Investing in cyber security

Over Easter, I unfortunately found myself a victim of fraud.

Now, I like to think I’m computer savvy, as do most millennials; I don’t store any card details and all my “big” accounts have unique passwords. What I didn’t foresee is Uber creating a cash pay service within their app that would allow scammers to take hundreds* through their app.

‘Uber Cash’ – launched in the US – is a way for people to pay for all Uber services through the app and even send money to friends and family to split costs. Sounds good. However, it also means clever scammers are able to hack in and transfer money to themselves. Whether this scam is becoming a new trend or is a one-off, I don’t know. But I do know I spent a day changing every single password and switching emails on various accounts to make sure it didn’t happen again.

It also got me thinking about what other scams are common and how I can avoid falling victim to them.

‘There are only two types of companies: those that have been hacked, and those that will be.’ -Robert Mueller, FBI Director 2001-2013

Three common scams and how to protect against them

Phishing Scam

Arguably, one of the biggest online scams happens right in your email inbox. You receive a bogus email from what appears a legitimate company, or even a bank. The message often contains a link to verify your information. This information, unsurprisingly, is email addresses, passwords and often bank account details.

Because the initial email is sent to so many people at once, it doesn’t matter if only a tiny amount actually fall for the scam. What’s increasingly worrisome is how genuine some of the scams now appear. Some even spoof email addresses and details of a trusted contact to make the email look legitimate.

Rule of thumb – never click on links that you get in emails that ask you verify your personal information.

Malware

Ever had a tech problem where the help desk asked you to give them remote access? If you have, it was probably a life saver. You watched your cursor dance around the screen and your problems were solved. But the person on the other end isn’t always an expert.

Often, phoney emails also come with malware. Meaning when you click the link or download an attachment, software is downloaded to your computer so hackers can attempt to get control. This can mean they have complete access to download files, record what and where you type, even take screenshots of your computer.

Apart from the obvious – recording your login to online banking – scammers can also run a “ransomware” which means criminals block access to important files or your system entirely unless you pay a ransom.

Do not pay. Not only is there no guarantee they will put it right – they are criminals after all – but it also means they’re more likely to target you in future because they know you’ll pay.

Instead, guard yourself from malware infecting your computer by ensuring you don’t disable any built-in security systems and regularly update your systems. No one gets as annoyed as me seeing an Apple software update at 9am on a Monday, but just do it. Take the 10-15 minutes to make yourself some coffee. Don’t delay in the updates. They’re important.

Credit Card Scam

Also referred to as the ‘pre-approval scam’ because – you guessed it – it’s a fake credit card. Unfortunately, those that fall for this scam, while a minority of people, are usually those already experiencing financial strain.

It’s a simple scam really: you receive an email that tells you that you’ve been pre-approved for either a credit card or bank loan. Typically, the credit limit and interest rates are very appealing. However, you need to pay an upfront fee to sign up and “lock-in” your offer.

Yes, some credit cards have an annual fee, but not on sign up. And what bank do you know that would pre-approve you without an application?

Don’t respond. Don’t click any links or open any files.

Tips on how to avoid money scams

Two general words of advice: Be suspicious. Be suspicious of any email or call that seems out of the blue or unwarranted. Don’t trust someone just because they call you and know your name. And don’t allow yourself to be panicked, no matter how scary they make it seem. Hang up and call your bank, credit card, service provider etc directly. If it was genuine, there’s no harm in calling them or contacting support directly.

Never divulge your PINs, passwords or other personal details. And, when choosing security questions, refrain from the standard ‘mother’s maiden name’ or ‘first pets name’ – in the age of social media and tech, these answers are shockingly easy to find.

Bottom line: don’t assume it can’t happen to you, because scammers are always evolving – just ask Uber.

How to invest in cyber security

When it comes to money and credit card fraud, Experian is many individuals’ and businesses ‘go-to’ when it comes to checking a credit score.

A holding in Marlborough UK Multi-Cap Growth fund***, Experian’s paid-for service is a great resource for those who want to keep a closer eye on their credit history. You can keep a watchful eye over any credit card applications and potential identity fraud.

While Experian can alert you to potential fraud after the fact, Cisco has a host of security products to detect and stop threats before they occur.

A top ten holding in Lazard US Equity Concentrated***, the company ranked fifth on the Cybersecurity 500 list for ‘the world’s hottest and most innovative cybersecurity companies’ in 2018**. Cisco focuses on business threat protection, with tailored products from domain security to cloud-based network security.

With the introduction of Microsoft Threat Experts^ (a security operations centre with over 3,500 dedicated Microsoft cybersecurity professionals working with industry-leading Artificial Intelligence to protect, detect and respond to threats), Microsoft is quickly becoming a leader in cyber security trends.

A top ten holding in Brown Advisory US Flexible Equity***, Microsoft is bringing to market a number of security services for their customers, which use artificial intelligence, hand in hand with technology and experts, to stop fraud.

Curious about cyber-insurance? We talked to Nick Martin from Polar Capital Global Insurance on the opportunities in cyber security and how the industry offers the product.

*I am lucky in that the card they choose was my American Express credit card and not my debit card, as the American Express fraud team was amazing and had canceled my card, refunded the money, and issued a new card through the post (over the Easter weekend nonetheless) – all before Uber even responded to my initial fraud complaint on my account.

**https://cybersecurityventures.com/cybersecurity-500-list/

*** Source: Fund fact sheet, 31 March 2019

^https://www.microsoft.com/security/blog/2019/02/28/announcing-microsoft-threat-experts/

The views of the author and any people interviewed are their own and do not constitute financial advice. However the knowledge that professional analysts have analysed a fund or trust in depth before assigning them a rating can be a valuable additional filter for anyone looking to make their own decisions. Before you make any investment decision make sure you’re comfortable and fully understand the risks. If you invest in fund or trust make sure you know what specific risks they’re exposed to. Past performance is not a reliable guide to future returns. Remember all investments can fall in value as well as rise, so you could make a loss.