Warning: Late repayment can cause you serious money problems. For help, go to moneyadviceservice.org.uk
Sometimes it can feel a bit like dodging bullets when surfing the internet either on your P.C, Tablet or smart phone.
We are told by our banks and others that there are nefarious sorts online who will empty your bank accounts faster than you can blink.
We are worried every time with go to the cash point or use our cards that the details will be skimmed and used to buy some hacker in China a nice new pair of Nikes.
Advances in security technologies are making it more challenging for hackers to steal credit card and bank details and you would think it would be nearly impossible today for anyone to access your account but hackers evolve and adapt to the changes in technology fairly quickly which in turn forces the credit card companies and banks to come up with even more sophisticated methods of preventing fraud.
Security measures such as biometrics have become more common now and HSBC has led the way with over 10 million of their customers being signup to this new security measure.
Biometrics is where the account holder has to verify themselves with either a finger print or voice recognition although this is a fairly secure way to prevent hackers from accessing someone’s bank or credit card account is does not stop “social engineering” attacks where the hacker will lure unsuspecting victims into revealing their account details or transferring money to the hackers accounts.
One of the most recent and most worrying trends has been ransomware. This attack is when a piece of software is installed on the victim/target machine then proceeds to encrypt all the files one that machine.
The user is notified via a pop up message stating that all the files have been encrypted and if they wish for the files to be decrypted, they must pay a ransom, generally in crypto currency such as bitcoin. More on this later.
Hackers are out there and they want access to your P.C, Tablet or Smart Phone and they will not stop looking for ways to get access.
Every day if you watch the news or read various on-line news sites there is one story or another of some one having had their life savings stolen by some ingenious hackers. I call them ingenious since the level of sophistication of these attacks are simply amazing.
One of these ingenious hacks exploited a bug in the iPhone and iPads which allowed hackers to cause the devices to crash and repeatedly reboot over a wifi network
The only way to stop the devices from the crash/reboot loop is to leave the area where the malicious wi-fi signal happens to be.
The method of attack requires a specific type of security certificate that is generally used to encrypt web traffic to set off the bug in the operating system
All apps on Apple devices use SSL certificates as it is best practice, therefore the attack will crash all apps along with the underlaying operating system.
Worst case scenario is that the device enters are continuous crash/reboot cycle which turns the device into a “Brick” (to use a tech industry term)
You may think how does the attacker benefit from crashing your iPhone? Hackers are not always an individual looking for financial gain. Hackers can be state players working for governments.
If a government sponsored hack like this were to happen at a stock exchange, airport or city wide it could cause considerable financial damage.
How many times have to sat down in your local coffee shop and logged into their wireless network?
I think we all have at some point. How do you know that the wireless access point to which you have associated with is actually that of the coffee shop? Why, because of the wireless name?
Hackers have the ability to setup “Fake Access Points” which masquerade as the official the network. Unsuspecting users will log into the access points and from that point onward hackers will have the ability to view your traffic, passwords etc, etc.
You may be thinking that when you visit a website that your traffic is encrypted so what could any hacker possibly see. Hackers are an ingenious lot. They can steer your P.C away from the legitimate sites and present your browser with a clone of the original. To all intents and purposes the clone site looks exactly the same as the original one.
Once you enter your username and password into the clone site it in turn will either pass the details onto the legitimate site and log you in automatically so that you do not suspect anything.
Alternatively the clone site might give you “incorrect password” (How many times has that happened) and we try again.
If we try multiple times with the same credentials, the hacker will know it is probably correct. Although using this method in a busy location like a hotel can earn the hacker a lot of money in a short space of time.
If you have a fear of flying then skip this next part. In 2015 is was reported that a hacker was able to hack into a plane’s in-flight entertainment system. Having access to the entertainment system he was able to access the aircraft’s engine control systems and cause the airplane to manoeuvre by sending the engines instructions to climb.
When the man was interviewed by the FBI he admitted that he had hacked in to aircraft systems more than once and has even been banned from flying on various airlines because of this.
The hacker was able to gain access to the aircraft systems via the Seat Electronic Box under his seat, through which he would then connect his computer via a cable and hack into the engine systems. The interesting part to this story is that the security to protect access to the engine systems where all left as factory default, so default usernames and passwords.
To the hacker’s defence he claimed he was doing it to expose vulnerabilities in the system.
If you are wondering how he was caught? Simple, On the flight, he tweeted about the possibility of accessing the plane’s In-Flight Entertainment system. So, the FBI sent an agent down to meet the aircraft to discover that the Seat Electronic Box under the seats the hacker was sat in had evidence of damage and tampering.
Hackers will look for opportunities everywhere and any where they can. For example Starbucks has an app which allows people to purchase their food and drinks using their smart phone which is linked to an on-line payment service.
Hackers managed to find a way to access the app’s “cash auto-load function” to send money from the app’s account to their own accounts.
Starbucks claim that the app is secure and that the fault lays with the user not securing it with sufficiently secure passwords.
The solution to this hack is to disable the auto-reload feature and use stronger passwords.
One of the most recent additions to the hackers toolbox is “ransomware”. This is where the victim receives an e-mail from someone they trust. The email comes with an attachment which of course they will open.
Once the attachment is opened a program is launched to encrypt all of the users files, such as word documents, excel spread sheets and the like.
The victim will see a popup appear on the screen demanding payment which can range anywhere from £50 to £500 to be paid in crypto currency. (Crypto is virtually untraceable). To make the victim pay faster the message will generally inform them that each hour of non-payment files will be deleted starting from a few hours from now.
The only way around this if it has or does happen to you is either pay and receive the decryption key or alternatively wipe the P.C and restore from your files from a backup. (You do have backups? Right?)
Scareware is ransomewares poor, stupid sibling.
Whereas ransomware requires a lot of technical know how to build, distribute and execute, scareware only requires the hacker to place pop-ups on various websites, like free film download sites or some porn sites which present an official looking full screen message with police and government logos informing the victim that they have just been caught doing something naughty and they have been fined.
Again, the “fine” is payable using crypto currencies.
There are so many different types of hacks and methods of relieving someone of their hard-earned cash that it is almost impossible to list them all.
The best way to protect yourself from hackers and scammers is to backup your important data on a daily basis.
Don’t wait until the last moment before the hackers strike.
Debt management agencies are regulated by The Financial Conduct Authority
Many people in the U.K struggle with debts and many do not know how to start to repay them speaking to a debt advisor is one of the best things you will do along with taking action yourself by speaking directly with your creditors.
https://www.nationaldebtline.org/ and https://www.moneyadviceservice.org.uk
You should always seek professional advice when handling debt problems. Cashute are not licensed debt advisers and any information contained in this article should not be taken as legal advice. It is your Responsibility to seek out correct legal advice