitimate website of a well-known financial institution. Phishing emails, which are a form of spam, are typically sent by the thousands to consumer email accounts. The bad guys hope that they can trick recipients into disclosing their personal information in bogus online forms on the phony websites. Never respond to communications appearing to be from your bank that request your personal details. Remember that no bank will ever ask you to confirm or update your account details via email, sms or telephonically. Never follow a link on a mail or sms to access your bank’s webpage. Always access the webpage by physically typing the name of the web address that you were given when you signed up for Internet Banking in your browser and confirm that you are on a secure site by looking for the little “lock” icon on your browser as well as the “s” after http in the website address, before logging on. Never provide your online ID, password or PIN to anyone and never write them down or share them - not even with a bank official. Do not save your Internet Banking password on your desktop. Do not make your passwords too personal - rather create passwords that have letters, numbers and symbols in them that cannot be attributed to you. Do not leave your computer unattended after you have entered your Internet Banking password. Always log off or sign off at the end of a session. Avoid doing Internet Banking in public areas such as Internet cafés, or on any computer that can be accessed by people you do not know. Change your PIN and passwords frequently. Place sensible transaction limits on your accounts. Ensure that you have the latest anti-virus software applications loaded on your computer, and make sure that you download all security patches for your operating system in a timely fashion. Only provide your credit card details to reputable companies. Do not open email from unknown sources – delete them immediately, even if the title and sender details appear to be related to your bank. SIM SWOPS SIM card swopping (also known as SIM SWOP) is a form of fraud where criminals request your mobile phone service provider (MSP) to transfer your existing cell phone number onto a new SIM card by pretending to be you, or pretending to act on your behalf. The fraudster will produce falsified copies of your Identity document, Cellphone number and other FICA required document that may convince the MSP that the request is legitimate. Once they have illegally assigned your cell phone number to their SIM card, they will receive all your calls and SMS’ notifications, which may include your in Contact and One Time Pin (OTP) messages. Your phone will stop receiving any incoming calls or messages. SIM swop fraud almost always works hand-in-hand with phishing/smishing, so the same protection mechanisms should also apply (do not click on links from emails, SMSs, etc purporting to be your bank and enter your log-on information). The first line of defence against SIM swaps is to protect your personal and cellphone account information from known or third parties and websites (such as cellphone contract type, debit order dates, ID, addresses, transaction behaviour, etc). This is the information most Mobile Network Operators will ask for when you are trying to conduct a SIM Swop. Be vigilant and always aware of your mobile phone’s network connectivity status. If you realise that you are not receiving any calls or SMS notifications, something may be wrong and you should make enquiries to be sure that you have not fallen victim to this scam Some Mobile Network Operators send customers an SMS to alert them of a SIM swop instruction and customers should contact their Mobile Network Operators if the request is fraudulent. Do not switch off your mobile phone in the event you are receiving numerous annoying calls, rather not answer the calls. This could be a ploy to prevent you from noticing that your connectivity has been tampered with. Have your mobile phone services provider’s numbers written down somewhere close by. This way you can phone to check whether anything suspicious has taken place. Register for SMS notifications when there is any activity on your bank account so that you can be alerted to any attempt to move funds from your account. If you are already registered for SMS notifications, keep your mobile phone with you and on, at all times so that you can respond to any suspicious activity immediately. SIM swop fraud almost always works hand-in-hand with phishing/ smishing, so the same protection mechanisms should also apply (do not click on links from emails, SMSs, etc purporting to be from your bank and NEVER enter your log-on information). Make a habit of checking your bank statements and online banking transaction history regularly. In this way, you will able to timeously identify any unauthorised transactions INFORMATION SECURITY CYBER CRIME AWARENESS CAMPAIGN 2013 “Don’t Get Caught”

Upload: siphiwe-msibi

Post on 21-Aug-2015

11 views

Category:

Documents


3 download

Report

Tags:

TRANSCRIPT

Page 1: Cyber Crime Campain Messages_Poster_Final

PHISHING

Phishing is a method of deceitfully obtaining personal information such as passwords, identity numbers and credit card details, by sending e-mails that look like they come from trusted sources, such as banks or legitimate companies.

Typically, phishing emails request that users click on a link in the email which will direct users to a spoofed website – a site designed to fool users into thinking that it is legitimate – to obtain, verify or update contact details or other sensitive financial information.

This spoofed website will look almost exactly like a legitimate website of a well-known financial institution. Phishing emails, which are a form of spam, are typically sent by the thousands to consumer email accounts. The bad guys hope that they can trick recipients into disclosing their personal information in bogus online forms on the phony websites.

• Never respond to communications appearing to be from your bank that request your personal details. Remember that no bank will ever ask you to confirm or update your account details via email, sms or telephonically.

• Never follow a link on a mail or sms to access your bank’s webpage. Always access the webpage by physically typing the name of the web address that you were given when you signed up for Internet Banking in your browser and confirm that you are on a secure site by looking for the little “lock” icon on your browser as well as the “s” after http in the website address, before logging on.

• Never provide your online ID, password or PIN to anyone and never write them down or share them - not even with a bank official.

• Do not save your Internet Banking password on your desktop.

• Do not make your passwords too personal - rather create passwords that have letters, numbers and symbols in them that cannot be attributed to you.

• Do not leave your computer unattended after you have entered your Internet Banking password.

• Always log off or sign off at the end of a session.

• Avoid doing Internet Banking in public areas such as Internet cafés, or on any computer that can be accessed by people you do not know.

• Change your PIN and passwords frequently.

• Place sensible transaction limits on your accounts.

• Ensure that you have the latest anti-virus software applications loaded on your computer, and make sure that you download all security patches for your operating system in a timely fashion.

• Only provide your credit card details to reputable companies.

• Do not open email from unknown sources – delete them immediately, even if the title and sender details appear to be related to your bank.

SIM SWOPS

SIM card swopping (also known as SIM SWOP) is a form of fraud where criminals request your mobile phone service provider (MSP) to transfer your existing cell phone number onto a new SIM card by pretending to be you, or pretending to act on your behalf. The fraudster will produce falsified copies of your Identity document, Cellphone number and other FICA required document that may convince the MSP that the request is legitimate. Once they have illegally assigned your cell phone number to their SIM card, they will receive all your calls and SMS’ notifications, which may include your in Contact and One Time Pin (OTP) messages. Your phone will stop receiving any incoming calls or messages. SIM swop fraud almost always works hand-in-hand with phishing/smishing, so the same protection mechanisms should also apply (do not click on links from emails, SMSs, etc purporting to be your bank and enter your log-on information).

• The first line of defence against SIM swaps is to protect your personal and cellphone account information from known or third parties and websites (such as cellphone contract type, debit order dates, ID, addresses, transaction behaviour, etc). This is the information most Mobile Network Operators will ask for when you are trying to conduct a SIM Swop.

• Be vigilant and always aware of your mobile phone’s network connectivity status. If you realise that you are not receiving any calls or SMS notifications, something may be wrong and you should make enquiries to be sure that you have not fallen victim to this scam

• Some Mobile Network Operators send customers an SMS to alert them of a SIM swop instruction and customers should contact their Mobile Network Operators if the request is fraudulent.

• Do not switch off your mobile phone in the event you are receiving numerous annoying calls, rather not answer the calls. This could be a ploy to prevent you from noticing that your connectivity has been tampered with.

• Have your mobile phone services provider’s numbers written down somewhere close by. This way you can phone to check whether anything suspicious has taken place.

• Register for SMS notifications when there is any activity on your bank account so that you can be alerted to any attempt to move funds from your account.

• If you are already registered for SMS notifications, keep your mobile phone with you and on, at all times so that you can respond to any suspicious activity immediately.

• SIM swop fraud almost always works hand-in-hand with phishing/smishing, so the same protection mechanisms should also apply (do not click on links from emails, SMSs, etc purporting to be from your bank and NEVER enter your log-on information).

• Make a habit of checking your bank statements and online banking transaction history regularly. In this way, you will able to timeously identify any unauthorised transactions

INFORMATION SECURITY

CYBER CRIME AWARENESS CAMPAIGN 2013“Don’t Get Caught”

Page 2: Cyber Crime Campain Messages_Poster_Final

DANGERS OF ALLOWING PEOPLE TO USE YOUR BANK ACCOUNT

People that lend others the use of their bank accounts to receive money may be involved in money laundering. Money laundering is any action that is aimed at illegally disguising the proceeds of crime and it is a punishable offence by law.

• Do not make your bank account available for use by anyone but yourself. People who are involved in crimes often offer money to others to assist them to make funds seems legitimate by allowing them to make use of their accounts to deposit and withdraw funds from.

• Your account could be used to facilitate the proceeds of crime • You can be prosecuted for Money Laundering if you ought to have

known that the account was being used to facilitate crime. Turning a “blind eye” will not be accepted as a defense in a court of law.

• Do not be tricked into opening a bank account with money lent to you by someone pretending to offer you work and then asking you to hand over your ATM card and PIN number so that they can recover the funds that they lent you. This is a scam to get control over your bank account.

• Handing over your credit/debit card and PIN will assist fraudsters to clone your card and remove your funds or the proceeds of crime from your account without your knowledge which you can become liable for.

COMPUTER AND MOBILE SECURITY GENERAL

When you use a personal computer (PC) or a mobile devise such as a phone or tablet, you need to ensure that the devise you are using has appropriate security. This is particularly important when you are using that devise to conduct your personal and financial business, such as Internet or mobile banking. Cyber criminals are always on the look-out for vulnerable PC’s and mobile devises that they can compromise for the purpose of creating avenues of defrauding these devices’ owners. • Ensure that the device that you use to do internet or mobile

banking has appropriate and updated security packages installed.

• Do not use public computers like Internet cafes to do internet banking

• If your computer hangs, rather re-boot and ensure that the anti-virus is up and running

• Ensure that your anti-virus software’s trial period has not expired or is out of date

• Only use security packages from reputable vendors

• If you are using a Microsoft operating system, use their free tools to detect and clean your computer should it already be infected

• Know what packages you have on your system so that you can recognise fake messages purporting to be from service providers whose packages you have not installed

• Use robust passwords that include letters, numbers and symbols and are longer than 6 digits at the very least

• Do not use obvious information in your passwords like your own name or birth date not that of family members.

• Do not share or disclose your username and password to others

• Do not write username and password down where others can see it

• Change your PIN and passwords frequently.

• Log out or sign off the banking site after completing transactions

• Lock your computer screen when leaving it unattended

• Keep systems up to date

• Beware of technical support scams. Reputable software service providers will not cold call you to put pressure on you to install software on your computer.

• You should prevent illegal software from being downloaded on your computer without your knowledge by creating administrative rights. This will request you (the administrator) to authorise or reject the installation.

BEWARE OF MALWARE

Malware, or malicious software, is software that cybercriminals use to interrupt normal computer operations so that they are able to steal sensitive information form unsuspecting computer users such as Internet banking logon details.

• Don’t download software until you’ve verified its security and privacy features.

• Install anti-malware software that’s specifically designed for your mobile and personal computer.

• Be suspicious if you receive lots of spam e-mail or SMS messages. It could indicate that your computer or mobile phone has been infected with malware

• Beware of fake anti-virus software that is offered at no charge as it could contain malware intended to infect your computer

• Don’t use unknown devices like USB flash drives, on your system

as it may transfer malware unknowingly• Beware of deceptive downloads such as software, music and

movies from sources other than reputable vendors

• Avoid downloading pirated software as it may contain malware

• Do not respond to pop ups that ask for your personal information

CYBER CRIME AWARENESS CAMPAIGN 2013“Don’t Get Caught”

Page 3: Cyber Crime Campain Messages_Poster_Final

whilst in a secure banking session.

MOBILE BANKING SECURITY

• Keep your mobile phone manufacturer’s software up to date

• Avoid sharing your mobile phone with others

• Don’t let people use your mobile until you’ve logged out of secure sites such as Mobile Banking.

• Use your phone’s security features, e.g. phone lock password

• Keep your banking passwords secure.

• Do not save any personal identifiable information on your phone, e.g. ID nr, bank account detail, etc.

• Password protect your mobile phone. It might sound basic, but

too often many people find it inconvenient to type in a password to access information on their smartphones..

• Install mobile security software. Protect your sensitive data with strong security software designed for a mobile device.

• Don’t install third-party banking applications. Only download applications from trusted sources such as directly from your bank’s website or a legitimate application store.

• If you are going to use your mobile phone to access your bank’s website, make sure you’re actually on your bank’s website by typing the name into your browser. Check that the website is indeed the secure website by looking for https in the web address. Without the “s”, the address is not secure.

• Communicate carefully with your bank. Understand that your bank won’t send emails or texts asking for personal information. Don’t save messages from your bank containing sensitive information in your mailbox.

SHOPPING ONLINE

• When shopping online ensure that the website has a valid secured certificate (closed lock at the bottom of your screen) and the web-site address line starts with https before inserting your card details.

• Only make purchases from reputable merchants online as they will often take precautions to ensure safe transacting.

• Never allow merchants’ websites to save your personal and banking details. When the option present itself, always click “No”.

• Never save the Password and Pin on your desktop - as it may allow others to access your personal information, without your permission

• Do not purchase anything from a website that its source is a link in an e-mail, as it could lead to a phony website.

CYBER CRIME AWARENESS CAMPAIGN 2013“Don’t Get Caught”

• Read the terms and conditions of the sale carefully to avoid accepting condition that you were not aware of.

• Scrutinize your credit card statements closely to check for unauthorized purchases. Contact your credit card issuer immediately if you suspect that you have been defrauded.

• When receiving promotions or special deals via email, telephonically or from online web-sites, if interested, always verify the validity of the source prior to providing your personal and banking details for your account to be debited.

• Protect your computer by installing and regularly updating the latest anti-virus software applications on your private PC’s and keyboard for

• Install a spam blocker on your system. This will ensure that fraudsters find it difficult to send you phishing emails.


Cyber crime

Cyber crime and cyber security

Cyber Crime and Computer Crime

Cyber Crime & Cyber War

Cyber Crime

Cyber-Crime, Cyber- Warfare, Cyber- Conflict › wp-content › uploads › cybertalk … · What is Cyber-crime? Cyber-warfare? “Cyber” –Computers and machines Cyber-crime

Cyber Law And Cyber Crime

cyber crime and cyber laws

“Cyber Crime in India” n. Contents What is Cyber Crime? History of Cyber Crime. Types of Cyber Crime. Mode and Manner of Committing

cyber crime & cyber law

Crime and Cyber-crime

Cyber Crime: Cyber-Bullying

Pp cyber crime & cyber law