European Cybersecurity Month: phishing, smishing or vishing
For the sixth year in a row, the European Commission and the European Union Agency for Network and Information Security (ENISA) are calling October "European Cybersecurity Month" in order to promote cybersecurity across the EU. The goal is to raise awareness of cybersecurity, identify and change unsafe behavior and provide users resources to learn how to protect themselves online.
A number of different materials were prepared under this framework. Their simple advice will help protect personal, financial and professional data, preventing cybercriminals from accomplishing their goals. The campaign was created by Europol’s European Cybercrime Centre (EC3), the European Banking Federation (EBF), the Spanish Banking Association (AEB), the National Police, the Civil Guard and other public and private partners.
From October 17th - 23rd, the campaign will offer simple tools and tricks to avoid falling victim to scams such as:
- Sending personal data, fraudulently requested by email (phishing), text message (smishing) or a phone call (vishing).
1. Phishing: This consists of sending of an email in which the identity is replaced, in most cases of a well-known organization, and through which the user's data (address, bank details, passwords, etc.) is requested. For the user to provide such data, in most cases, it is necessary to follow a link that appears in the email and once on that false page, enter the requested information.
2. Its name might not be very well known, but according to Interpol, smishing is undoubtedly one of the most commonly practiced forms of cyber delinquency used to steal data from smartphone users. It is a form of “phishing – an identity theft technique – but performed over messaging systems like SMS, WhatsApp, and private messages in social media platforms.
3. Vishing or fraud over telephony: In this kind of fraud, the victim receives an email from an apparently legitimate entity. The email contains a free support telephone number. A recording asks for credit card details and pin codes. Another approach the fraudsters use is to send a text message notifying the customer that their bank has debited a certain amount of money from their account, and they provide a telephone number the customer should call. The victim calls and provides bank details as requested by the recorded message that answers. The fraudster thus obtains the information needed to carry out scams.