The typical cybercrime victim may not be what they seem. You may initially picture an elderly person, possibly living alone and not very confident when it comes to technology or being able to spot a scam.
I bet it would surprise you then to learn that young adults aged 18-25 in the UK are actually the age group who are least aware of cybersecurity risks and how to protect themselves. This is according to the government’s Cyber Aware campaign.
It suggests that although the young tend to be more technologically adept, being tech-savvy and cyber-savvy may not always cross over.
One of the main areas that the Cyber Aware campaign research focused on was passwords. An astonishing 52 per cent of 18-25-year-olds are using the same password for multiple online accounts. To an extent, this is understandable, as young people are naturally more likely to have more accounts online than older generations and it can be difficult to remember different passwords. But, if a hacker gets a hold of that one password, they can easily hijack a victim’s entire personal and financial data. Is convenience really worth the risk?
Fraudsters contacting young victims directly is another cybercrime on the rise, not through telephone scams, but through social messaging apps. Unless a user has reviewed their privacy settings on such tools, it’s surprisingly easy for criminals to contact people this way and obtain financial details. Fraud prevention agency Cifas recently reported a 30 per cent increase in the amount of victims of identity fraud under the age of 21 in 2017.
Clearly more needs to be done to police unsolicited contact and crack down on identity fraud taking place on these apps, but WhatsApp is leading by example. It’s currently trialling its peer-to-peer payments system in India, a feature which allows users to securely transfer and receive money with their contacts using UPI (unified payments interface) without having to disclose bank details.
It’s great that the government is investing time and effort into cybersecurity and raising awareness, but given a lot of cybercrime centres around theft of financial details, surely banks have an underlying responsibility to protect their customers too? Here are a few ways they can.
Encourage the safe use of contactless
Convenience is important for young people – contactless has truly revolutionised the simplicity of making small payments. But, like with passwords, there are associated risks.
Contactless fraud is becoming more and more common for young consumers. Usually it works in two ways: either through bank cards being physically stolen or by scanning someone’s bank details via the contactless feature through their pocket. Details are then used either to make purchases or be sold on the dark web.
Contactless fraud has, for the first time, overtaken cheque scams in the UK according to UK Finance, with a shocking £5.6m being stolen in the first half of 2017. Given that they are suppliers of contactless cards, banks have a duty of care to advise customers on how to use it safely and protect themselves from becoming victims.
Getting the message out
Reaching out to people directly with an education or awareness programme is always a challenge, but Barclays’ Digital Eagles have done a stellar job with rolling out cybersecurity training to communities through the Staying Safe in Cyberspace workshops. They cover various self-help topics and exercises including how to spot phishing scams, advice on downloading software, effective password practice and being more aware of tricks that fraudsters will use to target individuals with the intent of poaching bank details.
A similar approach could be adopted by other banks for young adults specifically, making it relevant by applying cybercrime to their lifestyles. Advice on contactless fraud could be incorporated for example, with simple steps such as not keeping contactless cards in trouser pockets or keeping them in a wallet lined with protective material that blocks fraudsters’ attempts to scan bank details.
Encouraging the uptake of mobile payment systems is another solution. Apple Pay and Google Pay remove the need for a physical card for small payments and are more secure against criminals. A report by MoneySuperMarket recently revealed that 23 per cent of Generation Z predict that physical cards will soon become obsolete with the rise of mobile payments, so it is hoped that this will see a reduction in contactless fraud.
Services banks can provide
When it comes to helping young people stay safe online, banks can provide an ID theft detection service to customers, which works to scan both the public and dark web to warn customers in advance of any potential threats while they are surfing.
Understandably, in the event that a customer does fall victim to an attack, banks may be the first lifeline a customer contacts to cancel their cards or move money around. Rather than just provide this reactive emergency service, banks can set up a dedicated ID theft helpline offering legal assistance as well as a resolution. For young customers in particular, customer experience is important, and this value-added service could go a long way to improve a bank’s reputation.
As technology and convenience continues to advance to meet the ever-changing needs of young people, the same applies to cybercrime. Fraudsters are embracing new tech to catch more people out, so banks need to follow suit and stay ahead of the game to prevent attacks and empower customers to help themselves.