Day-to-day Cyberattacks: how to protect yourself

Digitalization also brings a variety of advantages when dealing with money. For example, digital banking lets you access your accounts and custody accounts at any time or find out about movements in your portfolio. But digital banking also gives rise to new risks, especially security risks. Imagine that you reveal your personal account details to someone claiming to be an advisor, and the next day some of your money has disappeared.

You were probably the victim of a cyberattack. This may sound unlikely to you but it is a daily reality: in Switzerland, at least 30,351 cybercrimes were committed in 2021 alone. Only 36.4 percent of these crimes were solved. (Federal Statistical Office)

Companies and organizations are therefore increasingly investing in the protection and security of their IT infrastructure. As a private person it’s also worth looking into this issue more closely.

Cybersecurity refers to measures that protect personal information stored on networks or computers from threats such as unwanted disclosure, damage or theft. In principle, everyone moving within a digital environment is exposed to such dangers. Cybersecurity, i.e., the digital protection of your data, is also becoming increasingly important for digital banking, as cyberattacks can affect anyone.

Cyberattacks have existed ever since IT systems came into being and it has been possible to store information on computers. One of the first cyberattacks dates back to 1988: US Student Robert Tappan Morris tried to find out how big the internet is, i.e., how many computers are connected to it. To do this, he wrote a program that could travel from computer to computer and send one signal for every computer reached. And it worked.

But the program was fast, so Morris “clogged up” large parts of the internet. In fact, he blocked 10 percent of the entire internet at that time. It cost the state several hundred thousand dollars to remove the so-called worm. One year later Morris was found guilty of infringing the Computer Fraud and Abuse Act.

Nowadays, cyberattacks are mainly in the form of phishing, malware and social engineering.

In other attacks, scammers try to get hold of your credit card information via fake online shops in order to make purchases, for example. Companies are also increasingly affected by cyberattacks; fraudsters are particularly interested in sensitive customer data so that they can steal passwords. In 2021, for example, more than one in three SMEs in Switzerland was the victim of a cyberattack (Netzwoche magazine, 2021).

The fact is that in 2021, 36.2 percent of the crimes committed in Switzerland were committed online (Federal Statistical Office). The following six tips can help you to better protect your confidential information and your assets whenever you are online.

“Security warning – please confirm your password.” This could be the subject line of a phishing email, supposedly sent by someone at UBS. At first glance, the message looks real enough. But appearances can be deceptive: banks – including UBS – and other official institutions will never send emails asking you to enter your password, trying to get you to download an email attachment or asking for your security details. Delete these messages immedia tely and never click on the links.

The goal of phishing attacks is to obtain confidential data from you as a private individual or from your organization. There are phishing emails sent in the form of a mass mailing to a large number of recipients and phishing attempts in which specific people, e.g., executives, are targeted. The latter often look remarkably genuine because the attackers have already obtained certain information from the victims.

On closer inspection, you can recognize a phishing email by the following characteristics:

The email address is not legitimate, the text contains spelling errors, the salutation is wrong or you are asked to do something urgently. Whenever you receive an email from a company that asks you to enter your security elements or download an attachment, check the sender carefully, delete the message, or if in doubt, call the company’s hotline. You’ll find further information on how to protect yourself against phishing emails on our webpage “Social engineering – phishing, bogus calls”.

You receive a phone call from an unknown or hidden number. The caller pretends to be a UBS employee and asks for details about your account, personal details or your assets. In such cases we advise you to end the call immediately without providing any information. No bank will ask for your personal data on the phone, unless you called them yourself – for example, to block your cards.

UBS provides you with settings with which to protect your assets according to your individual needs. For example, you can block your cards for selected countries – or approve them only for use abroad if you are about to leave the country. Set transfer limits. Activate notifications so that you know when certain movements occur on your account. You can also enter these settings yourself directly in E-Banking or Mobile Banking.

A strong password consists of upper and lower case letters, numbers and special characters – you may not be able to remember it as easily as 12345 or the name of your first pet, but it is much more difficult to crack. Create a strong password and memorize it – to protect your data and your assets. You can make use of password strategies: replace certain letters with numbers or special characters or use full sentences and only include the first letters of each word in your password. You can also combine these two strategies. The sentence “mypasswordissecretdonotcrackit” would then be “mP!$DnC!.”

You can generate secure passwords and manage existing passwords in the UBS Safe via E-Banking or in the UBS Safe App. Already have UBS E-Banking? Then activate your UBS SafeClick here to access the “UBS Safe” page.

In addition to precautions for protecting your sensitive data, you should also maintain a healthy dose of suspicion. If you receive suspicious messages and don’t know how to respond, contact the company that claims to be behind it.

If you notice unusual activity or irregularities in your account, contact your bank immediately. Use your common sense and don’t give scammers a chance – whether you’re managing your finances on your smartphone, tablet or computer.

For more tips specific to E-Banking and Mobile Banking, please visit our page “Security tips for E-Banking and Mobile Banking”Click here to access the page “Security tips for E-Banking and Mobile Banking. You can find an overview of cybersecurity for banking on the following page: “Simply secure: UBS Digital Banking”Click here to access the page “Simply secure: UBS Digital Banking.

It is worth making sure you understand the risks – because only those who know the dangers that lurk can protect themselves and their assets from attack. How well protected are you from phishing or other cyberattacks? Take the UBS Security CheckClick here to start the cybersecurity test and receive a personalized evaluation.