How safe are your passwords?

Did you know that in Nigeria, email scammers are admired by many, who believe they provide a role model for young people, given the scammers’ skill in removing money from the bank accounts of wealthy westerners?  Such crimes, known as “419 Crimes” as they fall under Section 419 of the Nigerian Criminal Code, are given extra resonance, through apparent Biblical recognition of “419 Crimes”. As the Book of Psalms Chapter 41 verse 9 (41:9) says “Yea mine own familiar friend, in whom I trusted, which did eat of my bread, hath lifted his heel against me.”

Fortunately, here in the UK confidence tricksters are not considered with high regard, or to have such Biblical endorsement. But their activities are nevertheless on the increase, with an average of 21 people defrauded every minute solely as a result of giving too much information away on social media. Scams are becoming more sophisticated and in spite of the relative ease with which prevention methods can be put in place, such fraudulent activity is becoming more diverse.

The simple steps below can dramatically reduce the likelihood of such opportunistic breaches of security.

Personal information

Do not give personal information to organisations (such as banks, the Financial Conduct Authority, the police etc.) without verifying their credentials. Even then, it is worth being careful.  We have had instances where a scammer has not hung up after telling a victim to ring the genuine organisation, thus leaving the line open. The victim dials the correct number but doesn’t get through and it is easy for the scammer to get back on the line, at which point the victim is convinced he is speaking to the genuine organisation. To prevent such an intercept in these circumstances, ring the organisation to confirm authenticity using a different phone.

Phishing

Many frauds start with a phishing email.  Remember that financial institutions will not send an email asking you to click on a link to confirm your bank details, so do not trust such emails even if they look genuine.  You can always call the bank using the phone number on a genuine piece of correspondence.

Hacking and malware

Make sure your computer has up-to-date anti-virus software and a firewall installed and that your software programmes are regularly updated to the latest version.

Also enable two-factor authentication (this requires two pieces of information such as a password and a random number, valid only for a limited time, sent by text message) – if the company concerned offers this facility, use it!

Passwords

This is your first line of defence, so it is worth ensuring that it is strong and effective. Below are some examples showing how strength varies dramatically with complexity and randomness:

Password                                         Time for computer to crack

money123                                          instantly

Money375                                          2 hours

M0ney/928                                        1 month

M0ney/7’3-9x?                                47 million years                (more like it, but hard to remember!)

Password rules

  1. Avoid the obvious (the word “money” on its own would be a very obvious password, especially for a bank account!) Make it hard to guess and avoid dictionary words or geographical names of places.
  2. It should be as long and complex as you can manage – a random 8 letter password can be easily cracked, so mix upper and lower case, digits and punctuation marks, aiming for 14 characters or longer.
  3. Use one password for each account – don’t re-use.

NEXT STEPS

The effects of financial fraud can be quite devastating for individuals and their families, so the more of the above measures you can adopt and put into practice, the more you will protect your assets . . . and your peace of mind!