As Safer Internet Day is marked around the world next Tuesday, an Irish internet provider has warned of an increase in internet fraud and scams, as society has become increasingly reliant on online technology.
Blacknight, the Carlow-based company that hosts almost a third of Irish websites, has reported a huge increase in the frequency of internet scams, particularly ‘phishing’ (email fraud) as well as ‘smishing’, the text messaging variant.
Phishing is the name given to fake messages sent by criminals pretending to be a well-known business such as a bank, utility, major retailer or phone company. They use lists of stolen random email addresses and send out millions of emails and texts in a scattergun approach. They pose as well-known companies with a large customer base, hoping that some of the recipients might be customers of that company.
The fraudulent emails aim to trick recipients into clicking onto fake websites, made to look like those of the legitimate business being spoofed. The goal is to dupe people into divulging personal security information, including payment card details.
As Blacknight has grown to a market-leading position, in recent years it has found itself among the victims of this corporate identity-theft. Fortunately, as their business is internet infrastructure, they are able to act quickly to report the fake websites and get them taken down, often within minutes of being detected.
But the advent of Coronavirus has seen the scammers step up their game. Blacknight is reporting a 244%* increase in phishing attacks on the company since the onset of pandemic restrictions.
“We reported 18 phishing sites between April and December 2019”, says Blacknight CEO Michele Neylon. “The figure for the same period in 2020 is 62.”
It's not just emails. Phishing via SMS text messages is called 'smishing'. Spoof texts claiming to be from banks are common, but so too are messages masquerading as couriers and delivery companies.
“It’s like when you'd go to a music festival or a football match”, explains Michele Neylon. “Remember those? You’d hear warnings to watch out for pickpockets. Criminals target crowds, and now the crowds are online, shopping, socialising, and ordering items for delivery.”
Brexit has provided another opportunity for scammers to trick the unwary. Some deliveries from the UK require additional customs duties to be paid, and a delivery company may legitimately text the recipient to advise them of this and give them the opportunity to pay online. But fake texts have also been received.
“The advice is the same as for pickpockets”, says Neylon. “Be alert and aware. If you receive a text message like this, stop and think. Have I ordered something?”
If you are expecting a delivery, he says, the next step is to check the status of that delivery. Logon to the site of the store you bought from. Check your email for corroboration of the information in the text. Look carefully at the link you are asked to click. If you have clicked it, look again at the address bar at the top of the page and see if it is correct. Look at the hostname (or domain name) part of the address. This is the part after ‘https://’ and before the next ‘/’. This should contain only the name of the site you expect, such as blacknight.com. It should not contain any other words. If it says something else, it could be a fake.
Many companies, including Blacknight, offer additional security protections, like two-step authentication. This requires a code from the user's phone in addition to a username and password. Mr Neylon thinks users should avail of this.
If your service provider supports two-step authentication, you should use it. If they don't, you should ask why not.Michele Neylon, CEO, Blacknight
Blacknight has published a guide, Seven Simple Steps to Online Security, which covers phishing, computer viruses, password safety, encryption and other good practices to help people stay safe online.
Whether it’s deliveries, or banking, or online services, our society is heavily dependent on technology right now. So vigilance is required. And, Michele Neylon advises, sometimes the direct approach can be the best.
“If you are in doubt about a communication you have received, contact the organisation the message purports to come from. Don’t click the link they sent you. Look up their contact details. Send an email to a known address, or phone them.”
The personal connection has always been a valuable element of our support at Blacknight. We deal with a large volume of queries by email and live chat, but sometimes the most effective way to check something is on the phone.Michele Neylon, CEO, Blacknight
And even if you have decided that a message is fake, you can help others by alerting a company to the fact that their name is being used under false pretenses.
“We’re grateful to sharp eyed customers who bring these scams to our attention”, he says. “Then we can report the sites and get them taken down.”
* This article has been amended for arithmetic. An earlier version reported that phishing attacks on Blacknight has increased by 344%. It is true that 62 is 344% of 18, but the rise in cases is therefore more correctly described as 344% - 100% = 244%.
About Blacknight
Blacknight (http://www.blacknight.com/) are an Irish based, ICANN accredited domain registrar and hosting company. Recipients of several awards for their revolutionary use of social media, Blacknight are one of Europe’s most cutting edge Internet companies. Blacknight constantly seek to lead the way by introducing innovative solutions for its client base and provide dedicated servers and co-location as well as a comprehensive range of Microsoft Windows and Linux based hosting services and domain name registration services to business globally. IP transit services and other solutions for more demanding business and academic customers are offered a la carte. Fibre broadband services for both business and domestic users are also available throughout most of Ireland.