1 Data Breach Investigation Report, Verizon, 2020
2 Attacks from All Angles Report, Trend Micro, 2021
3 Cybersecurity Ventures, 2021
4 RoundRobin, 2020
Stay safe while on the Internet
Internet fraud is becoming a more and more frequent threat – find out what methods scammers use, how to defend yourself against them and what to do if you are a victim of cybercrime?
Stay alert
One of the most common hacker techniques is sending a fake email or SMS (often impersonating a well-known company) that urges the recipient to click a specific link or open an attachment. Always check the sender’s address carefully for typos and never log in to your brokerage account using a link from such a message. Type the address directly into your browser instead. If you have any doubts, call your broker’s hotline to verify whether the message is genuine.
Victims of fraud often receive an email or SMS claiming that their subscription will expire or their account will be deactivated unless they confirm their credit card details. The hyperlink in such a message leads to a fake website imitating the original service provider and the stolen card data is then used to commit further crimes.
Be cautious
Never share your login, password or device with anyone. Use password managers that generate strong, hard-to-crack passwords. Enable two-factor authentication (2FA) wherever possible and avoid using the same password for multiple websites or accounts.
Stay informed
Continuously expand your knowledge of the latest methods used by cybercriminals. They’re also learning and inventing ever more clever and sophisticated scams. To avoid being caught off guard, follow current research and recommendations published by cybersecurity companies.
Be independent
Do not log in to your brokerage account using publicly accessible or someone else’s device – for example, computers in internet cafés or hotels. You can never be sure whether such devices are free from spyware that could give fraudsters access to your accounts.
Stay up to date
Remember to keep your smartphone and computer software up to date and always use antivirus programs. This way, you can be sure that your devices are properly protected against cyberattacks.
0%1
of breaches in 2020 were financially motivated
0%2
year-on-year increase in ransomware attacks in the banking industry in 2021
0trln USD3
total damage caused by cyberattacks in 2021
0%4
of targeted cyberattacks start with an email
The most common types of online fraud
Vishing (Voice Phishing)
A method where scammers impersonate companies (e.g., investment firms, service providers or financial institutions) – and sometimes even the police or other authorities – over the phone. By exploiting well-known brands or the authority of public institutions, they call victims and try during the conversation to trick them into revealing access data such as account logins and passwords or payment card details. They also frequently attempt to obtain personal data under the pretext of additional authorization, data updates or a system failure.
Remember!
Never give out any passwords – including those for your brokerage or bank accounts – during a phone call! And do not install any apps or browser plug-ins that the caller asks you to install.
Phishing
Scammers using this method create fake websites and e-mail messages (very often deceptively resembling real ones), including banks, financial institutions and investment companies. They use the logos of a given organization or institution, and carefully copy the appearance of a given page, its style and layout Under the pretext of authorization, data update, transfer confirmation or topping up funds, they create the necessity to log in to a given fake page, thus taking over logins and passwords to real institutions.
Remember!
Never log in to your investment account by clicking on the link in the e-mail or text message. Always look up your broker’s website address manually in the browser search bar.
Smishing (SMS Phishing)
Cybercriminals using this method send text messages claiming, for example, that a new transaction has been made on your account and needs to be confirmed via a link – which actually leads to a fake website. By entering your login and password there, scammers gain access to your real accounts.
To steal such information, fraudsters often invent other reasons, such as “service deactivation” or “account closure”. They may also impersonate government offices or public institutions, sending fake SMS messages about things like medical examinations.
Remember!
The sender’s name in an SMS can be easily faked. Always be suspicious of such messages and never click on links sent via text message.
