Online

Cyber-crimes on the rise. How to avoid being a victim of a phishing attack

Mihai-Alexandru Cristea 10/04/2020 | 17:43

As the number of cyber-crimes has been seeing a dramatic increase in recent weeks, hackers taking advantage of the Coronavirus pandemic to lure unsuspecting victims, Romanian cyber-security company Safetech Innovations decided to release a step-by-step guide on how to detect fraudulent e-mails and avoid becoming the victim of a phishing attack (info-graphic included at the end of this article).

 

Phishing attacks are used very often by hackers, either to obtain personal data or to spread malware. In general, phishing attacks include sending emails that seem to come from known acquaintances, or from trusted institutions. The topics of these types of emails generally raise the recipient’s interest and invite him or her to open the email, read it, click on the attachment or a link and even fill in a personal data in a specially developed form.

The current context of COVID-19 outbreak has been used by the hackers in order to spread phishing attacks as a significant number of attempts has been recorded in March 2020. Researchers at Barracuda Networks, who provide network security to 220,000 global corporate customers, reported that the volume of coronavirus-related email attacks spiked by 667% since February 2020, reaching more than 9,000 incidents in March alone. More specifically, between 1st and 23rd of March, Barracuda detected 467,825 spear-phishing email attacks around the world, and 9,116 of those were related to COVID-19.

On April 6th, the Romanian Police has announced on its Facebook page that there has been a phishing attempt where hackers are sending fraudulent emails on behalf of the police, warning the citizens not to open the attachment to the email.

Despite the significant increase, the phishing attacks via email are relatively easy to be spotted if the user is paying attention. In order to avoid being the victim of a phishing attack, the Internet users should follow the following simple steps:

  1. Identification of the sender. On a mobile phone, the information is truncated, generally only a part of the sender’s address, or its associated description is visible. Therefore, it is recommended that suspicious messages be opened on a desktop or laptop, where more information can be obtained. If already at this moment we spot that the message is not something we have ever subscribed to and it also looks like spam, it is recommended to delete the message.
  2. Verifying the email address from which the message was sent. One thing that can draw attention is that often such email addresses have randomly generated names. Also, the urgency with which a form is required, as well as the information promised after filling it, can attract suspicion.
  3. Verification of URL. If you go further and press the button in the email, you can reach generally reach a web form, where your personal data is requested. Particular attention should be paid to the URL in the browser, which may provide additional information about the entity collecting the data.
  4. Do not fill in any form without verifying authenticity of the website. Once the fields in the online form are completed, the information provided is collected and can be used for various purposes. For example, the password entered by a person in the registration form can also be then used on different personal accounts, with hacker trying to access different accounts with the same password or variations of it. Often information collected in such manner is sold on the market on the so-called “dark web”.

In the context of COVID-19 pandemic, some online websites which are giving at the disposal the web forms to fill in the Declarația pe propria răspundere, necessary for any movement, can also be phishing attempts. In this case, the malicious URL reaches potential victims not the email, but through the social networks. The data collected by the respective websites can be used for various purposes, such as performing hacking activities on behalf of the person who completed the form, or identifying the time intervals when a person is not in his / her home, in order to organize a theft at that address. In this particular case, it is recommended to only use the declaration from the websites of state institutions, a statement that can be downloaded, printed and filled in manually, without the personal information being transmitted over the Internet.

 

Tags: , , ,
Featured article
Circularity in Action, the road Romania must take to become sustainable
Sustainability

Circularity in Action, the road Romania must take to become sustainable

Latest Issue
4/2024
Current issue

Issue 4/2024

view archive »
Related
What Are The Data Protection Laws in Europe?
Legal

What Are The Data Protection Laws in Europe?

BR Magazine | Latest Issue
Magazine

Download PDF: Business Review Magazine April 2024 Issue

The April 2024 issue of Business Review Magazine is now available in digital format, featuring the main cover story titled “Caring for People and for the Planet”. To download the magazine in
Mihai-Alexandru Cristea | 12/04/2024 | 17:28
Download PDF: Business Review Magazine April 2024 Issue
Editor’s picks
Raionul de Pește Floreasca relaunches the Chef Table concept
Restaurants

Raionul de Pește Floreasca relaunches the Chef Table concept

One United Properties’ shareholders approve payment of a dividend of €15.2 million
Residential

One United Properties’ shareholders approve payment of a dividend of €15.2 million

Restart Energy has completed a solar power plant for Romtextil worth more than half a million euros
Green & Renewables

Restart Energy has completed a solar power plant for Romtextil worth more than half a million euros

Advertisement Advertisement
Close ×

We use cookies for keeping our website reliable and secure, personalising content and ads, providing social media features and to analyse how our website is used.

Accept & continue