On 25th January we held our latest talk on Fraud Prevention, in an informal virtual coffee morning hosted by Bella Hoare and Mark Dabbs, Head of Fraud Operations at Hoare’s.
Mark emphasised that the best form of prevention is awareness and presence of mind – summarised in the simple message of the ‘Take 5’ campaign supported by UK Finance and the government: ‘We’ve got very busy lives at the moment; but if you can take five – even if it’s five seconds, not five minutes – the chance of you falling victim to fraud drops by almost 90%.’ This includes exercising caution if you are called from a number you are not expecting to hear from: in this event, you should pause, take the details of your caller, and call back any organisation which has asked you for information on its published number.
Mark led us through case studies of the most common scams: ‘phishing’ (email-based information extraction), ‘vishing’ (phone-based) and ‘smishing’ (SMS-based); One-time Passcode interceptions; Authorised Push Payment fraud and HMRC refund claims. He provided an overview of the mechanism behind each fraud, advising how customers can best protect themselves, and gave specific advice about validating unknown emails and requests to click on unknown URL links. In the case of preventing email-based scams or HMRC refund fraud, Mark urged us to remember the cardinal rules – ‘caution (is this something I am expecting?) and contact (phone HMRC or delete the email).’
Most of these scams involve a fraudster extracting from the victim a One-time Password in the form of an SMS code which enables transaction verification. ‘To protect yourself,’ Mark summarised, ‘never provide your PIN or your One-time Passcode to anyone, even if they claim to be calling from the bank; never allow a caller to access your computer; and always shred hard-copy documents containing potentially sensitive information before throwing them away (there are people who go through bins). When it comes to fraud,’ he warned, ‘we cannot be too careful.’