Let’s Be Careful Out There

I’m going to ask you to text me your mobile number at the end of this security blog. It’s important. So if you don’t have time to read it in full now, please drop to the bottom now to find the number to text me on.

Isn’t the internet wonderful?

I had “Let’s be careful out there” in my head as the perfect title for this next blog, but couldn’t remember exactly where I had heard it before. So I decided to “Google it”. Except I don’t use Google any more so I Duck Duck Go’ed it.

Duck Duck Go isn’t as common nor as catchy as “Google” I admit, but they don’t keep my search data. I just wasn’t happy with the way Google harvested my data and sold it on. I never expected the world’s best search engine to be free and would have been happy to pay for the service, but instead they just keep all my data and so know more about my buying habits than I do. A quick search for timber decking would generate adverts on other websites for weeks later. Since I changed my search engine to Duck Duck Go, I’m much happier. You should change too.

Where was I, Oh yes

“Let’s be careful out there”

Perhaps you remembered it. Just one point if you said it was from Hill Street Blues and a full three points if you correctly said it was stressed every week by Sgt. Phil Esterhaus at the briefings. Here’s a reminder.


Apart from Sgt. Phil Esterhaus’s great strap line, I don’t remember much about the show. But I do recall I loved the theme tune. There are a further 10 points on offer if you can hum it.

So I decided to download the track from iTunes and found “The Ultimate Police Show Theme Music” to have a listen. The album had a few blasts from the past and is a perfect aide-memoire if you ever expect to find yourself in a pub quiz soon.

Let’s Get Serious

All the above actually happened as I started to write this blog on financial security. You too could have clicked on all of the above links, like I did. All three links take less than a couple of minutes. We take this opportunity for research/nostalgia as granted these days. If you clicked on any of the above links it’s because you had a little time and of course because you trusted my blog.

But what if I had not sent this? Instead I’m a scammer from Nigeria who has just imitated me and sent you off to a website which has now downloaded something nasty onto your machine without you knowing it.

We all need to be sensitive to the risks and always look before we leap. Here’s what I have learned to do over decades using the internet everyday as a business tool. I’m sure many of you know these tips but it’s good to be reminded.

No. 1 It’s a Lot Less Bother if you Hover

Before you click on an email link, just place your cursor over that link. You can see where it’s going to send you. If you expected hjscott.co.uk then make sure it says that on the link. Simple to do and can save so much stress later

No. 2 Trust Nobody

Certainly not any link you receive in an email or “clickbait” that you see on many websites. Certain institutions never email you. HMRC (The Tax Man) never, never, never emails you. Certainly not inviting you to “click here” to claim a tax refund that you are owed. Seriously? This scam is very widespread and has caught out a client or two recently. We expect the taxman to get things wrong and to owe us money, but we shouldn’t expect him to prompt us to claim our refund. The longer he hangs on to it the better it is for the cash-strapped UK Government. Once the clients had clicked the refund links, it brought in a Trojan horse and a blackmail request. (Another link to Wikipedia to explain just what a Trojan horse virus is. Click it only if you trust me 😉)

If you receive an email from HMRC, any bank or any financial institution – ignore it. If it’s important they each have your address and will write to you. Never click on the email, instead if you are curious and have internet banking or the Government Gateway then log in through their app or on their secure website that you always use. Lesley regularly is invited to check her Paypal balance via email. The trouble is she has never had an account. I do have a Paypal account but I never click on a link in an email to access it.

No. 3 Strong Passwords only.

I know, how frustrating are passwords? Personally I never forget them, it’s those websites that somehow change them when my back is turned. 😬

Remembering passwords is difficult so we do daft things like write them down, or save them on our computer in a file called “Passwords”. No one would think to look there!

Worse still we find one we can remember and use it absolutely everywhere. I used to have a password of H0w4rd and used it everywhere from the Taxman to on-line pizza orders! When I checked, I had 40 websites with the exact same password. All it would have taken would have been one un-encryted website to get hacked and lose the data and the hacker would hold the keys to my kingdom. On reflection it wasn’t very bright I know. I hope I’m not making you feel uncomfortable now?

Start to use a password tool like Apple’s Keychain that creates a new password at random and encrypts it into you browser. An on-line thief needs your phone with your PIN, your finger or your face to get at them. If you need some help with secure passwords, then please give us a call.

No. 4 There is No Such Thing as a Free Lunch

Free wifi comes at a cost. Usually for me that used to be a latte and a blueberry muffin. However free wifi is usually un-crypted. By this I mean the signal from our smartphone travels above the other customers head in a form that is perfectly legible. Visualise it as streams of words leaving our phones and disappearing into the free wifi receiver. These streams are open to the dodgy guy in the corner of the coffee shop glued to his laptop screen. He might as well have the full spinning roof rack like the old BBC TV detector vans had. Quietly sat there collecting assorts until – bingo. He catches someone logging in to check their bank balance.

Better to go online and use your mobile 4G connection. Data is cheap now anyway. Unlimited data starts at around £20 per month and is basically encrypted from the moment it leaves your phone. Don’t get me wrong, with the correct tools even 4G isn’t safe, but I think those sorts of tools are preserved for governments.

No. 5 Delete old emails

What if a scammer grabbed your emails? How many would he get? For one client it was every email she had sent or received for almost a decade. We keep everything! We shouldn’t, we should delete old personal information. It’s probably of no use to us but it’s of enormous use to them. We received an email request for a £30,000 withdrawal from “the client” using the “clients words”. The scammer had copied the clients inbox and then looked back over time. They found a similar request in saved items a year before to pay a tax bill and copied it. We didn’t send it as we always speak to any client who requests a withdrawal first. But it brought home the fact that we are not immune from scams.

What personal stuff could be stolen from your saved items if someone got their hands on your email account?

No. 6 Set up a new email account

Why not set up a new email account today and use it just for us and your other financial stuff. Keep your financial affairs away from the emails you receive from friends and family. A new email account takes just a few minutes to set up these days. Lucas could help you to do this.

No.7 Upgrade your Kit

Car thieves can get in older cars with just a coat-hanger. Data thieves can extract the contents off an old PC or Laptop in seconds. Treat yourself to something modern and much more secure. We have always favoured Apple products as they have much tighter controls. I have never had a client with a virus problem on an Apple machine. Ever. That says a lot. Consider locking down your data with one of these.

The upside is you can chat to us on FaceTime too.

Security at H.J.Scott & Co.

We take your data security seriously……. It’s the line they always use when they are forced to ‘fess up and admit to the theft of 10 million names, addresses and passwords. It was Currys I think last week.

No, we actually do take your data security seriously. Without it we are out of business. We only look after 190 families and without them we have no business.

We have always taken precautions but from here on we are adding a few more.

  • We will not send you any personal information in an email. Instead we will put the sensitive parts in an attached pdf which is password protected. We will send the password to open the pdf by text message. The text message will be from 07394 786185, that’s the new office mobile which will send texts and can receive them too. Please add the number to your contacts so you know that it’s us.
  • Please do the same when you send information to us by email. If you are unsure how to put a password on a document then please give us a call.
  • We can’t text you unless we have your current mobile number. If you are not sure that we have your correct mobile number then please text it to us, or better still phone Melissa with it..

    Our website is secure. You can see the padlock next to our website address, so it’s OK to respond to us in the form below.

And hey….Let’s be careful out there.

One Reply to “Let’s Be Careful Out There”

Comments are closed.