We need to learn what the terms 'Phishing' and 'smishing' mean, and especially how to deal with these kinds of threats
The recent uptick in online scams is worrying, with fraudsters constantly coming up with new ways to trick unsuspecting citizens. This does not happen by chance, since according to the Eurobarometer Cyprus is the last in the EU in relation to the control of electronic content received by its citizens. As a result, many people “fall” into their nets, either losing money or putting their sensitive personal data at risk. A typical example is the recent Metamax pyramid scam. Citizens through an online bank invested their money and then converted it into cryptocurrencies. They would then purchase ad packs on the Metamax app to multiply by watching and rating videos. For every review of promotional videos of well-known luxury products such as handbags, clothes and cars, investors multiplied their cryptocurrencies. This is how the Metamax pyramid was set up, which is estimated to have over 15 thousand members in Cyprus, Greece and other countries abroad. On June 1, the platform was closed for good, causing “panic” among investors, after they lost large sums of money.
The situation with scams, whether over the phone or over the internet, has now gotten out of hand to such an extent that we are no longer just talking about phone calls from bogus doctors to the elderly, who are tricked into thinking that someone's life is in danger in order to extort money from them. We even saw investment fraud in the name of the President of the Republic, Nikos Christodoulidis, as well as the tik toker- MEP Phidias Panagiotou, on various social media, when the messages, either via simple sms or on WhatsApp-type applications, for participation in alleged investments with high profits, or for an alleged tax that citizens have to pay to receive a parcel, one could say that it is part of our daily life.
And having mentioned all this about the rapid increase of scams, the question that remains to be answered is this: How can we ordinary citizens “escape” from the hackers' nets?
In search of an answer to our question we turned to the Office of the Communications Commissioner – Digital Security Authority, we listed the most common types of fraud that exist at the moment and measures that each of us can take to avoid the worst.
< /p>
Phishing
The term “phishing” refers to fraudulent e-mail messages designed to trick recipients into providing the fraudsters with their personal and financial information or security passwords. The scammer approaches his potential victim by sending him a deceptive email message. These messages may resemble messages that banks send to their customers, copying the logo, features and style of real emails. They then ask you to download an attached file to your device or click on an electronic link. To protect ourselves from phishing, we can do the following:
• Caution with Emails and Messages: Be cautious about the emails and messages you receive, especially when they ask for personal or banking information. Check the authenticity of senders and avoid opening suspicious links or attachments.
• Safe Internet Browsing: Use safe and up-to-date browsers. Additionally, avoid accessing websites with suspicious addresses and prefer pages with an encrypted connection (HTTPS).
• Up-to-date Security Software: Install and keep up-to-date antivirus and anti-spyware software to protect your device from malware and other cyber threats.
• Change passwords regularly: If you have online accounts, you should make it a habit to change your passwords regularly to prevent an attacker from gaining unlimited access. Your accounts may have been compromised without you knowing, so adding this extra layer of protection through password switching can prevent ongoing attacks and shut out potential attackers.
• Education and Awareness: Learn about with phishing attack techniques and patterns and train yourself and your employees in safe internet practices.
• Multi-Factor Verification: Enable multi-factor verification where available for an extra layer of security.
Through phone calls (Vishing)
“Vishing” (combination of the words “Voice” and “Phishing”) is a telephone scam designed to trick the victim into revealing personal and financial information or security passwords, or transfers money to scammers. Two simple precautions each of us can take are:
• Skepticism and Caution: Be wary of phone calls asking for personal or banking information, especially if they come from unknown numbers or anonymous sources.
• Verify Sources: Before disclosing any information, confirm the caller's identity through independent official communication channels, such as official websites or customer service hotlines.
Smishing< /p>
The term “smishing” (a combination of the words “SMS” and “Phishing”) refers to the attempt by fraudsters to obtain personal and financial information or security codes via SMS messages. The text message will usually ask you to click a link or call a phone number in order to verify, update or reactivate your account. But…the email link goes to a fake website and the phone number goes to the scammer who claims to represent the legitimate business. To protect against smishing, the following measures are recommended:
• Caution with SMS Messages: Be wary of unexpected SMS or mobile messages, especially if they ask for personal or banking information. Avoid responding to or clicking on suspicious links.
• Sender Verification: Check the authenticity of messages by directly contacting the company or organization that allegedly sent them, using official contact information.
Through malware ( ransomware)
Ransomware is a type of malware that encrypts files on a computer or network, locking them, and then requires the victim to pay a ransom to decrypt them. These attacks can cause significant disruption and data loss, and often target businesses and government organizations. To protect against ransomware, the following measures are recommended:
• Backups: Make regular backups of important data and store them in a safe place, offline, to prevent malicious access software.
• Systems Update & Software: Keep operating systems and all software up-to-date to ensure any security vulnerabilities are patched in a timely manner.
• Up-to-date Security Software: Install and maintain up-to-date antivirus and anti-spyware software to protect your device from malware and other cyberthreats.
• Beware of Emails: Many ransomware attacks start with seemingly innocent emails that contain malicious links or attachments. Don't open emails or attachments from unknown senders, and it's important to be wary even of emails that appear to be from known contacts.