How many of you have been hacked or scammed? Two friends of mine were hacked over the Christmas/new year period. The first friend lost just over £10000 Christmas eve from his savings account. Predominantly his life savings. His savings bank at the moment says they will not pay him back! Friend 2 was luckier he nearly lost £5000 but luckily his wife was on her mobile to their savings bank because they became suspicious. Although the money had been withdrawn from his account and another £10000 had been earmarked for a transfer. It had not actually left the savings bank so was stopped. His understanding is someone has been arrested for this one. The scams were reported to be an email from Apple about his account being hacked or some such asking him to reinsert his bank details and to change his password, I don't exactly know the full details. Police are obviously involved. The other scam was a telephone call so called from Virgin med. Indicating his computer had been hacked. He asked questions like could they tell him when his router was installed when he joined and things like that. They took over his computer with a bonafide company name although all the time it still said Virgin media in the bar. At one time they said they would phone him back because of some glitch. While they were off his phone he phoned virgin who confirmed they would be handling that kind of thing. (this turned out to be false by the way it wasn't virgin at all thats how sophisticated was this scam) The other scams I have personally seen are the HRMC telling you they have a rebate for you. Or that HMRC are going to sue you over unpaid taxes. All sent off to [email protected].gov.uk....... all confirmed as scams. Also the number of tv's I could have won not forgetting the £100 vouchers. I'd be a very rich man if they had been true.......however, if it seems to good to be true.....that would usually be right!!!!!!!!!
My best advice is to never ever enter any passwords or sensitive information after clicking on a link in an email unless it was an email you were expecting (ie you just registered an account). If you weren't expecting the email go through google to the website and log in that way, not through the link in the email. Also always have a completely unique password for your email address you use to register for things. i know a lot of people would roll their eyes at unique password for everything. but a unique password for your email address that can be used to recover other accounts is super important. Only time I've ever been hacked is when i was 15 and a friend of mines account was hacked and the hacker send me messages using the friends account. I followed a link he sent and tried to log in. Phone calls are harder for me because i know some companies do have to ask for details with a cold phone call due to data protection if they want to talk about sensitive things like arrears. I get the whole computer repair thing a lot though I'm good with computers, even build them so would never need help fixing my PC.
I'll be 100% blunt here: if you get any email asking you to follow a link and insert account details, it's a scam. If you get any email asking you for card information, it's a really obvious scam. Do not follow any links purporting to be from any major company regarding the log-in information for your account, ever. Even if you think it's real, just manually go to their site and log in to your account. If you receive a weird message from a major company, look their customer service telephone number up on their website and call that. Don't just call whatever number is in the email. If you receive an email about a supposed parcel, go to their website and type the tracking number in rather than clicking the link. Yeah, I know this step adds 15 seconds. It might save you thousands of pounds. Not a bad trade-off. No internet service provider, nor Microsoft, nor Apple, gives the slightest of damns if you have been hacked. They are not monitoring these things, and they will not contact you about it. If someone tells you they're from [insert company here] telling you that your computer has been hacked, it's a scam. No government agency in any country cold-calls you over taxes. They send forms. Governments like forms. And for god's sake, HMRC does not accept payment in iTunes cards. And if you get scammed in any of these fashions, you're almost definitely not getting your money back. These scams have been around since the dawn of the internet, and banks are reeeeeeeally unsympathetic to anyone who gets caught up in one. Plus, the ease of VoIP means that 99% of them are coming from outside the country. So take simple precautions, because the police have just about zero chance of catching the responsible party. Signed, The "For God's Sake Don't Click That" person at my company. (I'm not an actual IT person, I just happen to be the only one under the age of 50)
I put my phone down on anyone if there is a pause before they speak and always if they have a foreign accent. A British accent might get one sentence in, but it's pretty easy to sort out that you aren't interested. There is one recorded message from 'BT' that uses an American woman....I just say amateurs and slam the phone down. Had a message on my phone saying I had won 3rd prize in an ASDA . competition....one I hadn't entered....yeah, right. In e-mails, I always reckon that no one is really doing anything for me, so easy to ignore. It makes me so angry that these bastards are out there preying on honest people....I never blame the victim, because many lived in more innocent times.
One of the most common types of scams (the Nigerian prince variety) actually dates to the 19th century. Here's an article detailing the return of an old swindle...the article was written in 1898: https://timesmachine.nytimes.com/timesmachine/1898/03/20/102108294.pdf
I was told by the police after reporting an attempted scam that none of the major broadband providers will EVER call you about the state of your internet. They ALWAYS wait for you to call them, so if anyone does call you purporting to be Virgin, BT, or anyone else telling you your contract is about to expire, or that they have had reports of slow broadband speeds in your area, or leaving a number for you to call them back, or ANYTHING else, PUT THE PHONE DOWN, IT’S A SCAM.
I had £5000 lifted from my current account last year, in March. Got on to NatWest security immediately (the day it happened), and to their credit NatWest refunded the money straight away. But that wasn’t the end of it; I ordered new credit and debit cards, asked them to disable my online banking, but didn’t really take any other precautions beyond changing a few passwords. 4 months after the initial scam, someone lifted my my mobile phone number - Virgin sent out a new SIM card to the scammers - and they used that to hack into my Hotmail account and lock me out of it. They then tried (unsuccessfully, but only because once again I got on to NatWest immediately) to use my credit card details to buy a £3000 watch, and to transfer money once again out of my current account. Even though I had disabled online banking, they managed to reactivate my online accounts. They also opened several online shopping accounts in my name. Since then I have changed everything - new router, new phone (iPhone this time), binned my old laptop, changed password and login details for all online accounts including Saints ticket office, PayPal, a couple of savings accounts and investments etc. I don’t answer the phone if I don’t recognise the caller’s number, and I delete unsolicited texts and emails from unknown sources. Both Virgin and Microsoft were worse than useless when it came to securing any kind of helpful response, despite obvious breaches in security of both firms being partly to blame for what happened. I will never willingly buy or use another Microsoft or Virgin product again. Oh yeah - Just before Christmas I had a text perporting to be from my phone service provider (not Virgin), saying my account would be disabled unless I clicked on the link and provided the details requested. I didn’t click on the link, but was able to confirm that this was also a scam.
TV license is the latest one, mate at work fell for it and lost £1,8000......here's a link to a couple who lost nearly £10,000. https://www.bbc.co.uk/news/uk-46765681
One thing I would recommend, though there's a very good chance you already did it: change the security questions on your Hotmail account to something totally inaccurate. Ideally to something you'd remember (at least something you can write down and hide in a folder of important documents; you shouldn't need it more than once every few years), but not something that might be contained within publicly-available information associated with you. Had a coworker who had this happen to them a couple months ago, where they got hacked, changed to a very secure PW, and got hacked soon after (and they're fairly careful from a security standpoint, so they wouldn't be clicking on phishing links) and my best guess is that the hacker set their email as the account's backup after the first hack, and then reset the PW through the password recovery option. The generic security questions (mother's maiden name, names of relatives, what school you went to) need to die. They are a relic of a pre-social media world, and they represent a massive security hole. Someone can try forever to guess your password and never succeed, but everything is interconnected; if your email is on your LinkedIn, they can use that to find some information and to track down your Facebook page, which will fill in the rest of the gaps.
Someone, I presume a young person, got into my Amazon account. I presume young because before they changed the email and home address attached to the account, they purchased some of those “fidgety spinners” (is that the right name?) and I received an email confirming the purchase, as well as the products a few days later. Nothing costly but a pain in the butt sorting it out afterwards, in order to reclaim my account.
I know you're joking but I genuinely would advise not clicking links posted by some of the GC posters
Writing down passwords and storing them in a safe place is fine for most people (note: if you're worried about old relatives letting people they don't know in their house, you might need to take different precautions for them). It's important that they are a. sufficiently long and b. different. And if you're going to go through all the effort of changing them....... Set up a password manager! For an hour of mild effort on a weekend you only have to remember one passphrase forever. It will improve your online life.
The problem with writing down passwords is remembering what they are for...have a few in my notebook that are identified by mysterious codes which I have long forgotten.
