The ultra-paranoiac’s guide: nine steps to become impervious to cyberattackers


Kate Palmer

November 10, 2015

A ‘full profile’ of your data is worth around £300 to cyber criminals. But some tricks can make your entire web use ‘hacker-proof’

Trillions of items of data are circulating in cyberspace, including many of your own personal details – from your address and phone number, and full name and date of birth, to far more potentially compromising details including bank account and card numbers.

All criminals need to do is draw the data together to a create a “package” ready for fraudulent use, which they can sell on – again and again.

While the details of one credit card is worth just 50p on the black market, your “full profile” could be sold for around £300, depending on the depth and quality of the information, according to experts.

“Don’t assume this has been deleted,” warned Tony Allen of Pentura Mobile, a data-leak prevention company.

Trawl through old bank statements to find any online shops on which you may have “auto-saved” your address and bank details.

Search through your email inbox to find out which newsletters or surveys you might also have subscribed to.

“If in doubt ask businesses to confirm, formally and in writing, that they have deleted all their records about you,” said Mr Allen.

• TalkTalk cyberattack: do I have to pay exit penalties to leave my contract?

2) Keep a separate bank account for online purchases

The dedicated paranoiac will be reluctant to give out any details online.

As a solution, open a bank account solely for use when shopping online and setting up direct debits. It’s a hassle too far for some, but it’s safer.

Instead of loading it with cash, deposit only as much as needs to be paid out, and request a low or no overdraft.

3) Hack-proof your devices

“Paranoia is a good thing” when banking online, according to Mr Allen. He employs “ethical hackers” to penetrate employees’ phones and databases of energy firms and telecoms providers.

“A simple way to access someone’s phone or computer is to exploit a ‘known vulnerability’ on that operating system, which will be widely publicised on the dark web,” he said.

Set your devices to automatically download software updates, which contain “fixes”. Free software is available for iPhones, Macs, PCs and Android phones.

“Beware any unheard-of programmes that pose as protective software but are actually malicious,” said Mr Allen.

4) Make your credit card fraud-proof

By law, your credit card provider protects spending of more than £100, so if there is a problem you will get your money back.

But credit card details are also far more attractive to fraudsters, due to their high spending limits.

“There’s a massive underground economy on credit card data, where your details can be sold for just a few pence on the black market,” said Mr Abbott of Falanx.

“You’d be surprised at how most people already follow a spending pattern that computers can predict”
Jay Abbott, Falanx Security

“Fraudsters first use the card by carrying out a ‘test’ donation of 50p to a charity. Then they will rack up the limit as quickly as possible.”

Claiming the money back can be time-consuming. The solution: use a prepaid credit card.

This way, you still benefit from the consumer protections of a credit card. Load only as much as you need to spend on the card and set a maximum limit, which will cap any unauthorised spending if it gets into the wrong hands.

• ‘Fraudsters hacked emails to my solicitor and stole £340,000 from my property sale’

5) Stick to spending habits like clockwork

Banks use complex systems to detect any transaction that looks unusual.

“It’ll trigger warning lights if your card is suddenly used to buy four iPads and a luxury holiday,” Mr Abbott said.

But if you already are an “irregular” shopper, for example by using your credit card to suddenly buy lots of items, criminal activity is harder to spot.

“Keeping to regular spending ensures fraud attempts are picked up quickly by the bank’s own detection systems,” Mr Abbot said.

“However, most people already follow a spending pattern that computers can predict.”

6) Choose the best bank for dealing with fraud

If the worst happens and fraudsters steal your savings, you want your bank act quickly and refund your losses.

Dispute resolution body, the Financial Ombudsman Service, publishes a list of banks that receive the most complaints from fraud victims. Barclays received more complaints than any other bank in the previous year, where the Ombudsman ruled in the customer’s favour in 56pc of 598 cases.

7) Use banking apps, not websites

Shun computers altogether and use banking apps on your smartphone or tablet instead for the highest level of protection.

These apps were developed specifically for the purpose of carrying out secure transactions. Smartphones are relatively new, so were created in an age of hyper-security.

Ed Wallace is a director of “advanced threats” at MWR InfoSecurity, a consultancy. He said: “It’s much easier to attack a Windows operating system en masse because you attack the whole computer, but mobile banking apps are individually designed.”

8) Only bank using a dongle or card reader

If you do bank via a computer, only choose a bank that protects your online accounts using a secondary device such as a “dongle” or card reader.

This means that even if a fraudster gains your security password, they will not be able to access your account.

Some banks and building societies, such as Nationwide, send a card reader as standard. But others, including TSB, do not automatically require you to use a piece of hardware to login, so request this from the bank.

9) Make your email watertight

The best-protected bank account is useless if you can request your passwords to be sent to an insecure email address.

Most providers now provide a “two-step” verification option, free of charge, which sends you a text every time you login on a new computer.

“Even if your password is easy to guess, a criminal only has half the equation if you need a special code in addition to the password,” said Mr Wallace. “This makes it a significant extra safety feature.”

• The best of Telegraph Money: get our weekly newsletter

This article was written by Kate Palmer from The Daily Telegraph and was legally licensed through the NewsCred publisher network.

Great ! Thanks for your subscription !

You will soon receive the first Content Loop Newsletter