1 Data Breach Investigation Report, Verizon, 2020
2 Attacks from All Angles Report, Trend Micro, 2021
3 Cybersecurity Ventures, 2021
4 RoundRobin, 2020
Stay safe while on the Internet
Internet fraud is becoming a more and more frequent threat – find out what methods scammers use, how to defend yourself against them and what to do if you are a victim of cybercrime?
Be watchful
One of the most common methods of hacking attacks is sending a fake (very often impersonating a given company) e-mail, prompting you to click on a specific link or open an attachment. Therefore, always check the sender’s address for typos and never log in to your broker account from the link provided in the e-mail. Always enter the address in your browser manually. If you have doubts, call your broker hotline to determine if the email is actually from them.
The example of such an attack was the situation of impersonating PayPal, where there was the e-mail telling the victim that their account has been compromised and will be deactivated unless they confirm their credit card details. The link in the phishing email takes the victim to a fake PayPal website and the stolen credit card information is used to commit further crimes.
Be careful
Do not share your login, password or device with third parties; use password managers that generate strong, hard-to-break passwords; enable two-factor authentication wherever possible; do not use the same password for accounts on different websites and portals.
Be aware
Constantly deepen your knowledge about the current methods and methods used by cybercriminals. Keep up to date with research and recommendations released by cybersecurity companies.
Be indepentdent
Do not log into your brokerage account through publicly available or someone else’s devices, such as computers in internet cafes or hotels. You can never be sure that there is no spyware on them that will give scammers access to your accounts
Stay up to date
Remember to update your devices and software on your smartphone and computer, and use anti-virus software. This way you can be sure that you are properly protected against attacks
0%1
of breaches in 2020 were financially motivated
0%2
year-on-year increase in ransomware attacks in the banking industry in 2021
0trln USD3
total damage caused by cyberattacks in 2021
0%4
of targeted cyberattacks start with an email
The most common types of online fraud
Vishing
This method consists in the fraudulent telephone impersonation of given companies, eg. investment or financial ones, as well as the police and other public services. Fraudsters, using well-known and popular brands or the authority of public institutions, call their victims and try to extort various types of access data, such as login and password for an account, or payment card details during a telephone conversation. In addition, they very often try to extort personal data on the pretext of additional authorization, data update or system failure.
Remember!
Never give out your account passwords during a phone call and do not install any applications that your caller urges you to!
Phishing
Scammers using this method create fake websites and e-mail messages (very often deceptively resembling real ones), including banks, financial institutions and investment companies. They use the logos of a given organization or institution, and carefully copy the appearance of a given page, its style and layout Under the pretext of authorization, data update, transfer confirmation or topping up funds, they create the necessity to log in to a given fake page, thus taking over logins and passwords to real institutions.
Remember!
Never log in to your investment account by clicking on the link in the e-mail or text message. Always look up your broker’s website address manually in the browser search bar.
Smishing
Cyber criminals using this method send text messages, in which they inform, eg about a new transaction on the account and the need to confirm it in a given link leading to a fake website. When you enter your login and password there, they gain access to your real accounts. In addition, in order to obtain data, criminals impersonate state institutions by sending false text messages informing about certain threats or medical examinations. There are known cases of attackers claiming to be the IRS and threatening recipients with arrest.
Remember!
The sender of a certain text message is very easy to counterfeit, so be suspicious of the content of any such message and never click on links sent that was sent to you this way.
