This communication is for informational purposes only and is not intended to constitute, and should not be construed as, investment advice, investment recommendations or investment research. You should seek advice from a professional adviser before embarking on any financial planning activity. Whilst every effort has been made to ensure the information contained in this communication is correct, it is subject to change and we are not responsible for any errors or omissions.
Did you know that nearly 50% of UK businesses experienced a cyberattack in 2024? This totaled to 7.78 million attacks leading to an average cost of £3,230.13.
Individuals are not immune either. Nearly 500 potential threats are spotted every second, and expats can be particularly at risk due to feeling vulnerable in a new country and unfamiliar with social norms and practices.
In this guide, our team here at Scottsdale offers some ideas to help expats protect themselves from cybercrime in 2025.
What is cybercrime?
The internet has unlocked a world of interconnectedness and opportunities for people all over the world. However, it has also opened the door to malicious actors who use technology to commit fraud, identity theft and scams – i.e. cybercrime.
A cybercriminal will target a computer, a computer network or a networked device (e.g. a tablet or smartphone) to try and make money illegitimately.
For instance, they might target a business by attempting to breach the company’s accounts. Or, they may try to steal someone’s life savings by convincing them to move it to a fake pension.
Types of cybercrime
Ransomware continues to be the biggest threat to expats and other individuals from cybercrime. This tactic typically involves hacking into someone’s device, installing malicious software to shut the device down (or block access), and then demanding a ransom from the owner.
Other threats include:
- Hacking, such as breaking into someone’s social media account(s).
- Phishing – e.g. fake emails with links to websites that attempt to capture login data.
- DDOS (distributed denial of service), which attempts to overwhelm a website with abnormal traffic – rendering it inaccessible.
At their core, cyber criminals want to exploit vulnerabilities in human beings or security barriers, typically with a profit motive.
As such, the best defence is for expats to educate themselves about common attack types, the mistakes people make that increase their vulnerability, and how to avoid them.
Common cyberattacks
To help protect yourself from cybercrime, it may help to look back on 2024 and highlight some prominent case studies.
Earlier in the year, a major tech supplier to the UK government suffered a serious breach when attackers gained access to sensitive payroll data. 272,000 former and current British military personnel were affected. The contractor did not report the breach for months.
Another prominent incident involved The Billericay School, where a cyberattack exposed the addresses of pupils and highlighted the vulnerability of the education and childcare sector (347 cyber incidents were reported in 2023).
Even a prominent financial institution was targeted in January despite employing 62,000 technologists and spending $15bn a year on tech. In short, even security experts are not fully immune from the threat of cybercrime.
Ways to protect yourself
Whilst cyber defences will not make you invulnerable to online crime, they do lower the risks significantly. Here are some best practices for protection recommended by experts:
- Use strong passwords. Many people fail to change their passwords frequently and use the same one across multiple accounts. Rather, consider using longer passwords with lower/upper-case variance and special characters. Use different ones for different logins so that not all of your accounts are exposed if one of them is broken into.
- Use 2FA (2-factor authentication). If a cybercriminal somehow manages to crack your username and password, 2FA will act as a barrier to stop them from logging in without someone approving the attempt on your physical device.
- Monitor your finances. Keep an eye on your bank accounts and consider setting up an alert system to notify you of any suspicious activity.
- Practice email safety. If you receive an email, SMS or online message with a link, think about whether you can access the information manually (e.g. by typing your provider’s URL directly into your browser). Links may not direct you to the expected landing page. In worst cases, clicking on them can lead someone to a fraudulent website, which might pose as their bank or another trusted financial service to try and steal login information.
- Practice internet safety. Be careful about connecting to public WiFi, especially if it is an “open” network. Consider relying on your mobile data instead. You could also invest in a trusted VPN (virtual private network), which establishes a secure connection between you and the internet. Make sure to look out for the green “padlock” symbol in the prefix of a website’s address when visiting (or the “https” prefix), which shows that the website encrypts the data transmitted between you.
We hope this information helps you with your cybersecurity as an expat. If you’d like to make sure you’re taking the right steps to safeguard your financial future, please get in touch.