SECURITY | DevDosh Ltd

SECURITY
We take security seriously. We’re continually striving to make our service and touch points safer. Our security guide gives you information and advice on staying secure, as well as details on how to contact us if you suspect any foul play.

Help and support

External Links
All of the external sites you can reach through DevDosh Ltd are here to help you. However, we must tell you that we accept no responsibility or liability for the content, accuracy or availability of any external site you may encounter.

Protect Yourself
Security of your credentials (Protect Yourself)

If you use our online facilities we will set up security credentials for you. Your credentials give you access to DevDosh Ltd login area, and you should take adequate steps to make sure that this online information remains secret. To safeguard these details you should:

Memorise your username and memorable word
Ensure that you do not tell anyone your username and password, and ensure that they are kept secret by taking appropriate steps to prevent disclosure to a third party
Never keep details of your userame and password in the same place
Avoid using the same username and password on other websites

Please contact us immediately if your credentials have been lost or stolen.

Logging out
If you have logged in to the secure area of the site and then choose to finish your session, you should always log out to prevent unauthorised access to your account.

Public computers
Be extra vigilant if using public computers, including internet cafés, or wireless hotspots, where there is an increased risk of your online details being compromised. It is recommended that you use computers which you directly control, or at least consider to be secure.

Do not select options to remember your details on a computer other people may use.

Completely close the browser, clearing private data, when you’ve used a computer that other people may use.

Protect your computer

Anti-virus protection
Anti-virus software is used to prevent, detect and remove known viruses.

When you use anti-virus software, ensure that you carry out regular software updates to keep it as up to date as possible. If your anti-virus software has a virus scanner option, it is recommended that you schedule regular scans of your computer. If a virus is ever found, it is recommended that you follow the instructions provided by your anti-virus software.

Updates and patches
Software patches work to close a hole or weakness in your computer’s software. Keep your operating system (e.g. Windows 7 or Apple OSX) and your web browser (e.g. Internet Explorer or Firefox) up to date by regularly checking the manufacturers’ websites.

For Windows and Internet Explorer updates go to: windowsupdate.microsoft.com
For Mac updates go to: www.apple.com/uk/support
For Chrome updates go to: www.google.com/chrome
For Opera updates go to: www.opera.com/

Personal Firewall
Personal firewall software works in the background to manage traffic to and from your computer according to its security policy.

It is recommended that in addition to using anti-virus software, you use a personal firewall. This will help to protect you from online threats by acting as a barrier between the public internet and your personal computer, provided that you carry out regular updates.

Downloads
There are many internet frauds that rely on people downloading software to their computer often without their knowledge or consent. Do not download any software onto your computer unless it is from a trusted source or site.

Be vigilant when downloading other software off the internet such as MP3s as malicious software is often ‘hidden’ amongst legitimate software.

Email attachments
Be vigilant when receiving attachments by email, even if they appear to be sent from your bank.

Emails are a common way to spread viruses. If you are at all suspicious, do not open the email and delete it immediately.

Email Security
To help protect your personal email accounts, try to use a strong password that contains at least eight characters with a combination of upper and lower case letters, numbers and keyboard symbols (for example $ecure*&Pa55word1).

If you believe an account has been compromised, sign in and change your password immediately. If you cannot access your account because a password has been changed, contact your email service provider immediately.

Spyware
Spyware is a program that can secretly gather information about you as you use your computer. It is commonly downloaded without the knowledge or consent of the user. It can slow down your computer, alter your homepage, produce lots of adverts or links to websites and even include keystroke loggers to record details such as passwords and user names. If your security software detects a threat on your computer, it is recommended that you follow the instructions provided by your software.

Trojan programs
Trojan programs are hidden programs, again commonly downloaded without the knowledge or consent of the user, that can give control of your computer to a hacker or gather information about you as you use your computer. A trojan is a type of computer worm or virus that is installed on your computer without your knowledge or consent.

Typically, the fraudster will send you an email that tries to trick you into following a website link and downloading a piece of software or opening an attachment. If you take this action, the trojan can be installed.

Trojans can be capable of recording passwords and other personal details by capturing keystrokes or taking screen shots of sites you visit. These details can then be sent to the fraudster.

Our website security
The security of your financial and personal information is very important to us and we take appropriate steps to protect you online. We use proven technology to ensure that our online services are provided in a safe and secure environment. This includes:

Secure Socket Layer
Our web based services use a technology known as Secure Socket Layer (SSL) which means that the information sent across the network is scrambled. To support this technology, you need an SSL-capable browser. A symbol on your browser, usually a lock or key, tells you if you are on a secure site.

If the symbol is unbroken or in the locked position then you are using a secure connection to the server.

Time-outs
Following a period of inactivity we apply a time-out to your session in case you forget to log out.

Protect yourself from fraud
Fraud crime is growing and everybody needs to be aware of it. We hope you find the following tips useful and informative. Don’t just take our word for it though, the Links below and resources give you access to information provided by external organisations. Keep your details safe. Keep your cards, passwords, PINs, documents and personal information secure. This will protect you from identity theft, online fraud, card fraud and more. To learn more about how you can keep these details safe, see our guide to identity fraud. Be suspicious of any unsolicited communications that ask for your personal details. Although unsolicited phone calls, letters, emails or texts can look or sound legitimate, chances are they’re fraudulent. Don’t respond to these kinds of communications until you’ve contacted the company concerned to check that they’re genuine.

Be careful
Never download software, open attachments or follow links that you’ve been sent by email unless you’re sure they’re safe. If in doubt, delete the email immediately. These tricks are commonly used by fraudsters to install trojans or spyware. Check your bank and credit card statements carefully. Contact us straight away if think anyone has tampered with your DevDosh online account.

Learn about common scams
There are some common scams that may target our customers. Be vigilant and up to date. Check your personal credit file regularly, particularly if you’ve recently moved house. This will help you to spot any fraudulent activity that may be conducted in your name. You can get reports from Callcredit, Equifax and Experian.

Keep your computer and mobile software up to date
Keeping your computer and mobile’s operating systems, applications, virus checkers, firewalls and software up to date is the best proactive protection for your computer, mobile and data.

Be vigilant when using cash machines
Move to another machine if someone behind you is behaving suspiciously or attempts to distract you. Check for signs of tampering, as this could mean that the machine has been fitted with a skimming device. Never leave receipts behind – keep them until you’ve checked them against your statements and then dispose of them safely, preferably by shredding them. If you are concerned about the security of your account your bank immediately.

Fraud prevention links and resources
Learn more about fraud prevention

The DevDosh Ltd website contains lots of information about how you can protect yourself from financial fraud. But if you’d like to know even more, these sites can help:

Get safe online
This site has been developed by the Government, police and industry. It offers advice on staying safe online and protecting your computer and the personal information it contains.

Action Fraud
The UK’s national fraud reporting centre where you should report fraud if you have been scammed or defrauded.

Visa website
This service, in association with Visa, protects your card against unauthorised use when you shop online at participating retailers.

Mailing Preference Service
By registering with this service, you can reduce the amount of unwanted mail you receive, which can help reduce the risk of identity theft. You can also register the details of relatives who’ve passed away.

Metropolitan Police Service
This site contains more detailed information about specific frauds, such as identity theft and advance fee fraud, as well as alerts about the latest scams in London.

UK Payments Administration
The UK payments association and its website contains information about the major types of payment fraud.

Card Watch
Contains useful information about card fraud for consumers and businesses.

Be Card Smart Online
Packed with tips for protecting yourself against online card fraud, this site is specifically designed for online shoppers.

CIFAS Protective Registration
UK fraud prevention service CIFAS offers Protective Registration to people who have fallen victim to, or are at risk of, identity theft. This service flags your personal file, so that when CIFAS member companies can conduct extra checks to ensure that the application is genuine.

Check these sites regularly to make sure that your browsers, operating systems and applications are up to date and install any patches that may be required.

Microsoft
Apple
Firefox
Chrome
Opera

If you are concerned about the security of your account contact us immediately.

Security of your credentials
Identity theft now costs the UK more than £1billion a year. Avoid falling victim to this fraud by following our simple tips. If you are concerned about the security of your account, contact us.

What is identity theft?
Identity theft occurs when fraudsters use your personal information without your knowledge or consent to take out bank accounts, credit cards, loans, state benefits and documents such as passports and driving licenses in your name. It can have a terrible impact on your personal life and finances. For example, you may have difficulty getting loans, credit cards or a mortgage until the problem is sorted out. We list below some ways in which you can protect yourself from identity theft.

Keep your personal information secure

Check your personal credit file regularly, especially if you’ve recently moved house. Callcredit, Equifax and Experian all offer credit reports
Be extra careful if you live in a property where other people could access your mail. People who live in properties with communal letterboxes are particularly vulnerable.
Consider picking up valuable items from companies directly rather than having them mailed. For example, if you’ve ordered new debit cards, credit cards or cheque books from your bank, you might be able to pick them up from your local branch.
If you suspect your mail is being stolen in the UK, contact the Royal Mail Customer Enquiry Line on 0845 774 0740. Check whether a mail redirection order has been made in your name without your knowledge.
If you move house, tell your bank, card issuer and all other organisations that you deal with immediately. Ask Royal Mail to redirect any mail from your old address to your new one for at least a year.
Consider using the Mailing Preference Service. This will help limit the amount of unwanted mail you receive.
Learn more about protecting your identity online. Get safe online has been developed by the Government, police and industry. It offers advice on staying safe online and protecting your computer and the personal information it contains.

Keep your cards safe

Cancel any lost or stolen cards immediately. Make a list of all your card issuers’ emergency numbers and keep them handy.
Protect your details when shopping in store, online or by phone. Make sure other people can’t hear or see your card details or personal information.
Never carry documents or plastic cards unnecessarily. Keep them in a safe place when you’re not using them.
Want more tips? see Card Fraud below.

Keep your documents safe

Keep your personal documents in a safe place, preferably locked away at home or your bank. If any of your documents have been lost or stolen, contact the issuing organisation immediately.
Destroy unwanted documents, preferably by using a shredder. Never throw away entire bills, receipts, credit or debit card slips, bank statements, or even unwanted post in your name.
Check statements as soon as they arrive. If you spot any unfamiliar transactions, contact the company concerned immediately.

Keep your passcodes, PINs and memorable words safe

Never give personal or account details to anyone who contacts you unexpectedly. Be suspicious, even if they claim to be from your bank or the police. If they’ve called you, ask for their organisation’s name and call them back via that organisation’s switchboard. Be aware that banks, including ours, will never ask for your PIN or a whole security number or password.
Don’t use the same password for more than one account and never use banking passwords for other websites. Using different passcodes increases security and makes it less likely that someone could access all your accounts.
Never record or store your passcodes or PINs in a manner that leaves them open to theft. For example, don’t carry them in your purse or wallet.
Be suspicious of emails that ask for your personal details. They’re often used by fraudsters.

Protect the identities of loved ones who’ve passed away
Fraudsters sometimes use the identities of people who’ve died. You can reduce the chance of this happening by removing their details from mailing lists.

Organisations that offer this service include:

The Bereavement Register
Deceased Preference Service
Mailing Preference Service

Card Fraud

Protecting your cards
Want to know how you can protect yourself from credit and debit card fraud? Here are some of the most common scams and how you can avoid them.

Lost and stolen card fraud
This occurs when a lost or stolen card is used by a fraudster posing as you. Most lost and stolen card fraud occurs before you report the loss.

To protect yourself:

Report any lost or stolen cards immediately
Use chip and PIN cards where possible
Only carry the cards you need
Avoid placing cards in your pockets, where they can easily fall out
Make sure that your cards fit snugly inside your wallet or purse
Take precautions to avoid your card being stolen – for example, don’t leave your handbag unattended or carry your wallet in your back pocket
Always shield your PIN from any observers when using cash machines

Counterfeit card fraud or skimming
A counterfeit card can be a fake card or a valid one that’s been altered or recoded. Most cases of this fraud involve skimming, the process by which the data on your card’s magnetic stripe is electronically copied onto another card without your knowledge. Skimming commonly occurs at retail outlets – particularly bars, restaurants and petrol stations – and at cash machines that have been illegally fitted with a skimming device. The stolen data is then used to create counterfeit cards. Most people are unaware that they’ve fallen victim to this fraud until their statements arrive.

To protect yourself:

Don’t leave your card with bar or restaurant staff for long periods
Don’t let retail staff take your card away to process payments
Check cash machines for signs of tampering before you use them

Card-not-present fraud
This is the most common type of card fraud in the UK. It occurs when fraudsters steal your card details and use them to make purchases over the Internet or by phone, fax or mail. Always be aware of who you are dealing with.

To protect yourself:

Avoid entering your card details on shared or public computers
Always remember to log out of any websites where you’ve entered your card details
Only enter your card details on secure sites that you trust, preferably with merchants using the 3-D Secure service (remember to check that the web page has the secured lock or key icon in the browser)
Keep a close eye on your statements and report any fraudulent transactions immediately
If you do a lot of online shopping you may wish to consider using a debit card with a low balance, or credit card with a low limit, specifically for online purchases

Mail-non-receipt fraud
This fraud occurs when you order a new card and it’s stolen in transit. You’re at particular risk of this fraud if you live in a property with a communal letterbox, such as a block of flats or a student residence hall.

To protect yourself:

Find out how long it will take for any new cards to be mailed out to you and contact your card provider straightaway if they don’t arrive on time

Identity theft on cards
This occurs when a fraudster uses your personal information to open or access card accounts in your name. There are two types:

Application fraud takes place when stolen or fake identification documents are used to open an account in your name
Account takeover occurs when fraudsters use your personal information to pose as you and convince your bank to make payments from your accounts, order new cards and cheque books, and so on

To protect yourself:

Shred bills, bank statements and other documents containing your personal details before disposing of them
If you use social networking sites, display as little personal data on your page as possible
If you suspect your mail is being stolen, contact the Royal Mail Customer Enquiry Line on 0845 774 0740 to check if a mail redirection order has been made in your name without your knowledge
If you move house, ask Royal Mail to redirect your mail and advise the companies that you do business with straight away

Check your personal credit file regularly using a credit reference agency such as:

More information about card fraud
If you’re planning to travel, it’s best to let us know in advance. This helps avoid problems with using your cards and accounts overseas, as well as helping to protect you from fraud while you’re away. Card Watch contains useful information about card fraud for consumers and businesses. Be Card Smart Online is packed with tips for protecting yourself against online card fraud and is specifically designed for online shoppers. The identity theft website developed by the Government, Metropolitan Police and various industry bodies contains detailed information about identity theft and how you can avoid it. Our guide to identity theft summarises some of the key points from this website.

Cheque Fraud
How does cheque fraud occur?

Want to know how you can protect yourself from cheque fraud? Follow our tips and you’ll be well on your way.

Cheque fraud takes place when a fraudster uses a stolen or counterfeit cheque to pay for goods and services. More than 90% of fraudulent cheques are stopped before any loss occurs. But even so, cheque fraud still costs millions of pounds a year.

These losses can be compounded when the fraud also involves an ‘overpayment’. This occurs when the fraudster – who is often part of an organised gang – targets the seller of a high value item, such as a car, and offers to pay using a stolen or counterfeit cheque made out to more than the price of the goods. Once the cheque clears, the victim is asked to transfer this ‘overpayment’ to a third party, as well as handing over the item to the fraudster.

When the real cheque owner discovers that money has been stolen from their account, the victim can be obliged to repay the total sum – even if this happens several weeks later.

How to protect yourself against cheque fraud

Don’t accept cheques from anyone unless you know and trust them, especially when a high-value cheque is involved
Be aware that there’s a risk that money credited to your account from a cheque could be reclaimed if the cheque turns out to be stolen or counterfeit
Always consider other ways of accepting payment for high-value items – a CHAPS payment, or guaranteed, same-day bank transfer, is ideal. Be especially wary if the buyer is unwilling to pay or split the relatively small cost involved with you.
Keep your chequebook in a safe place
Report any missing cheques to your bank immediately
Always check your bank statements thoroughly

Common Scams

Social Engineering
Social engineering is the act of manipulating people into doing what you want. In terms of online fraud, it usually involves tricking people into disclosing passcodes, login details or other confidential information.

You can protect yourself by:

Not disclosing confidential information over the phone unless you’re sure that the caller is really who they say they are. If in doubt, ask for the caller’s phone number, satisfy yourself that it is genuine, and only then call them back.
Never sending confidential information by email. It can easily be intercepted by a third party, and companies like ours will never ask you to email personal details, account information or passcodes.
Keeping your credentials (PINs, passcodes and memorable words) confidential at all times. Banks, including us, will never ask you to disclose this type of information.

Phishing, Vishing & Smishing
Phishing is the process of attempting to acquire confidential information by sending out emails that direct you to bogus websites or phone lines. These emails claim to be from a particular company, but are actually sent by fraudsters, often at random. Any information you disclose on these bogus websites or phone lines is captured by the fraudsters.

Similar techniques are used over the telephone using Voice (Vishing) or the use of SMS (Smishing).You can protect yourself by treating any unsolicited emails, calls or texts that ask for confidential information as suspicious. If in doubt, contact the company that supposedly sent you the message to make sure that it’s genuine.

Courier Scam
The courier scam is when fraudsters call and trick you into handing your cards and PIN numbers to a courier on your doorstep. There are many variations of the scam, but it usually follows this method:

A fraudster will cold call you on a landline, claiming to be from your bank or the police. They state their systems have spotted a fraudulent payment on your card or it is due to expire and needs to be replaced.
In order to reassure you that they are genuine, they suggest that you hang up and ring the bank/police back straight away. However, they don’t disconnect the call from the landline so that when you dial the real phone number, you are actually still speaking to the fraudster.
They then ask you to read out your PIN or type it on your phone keypad. They may ask for details of other accounts you hold with the bank or financial service provider.
Finally, they send a courier to you to collect your bank card. The fraudster will have then obtained your name, address, full bank details, card and PIN.

Protect yourself against courier fraud:

Your bank will never send a courier to your home
Your bank and the police will never collect your bank card
Your bank and the police will never ask for your PIN
If you receive one of these calls end it immediately

W-8BEN Form scam
The W-8BEN form is a legitimate US tax exemption document, however fraudsters have been using the W-8BEN format to acquire personal details such as mother’s maiden name, passport number, date of birth, PIN numbers and passcodes. The fraudulent forms are being sent under the guise of anti money laundering regulations claiming to review client information and asking that the form be completed.

Please be advised that we will never ask you for your passcode or memorable word in this manner. Should you receive such a form do not reply to it.

Additional income email scam (money mules)
Most UK bank accounts won’t let you make online cross-border transfers from overseas. Since most online fraudsters tend to be based outside the UK, they need money mules to launder the funds they receive from their scams.

Money mules receive funds into their accounts and send it to the fraudsters using a wire transfer service, minus their commission. They’re recruited through a variety of methods, including spam emails, genuine recruitment websites, approaches to people whose CVs are available online, instant messaging and newspaper ads.

This scam offers you the chance to earn some easy money for a few hours’ work each week, but beware: handling money that’s been obtained fraudulently is a crime. You can protect yourself from becoming involved by:

Treating any unsolicited job offers with suspicion, especially if the company is based overseas
Verifying the details of any company that you’re considering working for
Not giving your bank account details to anyone that you don’t know and trust

Remember the golden rule: If it sounds too good to be true, it probably is. For more about money mules, visit the UK banking industry’s helpful site bank safe online.

Lotto prize and advance fee scams
These scams are variations of the same type of fraud, in which the victim is asked to make a payment in return for receiving a substantial amount of money. Advance fee fraud is also known as West African or 419 fraud. In both types of scam, the fraudster will claim the money is available but a payment is needed to help cover transfer or administrative costs. Lotto fraud payments tend to be low to start with and increase as the victim becomes more engaged with the scam. In contrast, the payment requested in advance fee fraud is usually quite high – often £15,000 or more.

To protect yourself:

Treat any such requests for money with suspicion
Be aware that these requests can be made not only by phone, but by email, letter, or even in person, and can look and sound legitimate
Don’t respond to any unsolicited communications promising prize money in return for payment

The Metropolitan Police website contains detailed information about these frauds. If you’d like to learn more, see lotto fraud and advance fee fraud.

Boiler room scams
Boiler room scams are scams where ‘companies’ contact clients generally out of the blue either by post, email or telephone and offer them shares in a company at a supposedly heavily discounted price. They will often use hard sell tactics to persuade the client to buy the shares e.g. creating a sense of urgency or using a persistent and aggressive style. This pressurised tactic is why they are referred to as boiler room scams.

The company that they are trying to sell may be listed on an illiquid market so the shares cannot be sold. Or they could be a small unquoted company that the broker claims is planning to list. In other cases the company itself may not exist or the share certificates delivered are fake.

The Financial Conduct Authority (FCA) has published a list of firms that they are aware operate in this manner.

In general the bulk of these firms operate overseas with hotspots being in Spain, Switzerland, Dubai, Japan, Bermuda and the US and are therefore outside the remit of the FCA. However, these firms are likely to have a UK registered address and a name which suggests legitimacy.

Both inexperienced and experienced people have been affected by this type of scam with a typical victim losing around £20,000.

Further information on boiler room scams can be obtained from the FCA.

All of the external sites you can reach through this website are here to help you. However, we must tell you that we accept no responsibility or liability for the content, accuracy or availability of any external site you may encounter.