Pharming

A similar scam, known as “pharming”, is where criminals set up an automatic redirection from a genuine company’s real website to a similar looking (but fake) cloned site. This scam does not usually involve an email, as the customer is automatically diverted from the genuine site to the spoof site. Duped customers then attempt to log in using their account details and passwords, which the fraudsters capture and use themselves.

Customers of several financial institutions have been targeted by a scam known as "phishing".

This involves cyber crooks incorporating a bank's (or other financial institution’s) name, or a variation of it, into a fake website address and sending the link to its customers via email.

The genuine account holders are either requested to reply to the email, or follow the link to the website. The website address invariably leads to an authentic looking, but false or "spoof" website.

The reasons given vary, but typically it is to update security details or change passwords, or because the bank is making technical changes. Some emails even state that the recipient's accounts may be cancelled for security reasons unless their details are entered.

In every case, the crooks are hunting or ‘phishing’ for personal information, such as user names and passwords. The fraudster then attempts to use these details to access and empty the genuine person's bank accounts.

One particular email sent by a spoof bank urged recipients to download specific 'anti-virus software'. This 'software' then sent confidential information from the recipients' own computers to fraudsters.

Don't become a victim

• If you receive a suspicious email, don't divulge any sensitive information that might help provide access to your accounts, even if the web page appears legitimate. No reputable organisation would ever send emails in this way. Your bank should only ask for specific characters from your password - e.g. the second and fifth digit - rather than the whole thing.
• If you do receive a suspicious email purporting to be from your bank, contact them first to check it is legitimate before replying with your personal information.
• Always access your bank's website by typing the address in the browser address bar or by clicking on your usual bookmark.
• When giving your personal details to websites, for example when giving credit card or personal details, check for "https" in the address bar of the browser, and/or the padlock symbol at the bottom left/right of the screen. This makes it difficult for the information you are supplying and sending over the internet to be intercepted.
• Beware of divulging your card’s four-digit PIN number for any reason over the internet. Online transactions and online banking will not request your PIN number.
• See your bank's website for more advice about internet banking security.

Security tips for your PC/Laptop

• Where possible, try to use the most up-to-date version of your browser. Check the security settings and browser preferences are at an optimum level. Although most cookies are legitimate, some may contain spyware programs (software that can monitor the actions of a computer user), so only accept cookies that you recognise and want to install.
• Consider installing 'personal firewall' software and anti-viral programmes on your computer to deter hackers and harmful viruses. Don’t forget to update this software regularly. Anti-spyware software can also help protect against harmful spyware and Trojan programs.
• Ensure your PC is protected by keeping up to date with patches and fixes (most PCs can be enabled to do this automatically).
• Consider encrypting any sensitive information you keep on a PC or laptop - many well-known software companies offer free downloads to help you with encryption.
• If you use wireless connections (such as Wi-fi or Bluetooth), avoid connecting to non-secure access points, especially in public places, and if you do, be wary of sending your personal details. Always use a password / number to protect your device, and keep it in non-discoverable mode when not using it.
• If you use internet banking, try to use a secure computer. Computers for communal use (for example in an internet café) may not be as secure as you think.
• Be careful if you store personal information in your mobile phone, organiser, laptop computer, or any other portable storage device. It may be compromised if stolen.
• Even after you have deleted files on your PC/laptop, they can still be accessed. Consider obtaining a clean-up utility to overwrite deleted files. This is especially important if you are discarding old equipment; the only way to prevent your data from being retrieved by a fraudster is physical destruction of the equipment. Most local authorities offer a service to do this.