Phishing. Avoid falling for fraud online

Protect your money: how to avoid falling for fraud online

Nowadays we use Internet more and more often for communication, entertainment and, of course, for banking transactions. It’s convenient, fast, but unfortunately, where there is money, there are fraudsters. One of the most common scams online is phishing. This article may help you understand its meaning, how it works, and most importantly – protect yourself and your money.

What is phishing?

Imagine how regular fishing works. A fisher throws a fishing line with bait into the water to catch some fish. Online fraudsters do something very similar but instead of fish they are trying to “catch” your personal data: logins, passwords, card number, PIN-codes and other confidential information. The reason it’s called “phishing” is because it’s similar to the word “fishing”.

Fraudsters are amazing psychologists. They create messages and websites of your bank or popular online stores that look exactly like the original. They are trying to make you panic, rush or tempt you with a special offer so that you input your data without a second thought.

Main types of phishing: how fraudsters operate

Fraudsters can “throw their fishing line” in different ways. It is important to know the main schemes in order to recognize the danger immediately.

• Emails
  • Fraud scheme: Create a sense of urgency or fear. You receive a letter with a threat: “Your account is blocked!” or “Confirm login into the account!” to make you act immediately without thinking.
  • Potential losses: Money from your card, access to online-banking, passwords to your social media and email.
• Messages sent via messengers (Viber, Telegram, WhatsApp)
  • Fraud scheme: Use your trust in popular brands or friends. Fraudsters send messages about fake promotions in the supermarkets or start a conversation using the hacked account of your acquaintance asking to borrow money.
  • Potential losses: Money, personal information. You also risk to unwillingly install a malicious app at a fraudster’s request to follow the attached link.
• SMS-phishing (smishing)
  • Fraud scheme: Play on the curiosity or desire to make easy money. A message about winning the lottery or money transaction encourages to follow the link. Always ask yourself “Did I actually participate in any kind of lottery?”. If not, then obviously you would not be able to win something.
  • Potential losses: Money from your bank account, confidential information.
• Phone phishing (vishing) and deepfakes
  • Fraud scheme: Inspire trust by using the identity of authority (a call from the “bank employee”) and catch off guard. Fraudsters play on your emotions by using the new technology to create deepfakes – a fake voice of a close one who is begging for help may make you lose your guard.
  • Potential losses: Absolute control over your bank account and all the money placed there.
• Spear phishing (“whaling”)
  • Fraud scheme: Use your real data against you. Fraudsters analyze your social media, learn the name of your supervisor or a friend and create a very believable personalized message.
  • Potential losses: A lot of money, corporate secrets, personal data.

How to ensure your safety: simple security measures

• Never follow suspicious links. If you received a letter or an SMS requesting to immediately do something, do not rush doing it. It is better to type the URL of your bank manually or call their hotline (you can find the phone number on the back of your card).
• Carefully check the website URL. Fraudulent websites usually have small mistakes in their URL. For example, 0lx instead of olx. A secure URL should start with https:// and has a padlock.
• Never share your personal data with anyone. It is important to remember that a real bank employee never asks your PIN-code, CVV code (three numbers on the back of your card), passwords to your online banking or codes sent via SMS. This information should remain with you.
• Always verify unexpected requests. If a “relative” calls you asking to borrow money, call them yourself. If your “supervisor” texts you, it is better to contact them using a different way (call them or personally talk to them).
• Agree on a “password” with the people close to you. It’s a very simple yet effective rule. Come up with a secret word that only your close ones and you know. If someone calls you with an urgent request and cannot name this word, it’s a fraudster.

Conclusions

Phishing is a serious security threat, yet you shouldn’t panic. Your vigilance and discretion are the most reliable defense. Always keep in mind simple safety rules, do not trust unexpected messages and never rush when it comes to your finances. It’s better to take a minute for verification, rather than be sorry after losing money. Take care of yourself and your data!