• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Red Sift Blog

Democratizing technology essential for cybersecurity.

Red Sift Blog
  • redsift.com
  • Featured
  • About
  • Get in touch
You are here: Home / Cybersecurity / Scams can be super-complex, so let’s stop playing the blame game

Scams can be super-complex, so let’s stop playing the blame game

by clare
September 6, 2018October 29, 2018Filed under:
  • Cybersecurity
Photo by rawpixel on Unsplash

As long as there has been the exchange of money, there has always been fraud. From Hegestratos, the first recorded fraudster in 350 BC Ancient Greece, to Charles Ponzi’s infamous scheme of redistributing investments, to the present day, criminals have always tried to find new and more sophisticated ways to dupe people out of their money.

For a long time the blame has fallen on those who were defrauded, after all, how could they have been so stupid? But the Financial Ombudsman Service has been making noises of late that this could be about to change, especially concerning APPS. Authorised Push Payments (APPs) are a type of scam that encourages someone, either an individual or business, to transfer money from their own account to a seemingly legitimate account. Once this is done, the money is usually quickly transferred to other accounts and out of the country, making it hard to recover.

Earlier this year, news of a scam hitting a cancer patient and her elderly mother losing over £20,000 and their ability to pay for her care home hit the headlines, and wrongly or rightly, the bank claimed it was not liable. At the moment, it’s at the discretion of the bank to decide whether or not to reimburse the defrauded account. Should banks decide that the account owner was careless and grossly negligent for falling for the scam, they may refuse to reimburse the tricked customer.

The Financial Ombudsman Service recently said that this is unfair, hence banks will now have to provide evidence that the consumers scammed were in fact grossly negligent. But before we start playing the blame game, let’s look at the bigger picture.

In 2017, 56% of fraud in the UK was cyber related. These scams aren’t just a promise for fortune from a questionable ‘Nigerian Prince’, but rather, increasingly elaborate and realistic schemes. The reason for the growing complexity of user-targeted fraud is that criminals always pick on the weakest link. Where once this may have been the banks themselves, today banks and building societies have many security protocols in place to help prevent crime. According to UK Finance, they stopped £2 for every £3 in attempted fraud in 2017.

As it’s become more difficult and expensive to target the tech itself, no wonder that the fraudsters are going after customers with renewed vigour, in a manner that would make Hegestratos proud. By manipulating the unsecure behaviour of people, they manage to bypass what are otherwise secure systems. That why the FOS has also warned that people must start adopting simple behaviours, such as not writing your PIN on the front of your credit card or automatically taking unsolicited email communications purporting to be from your bank at face value.

It’s not yet clear how much the burden of responsibility will shift from customer to bank in the coming months, but what’s increasingly apparent is that further user education must be combined with a layered approach to cybersecurity across all business/consumer relationships – i.e. there’s never a single point of vulnerability for criminals to exploit (which of course means no single point of culpability either).

Whether its a combination of two-factor authentication, biometrics, adoption of email protocols such as DMARC (our favourite protocol!), the creation and enforcement of tighter policies and procedures etc, the specifics may differ from organisation to organisation, but the rationale should remain consistent. Namely, we need to make the tech constantly better and we need to constantly make humans less vulnerable – a shared responsibility for improving our defences, rather than assigning blame when those defences are breached.

For more information on how to build a cybersecurity strategy, read our previous blog. If you’ve been a victim of cyber fraud, get in touch and let us know how your bank/retailer settled the issue.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Tagged:
  • Cybersecurity
  • Fraud
  • Scam

Post navigation

Previous Post Featured: Evolution, revolution and the organisation
Next Post Featured: Cybersecurity and the future of work: How much can we predict?

Primary Sidebar

Recent Posts

  • 2021 The Threat Landscape: Brand protection and BEC attacks lead the charge
  • OnDMARC Wins “Best-Of DMARC” Award On Review Platform Expert Insights
  • The case for embracing DORA
  • Red Sift – Closing the Net on the Phishing Problem
  • Beware of this common NHS Covid-19 Vaccine email scam

Archives

  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • November 2016
  • October 2016
  • February 2016

Categories

  • AI
  • BEC
  • Coronavirus
  • Cybersecurity
  • Deliverability
  • DMARC
  • Email
  • Finance
  • Labs
  • News
  • OnINBOX
  • Partner Program
  • Red Sift Tools
  • Uncategorized
  • Work @ Red Sift

Copyright © 2021 · Milan Pro on Genesis Framework · WordPress · Log in