Fraudsters online fish for data of citizens and companies alike: how to not get hooked?

Rytis Rainys

The victims usually give their data away themselves, although theft also happens

When sending emails, cybercriminals usually send content that psychologically affects their victims to willingly reveal their personal date, such as their login information for e-banking or credit card information. The other commonly used tactic – to infect the email receiver’s computer with a virus, that allows to extract personal data without the victim’s consent.

Criminals imitate even the websites of banks

Rytis Rainys, the Director of the National Center for Cybersecurity, notes that phishing emails often contain links to fake websites of banks or other relevant institutions. When the receiver opens the link, they are prompted to fill in empty fields that appear on the website with their bank account and login information – which then goes directly to the fraudster.

According to R. Rainys, the most straightforward way to protect your data is to stay vigilant and critical.

“Banks do not send emails with requests for their users to provide their user or personal information. Such emails can be immediately treated as an attempt to steal your data. Further, you should simply not respond to any suspicious email and not click on any questionable links. They can hide corrupt websites or malware, intended to extract personal data”, warns the Director of the National Center for Cybersecurity.

Cybercriminals also target businesses

In addition to individual residents, businesses of all sizes also regularly become targets of various cybercrimes.

R. Rainys explains that, in a classic example of online fraud, “cybercriminals strategically collect information about the targeted companies’ structure and leadership, their names, surnames, and other information. Then, pretending to be these managers or CEOs, they send emails to the company’s accountants and request them to transfer some of the company’s funds to a specified account”.

Very recently, such attempts to commit cybercrime were observed in Vilnius and Kaunas. The targeted companies managed to avoid any damage because of the vigilance of their accountants, who did not believe in the authenticity of such emails.

5 clues that suggest you might be targeted by cybercriminals

Fortunately, critically evaluating every incoming email can help avoid falling victim to most attacks by online fraudsters. Below is the list of five most common traits of phishing emails:

1. Too good to be true. Cybercriminals use extremely appealing offers to capture their targets’ attention. Usually, these emails tell the target that they won a new phone or a vast sum of money in some lottery and ask the target to provide their personal information in order to supposedly reclaim the prize.

2. Extraordinary rush. Another beloved tactic cybercriminals use is to create a false sense of urgency for their target to provide their information. For example, they urge to reply to the announcement of winning a lottery immediately, saying that the offer is about to expire; alternatively, they may ask to renew your personal data claiming that otherwise the user will be locked out of their e-banking system or other accounts.

3. Unclear links. In their emails, data thieves usually send links that imitate well-known websites. To determine if the link is valid, read the internet link attentively – often the difference is just one letter or symbol. For example, links to all bank website begin with https, while fraudulent websites – with http (that is, they drop the “s”). Further, often fake domains have nothing in common with the bank’s title – such as brr.bayarit.gob.mx.

4. Attached documents. Emails used for cyberattacks often include attachments containing malware or direct you to download documents with malware. If opened, such documents immediately install malware to the user’s computer, which is then used to extract personal data.

5. Unusual sender. If you receive an email from an unrecognizable sender or a familiar sender but under unexpected circumstances or with unusual requests, do not react to it or check the information provided in the email through other channels (for example, by calling the sender). Data thieves might imitate your friends and colleagues and, pretending that they are in some sort of financial trouble, ask for you to transfer money to their account.

You may like