WARNING ABOUT EMAIL & WEB SCAMS

TODAY’S BLOG

WARNING ABOUT EMAIL AND WEB SCAMS

I asked Steve Hayward to put together a piece for me about being safe on your computer. Here are his thoughts and top 10 tips to keep you safe at a time when more of us are working from home and criminals are ever industrious. Steve…

Let’s be honest – internet security is dull topic. We seldom hear about cybercrime and data theft anymore, largely because people are more tech aware and we have relaxed our vigilance because our email providers do such a good job of filtering out unwanted spam. Likewise, web protection is built into our browsers and so we seldom need to concern ourselves with malicious code, hidden redirects, and aggressive popups. However, we cannot afford be too complacent when using any internet service as people are still being scammed and defrauded in their thousands.

A sceptical awareness has never been more important now that we find millions of people either working from home or in isolation, with only our access to the internet to keep us feeling connected to others. Cybercriminals are creative and they are making every use of this new opportunity to identify our vulnerabilities. So, here are my top 10 simple rules and best-practices to live by when using the internet:

COMPUTER SCAMS

TOP TEN TIPS FOR GOOD PRACTICE

1)      Be suspicious. Have a general scepticism bubbling away in the background with everything you do on the internet.

2)      Always use strong passwords but don’t only rely on them. Never use the same password for every application and service you use. Keeping track of your passwords can be tough and so use a decent password manager. These applications generate strong passwords and store them for you in an encrypted vault. They will also manage other credentials and sensitive data, like financial card information. They will also sync across all your devices. Look for applications like LastPass, 1Password, Bitwarden, Dashlane, Keeper, or KeePassXC.

3)      Always use two-factor or three-factor authentication and/or biometric security when it’s available. A simple username and password is not enough – especially for important services like online banking and buying and selling. The first tier of authentication is your username and password for that service; the second tier is an additional authentication, such as an SMS text message to your phone with a login code or PIN. Also, try to use services that require a fingerprint or face/voice recognition.

4)      Phishing. This is the big one that still gets people because the emails seem genuine and may not be caught by a spam filter. A phishing email is used to get you to log on (or attempt to log on or perform a password reset or confirm your bank details) by pretending to be from a source you trust, such as your bank or a retailer. This is a good time to re-read best-practice #1. If you ever receive an unexpected email informing you of a security incident or one that’s asking you to reset your password or confirm a detail of any kind, ignore it and mark it as spam. Check the sender email address. Does it look genuine? You’ll often find that an email that pretends to be from Microsoft, will not be sent from the expected support@microsoft.com email address (for example), but rather from something bizarre like microsoft-reset@blamfeutter.ru. I don’t know about you, but I’ve never heard of Blamfeutter from Russia – and neither have you. Delete it and mark it as spam. If ever in doubt, call the company that you believe may be trying to contact you.

5)      Never open attachments unless you completely trust the sender. Even then, glance at the type of file you’ve been sent before you just click on it. Is it a Word document, an Excel spreadsheet, a JPG photo, or a PDF document? If so, then chances are it’s okay. Is it a document type you don’t recognise? If so, don’t open it. Check with the sender first.

6)      Anti-virus. If you are using a PC at home, make sure you have a security suite installed. There are plenty of good free versions like AVG, Avast, Avira, and Bitdefender.

7)      Public Wi-Fi is never secure. Be extremely sensitive about what you do from your laptop or phone via the Wi-Fi of your favourite coffee shop. NEVER do a financial transaction. NEVER log on to PayPal or any other internet banking system. Write documents and send emails, that is all.

8)      Stop clicking the Unsubscribe option at the bottom of an unwanted email. You cannot guarantee where that hyperlink will take you. Simply mark the email as spam instead.

9)      Facebook and other social-media. There are so many ‘interesting’ posts on Facebook that act as bait for your click. Your click will often be redirected and a hidden piece of code will be run that will cause you to ‘like’ a Facebook page without your consent or may lead you to survey sites that are profitable for the criminals involved. Facebook, Google, Amazon, and Twitter alone hold an enormous amount of your data. Criminals are very interested in getting hold of this data – especially when there is a good chance the email and password you use to log on will also be used by you for numerous other accounts elsewhere. They will also have access to your address, your family details, your mobile number, and (likely) your credit card, what you buy and when, your movements and whereabouts from moment to moment, and what you ate for supper last night.

10)  Keep your software up-to-date. Turn on automatic updates so that your browsers like Chrome and Firefox get regular automatic security updates.

At Solomons we have a securely encrypted portal,  this is the best way to communicate with us about anything that is data-sensitive. If you have not already done so, please register for our portal. We advise watching our short video first which is below.

Now head over to any page of our site, where it says CLIENT LOGIN (top right) or use this link:

CLICK HERE TO REGISTER FOR OUR PORTAL

Dominic Thomas
Solomons IFA

You can read more articles about Pensions, Wealth Management, Retirement, Investments, Financial Planning and Estate Planning on my blog which gets updated every week. If you would like to talk to me about your personal wealth planning and how we can make you stay wealthier for longer then please get in touch by calling 08000 736 273 or email info@solomonsifa.co.uk

GET IN TOUCH

Solomon’s Independent Financial Advisers
The Old Bakery, 2D Edna Road, Raynes Park, London, SW20 8BT

Email – info@solomonsifa.co.uk 
Call – 020 8542 8084

7 QUESTIONS, NO WAFFLE

Are we a good fit for you?

GET IN TOUCH

Solomon’s Independent Financial Advisers
The Old Bakery, 2D Edna Road, Raynes Park, London, SW20 8BT

Email – info@solomonsifa.co.uk    Call – 020 8542 8084

7 QUESTIONS, NO WAFFLE

Are we a good fit for you?

WARNING ABOUT EMAIL & WEB SCAMS2023-12-01T12:13:19+00:00

“What have I missed about auto enrolment?”

Solomons-financial-advisor-wimbledon-top-banner

What have I missed about auto enrolment?

Yesterday I suggested that auto enrolment was not really about pensions, that’s because despite it being about setting up a pension, the real emphasis is much more about communications with staff and with Government agencies. The new system is rather like PAYE, though nothing quite as simple. I have come up with 11, that’s eleven, key issues where auto enrolment will challenge your business or charity.

Contracts of employmentEmployeeOfTheMonth

Contracts of employment will need to be altered reflecting the new pension arrangements; this may be a difficult discussion depending upon your type of business and workforce. Do you need to get the help of HR or even legal advice to do this properly?

Pay reviews and salary sacrifice

Some employers may use this as an opportunity to consider “salary sacrifice” or “salary exchange” this is a bizarre scenario where having a reduced gross income with the reduction paid into a pension, saves both employer and employee national insurance contributions and PAYE, yet invariably the net pay is a bit more, with more money going into a pension. Odd but true.

Payroll integration, live and up to date

Your payroll software will need to be able to integrate the new scheme, if you are a small firm and outsource this to your book keeper or Accountant; they need to be up to speed and have software that does the job.

IT overhaul

Schemes will be managed online and the Pension Regulator may demand data going back 6 years in a format that they can readily use). This therefore has implications for your IT systems and security and in particular how you hold and backup your data about staff.

Garbage in, garbage out?

Communication with staff is also a big deal. You need to be able to evidence that you have provided all of the relevant information to your staff, email is the most obvious and cheapest delivery option, but we all know that not everyone uses email or has provided you with an up to date email address, so do you need everyone in the business to have a company email address, and what happens when they leave? Do you maintain records properly?

Money Laundering

As a pension is an investment, there are issues about possible Money Laundering and politically exposed people. As an employer do you have evidence that you have done thorough identity and residency checks? Can you prove this? This will also identify any illegal immigrants or visa’s that have expired.

Staying silent and impartial

You might see auto enrolment as a valuable part of your staff package, however some see it as another tax and a whole lot of bureaucracy. You are not permitted to give advice about pensions or entice or discourage staff from joining the scheme. This isn’t just frowned on, it carries hefty financial penalties if revealed.

Disgruntled employees

Non compliance with the rules is a dangerous approach. You may believe that you know your staff, but perhaps you should reflect on what could go wrong for you if a member of staff falls out with you, or is just plain awkward anyway (these people do exist in 2014) so make sure you have complied and that you can demonstrate that you have done so. It is pointless to ask for a bullet proof vest after the event.

Tax triggers

You may not be aware that some people have very large pension scheme benefits. The Lifetime Allowance has reduced and will reduce again in April. Some people have protected their larger allowances, but should they accidentally enrol into a new pension, this would scupper their plans. This could trigger enormous tax penalties (55% of £1m for example) and you won’t be terribly popular with the employee that is presented with such a bill because you didn’t communicate well enough.

Honest guv….

The cynic in me might suggest that this is another way to join-up the Government agencies, which is fine if you are doing everything properly (unless you have concerns about information flow) but of course will catch out more people that have undeclared earnings anywhere.

Impacting your budgeting

Finally, don’t rely on your costs being 3% of your payroll. It is likely that contributions levels will be raised above 8%, in Australia (where they have had compulsory pensions since 1992) employers now contribute 9.25%. You ought to allow funds for the scheme and your systems to be reviewed and of course you might be wise to provide seminars or meetings for your staff to ensure that they understand their pension.

So, auto enrolment is about pensions… well yes, but it is also about rather more besides.

Dominic Thomas: Solomons IFA

“What have I missed about auto enrolment?”2023-12-01T12:38:57+00:00
Go to Top