It’s the time of year again when shops – and online portals – are already stocking up on festive season items, but be careful before you hand out credit card details to just anyone, writes Sarel Lamprecht, MD of leading cyber insurance company Phishield.
Inevitably, smelling cash, cyber crooks will increasingly be coming out of the woodwork at this time of the year to try and rip you off. And because we’ve all gotten smarter and don’t just hand out our details across any medium, they have become more cunning.
One of the latest tricks is to send out emails, purporting to be from your bank, that look official and are asking you to verify your credit card details. These mails threaten that if you don’t, your access to that line of cash will be cut off.
Another to watch out for in the middle of a shopping frenzy is when someone calls you and pretends to be verifying an order. They want all your card details – number, expiry and the CCV code, which is the last three digits on the back of your card.
A variation on this theme is when someone pretending to be from your bank gets hold of you via social media, and asks for the same information. These scammers may even have tracked down some personal information – your pet’s name, your family members’ names or even your address. It’s very easy to find this information online, or via social media (so be careful what you put out there).
Also watch out for someone pretending to be from your bank pretending to alert you to suspicious transactions. They should be able to give you enough information to prove who they are, and won’t need your CCV code.
When you shop online, make sure the site is secure via the https at the beginning of the web address, or a little padlock. Most sites will offer secure transaction solutions, so look out for those and then look them up. Also, if the payment system is down, this is a red flag, so don’t call in and give out all those details on the phone; you have no idea who you’re talking to.
One scam that may make a comeback involves the secure payment method Verified by Visa. This one works through a phishing email that looks genuine, but asks you to enter all your card details into a fake site under the guise of asking you to sign up for the security level, or to update your details.
Your bank will never ask you to provide that level of detail. At most, they should just need an ID number to look you up on the system, and then ask you some security questions.
And once you’ve given away access to your bank account, it’s your problem – the bank is not going to refund you for something they didn’t do.
If you think you’ve spotted a scam, tell your bank so it can warn others.