Table of Contents
The internet is a wonderful place, full of information, entertainment, research, but it can also be a dark place, rich in viruses, malware, fraudulent pages, and just like anything related to technology, these threats are changing, adapting, and improving all of the time, so it is important we are aware of threats, and, hopefully, avoid becoming the latest in a long list of victims.
Making sure we have a good, and up-to-date, virus package is crucial, but the safe use of devices with an internet connection is not limited to protecting yourself with antivirus software, we must also learn to identify certain tricks that proliferate on the Internet, always with the intention of taking over our personal data, our money, or both at the same time.
Hackers are constantly updating their attacks with the goal of achieving greater success. In Spain, the Internet User Security Office (OSI) regularly notifies every one of the latest threats that lie in wait for us, here are just some of the most recent.
Phishing (pronounced: fishing) is amongst the most common activities criminals use to try to steal money, or your identity, by getting you to reveal personal information — such as credit card numbers, bank information, or passwords — on websites that pretend to be legitimate. There are however other variations of this scam.
Vishing
What is Vishing?
Vishing, or “voice phishing”, is similar to phishing, in that the objective is to obtain personal details or bank details, but in this case, the contact is carried out over the telephone, using a real voice, deceiving the victim by impersonating a trusted third party.
Scammers call the victim posing as a recognised entity or organisation and persuade them to reveal private information.
What kind of messages do they send?
There are numerous different ways that this fraud is carried out, such as a person claiming to be an employee of your bank, who calls you claiming someone has made a suspicious charge to your card and they need to verify some information.
Sometimes, they call pretending to be from a retail outlet, such as a supermarket, to ask you to carry out a survey and they will reward you with a gift voucher, for which they ask for your card details to make the deposit.
What should you do against vishing?
Hang up the call and do not offer any information over the phone. Your real bank wouldn’t ask for them. If you have any doubts, contact the entity yourself, using contact details you already have, never details given to you by the caller to encourage you to check.
Smishing
What is Smishing?
In this variant of phishing, cybercriminals use text messages to mobile phones, the famous SMS, which is where the SM in smishing comes from, to send us an alarming message that encourages us to call a special rate number or access a link.
What kind of messages do they send?
They may notify us that our bank account has been blocked and, if we want to reactivate it, we have to click on a link that takes us to a web page similar to that of the bank.
Another common fraud is that the message tells you that the post office of courier company has a package has been retained at customs and we have to pay the fees on the linked website.
What should you do?
Be wary of this type of message and, if you think there is a real problem, call your bank or courier directly to verify it, again, using contact details that you already have.
Asking for money by WhatsApp
What does it consist of?
An unknown number sends a WhatsApp message to us, and despite the number being unknown, the message claims to be from a relative or friend who has had an emergency, often claiming that they have lost their original phone to justify the use of the unknown number.
What kind of messages do they send?
Your son or a good friend has lost his phone and urgently needs money.
What should you do?
Be suspicious of this kind of message. If it sounds plausible to you, it is best to call your contact, the person who is in trouble, and check that the story is true.
Social engineering
What does it consist of?
Digital thieves contact us through social networks and use a story to make us provide them with our data.
What kind of messages do they send?
A fake Instagram account notifies us that we have won a giveaway (in which we may have participated through a real account).
They tag us on Facebook so that we can participate in a survey in exchange for a gift for which we only have to pay the postage (they only want our data, the prize will never arrive).
A WhatsApp message links us to a draw for 5,000 flights if we answer a survey and then forward the message to a few contacts.
What should you do?
Do not cheerfully hand over your data to the first person who asks for it, even if it is on social networks and pretends to be a contact or company you know. If you have participated in an official raffle, always check who the sender of the message is and that the account that has contacted you is the authentic one.