Vector
Vector

Choose your topics

Blogs
Top Tips to Save Time When Assessing Third-Party Risks

Is assessing third-party risks taking up too much of your time? How can you make the process more effective and efficient? Find out in the latest post from SureCloud.

Third-Party Risk Management GRC
Blogs
The GRC Trends to Look Out for in 2024

Our GRC experts at SureCloud share their 2024 predictions for the world of governance, risk and compliance.

GRC
Blogs
The Top 5 Challenges of Third-Party Risk Management

With the supply chain now seen as a legitimate attack path, what can your organization do? Let’s explore 5 challenges of TPRM and how to overcome them.

Third-Party Risk Management GRC
Blogs
What is Third-Party Risk Management?

What is third-party risk management and how should you approach it? Find out in this post.

Third-Party Risk Management GRC
Blogs
The Top 4 Challenges of Risk Management

What are the top four challenges of risk management today and how can you overcome them? Find out in this post from SureCloud.

Third-Party Risk Management GRC
Blogs
Transform Compliance into Your Competitive Advantage

In GRC, compliance is often viewed as a cost that makes it harder to pursue growth. Here's how to make it your competitive advantage.

Compliance Management GRC
Blogs
Questions You Should Ask when Preparing For Your First Pen Test

Understand the processes that you and your chosen pentest provider will travel through for your first pen test, from the initial point to the day the test starts.

Penetration Testing
Blogs
TPRM Blog 6-Writing Clear Questions

Our GRC Practice Director explores the importance of clear communication and how to achieve it in your third party questionnaires. Read more here.

Third-Party Risk Management GRC
Blogs
The Simple Way to Combat Phishing

SureCloud Cybersecurity Practice Director Luke Potter shares his tip to stay ahead of attackers phishing for your downfall.

Penetration Testing
Vector (7)
Vector-1
Cyber Security

Is it really your bank calling? SureCloud on BBC One’s The One Show

Is it really your bank calling? SureCloud on BBC One’s The One Show
Written by

Anna

Published on

1 Sep 2020

Is it really your bank calling? SureCloud on BBC One’s The One Show

 
 

SureCloud Senior Director of Cybersecurity Luke Potter and Senior Cybersecurity consultant Elliott Thompson featured on BBC One’s The One Show on Tuesday 7th January, helping demonstrate just how easy it can be for scammers and criminals to pretend to be calling from your bank.

 

To showcase the ease of which it can be done, the episode saw Presenter Matt Allwright positioned in the middle of a busy shopping centre – along with a magician for a bit of showmanship. Passers-by were stopped and asked for the name of their bank and mobile number – which was then relayed through a hidden microphone to SureCloud’s own team, set up in the restaurant upstairs.

 

Moments later, said members of the public received a phone call which seemed to originate from the phone number printed on the back of their debit or credit card – the phone number of their bank. Of course, the technical capabilities for this were all set up by SureCloud.

 

Ofcom has teamed up with UK Finance to help tackle scam calls through a list of ‘Do Not Originate’ numbers. These are then allocated to banks and other financial institutions, with the agreement that the businesses in question never use them for outbound customer communication. The phone number is then printed on your debit or credit card, and then, whilst you can still use that number to make calls to the bank, should you ever receive a call on the same number, you know that it’s a spoof – provided your mobile network is also signed up to the scheme.

 

It’s a powerful step in the right direction, but as demonstrated, it is still all too easy for bad actors to spoof that all-important phone call. Protection from call spoofing requires a two-pronged attack – technical solutions like the ‘Do Not Originate’ list combined with user education and awareness of the prevalence and dangers of call spoofing.

 

Commenting on the issue of number spoofing, Luke Potter says: “Unfortunately, it’s commonplace for fraudsters to pose as representatives of banks to gain access to sensitive data, so people should never give out such information in response to an incoming call. It’s always best to be cautious and vigilant or there could be financial consequences.”

 

Watch the full piece HERE.