How to protect yourself from phone scammers and cybercriminalsWhy you cannot let strangers call from your phone

How to protect yourself from scammers

Введение

Recently, fraudsters who use telephone communications and the Internet to steal or defraud victims of money and confidential information have become extremely active.

As a rule, they stimulate the victim by various methods to open access to personal data or to perform certain actions with their money account.

This article introduces common attack patterns and simple security tips.

How to protect yourself from phone scammers and cybercriminals

Below are common patterns of behavior for phone scammers and cybercriminals, as well as simple tips for protection.

Template # 1 - call "from the bank"

Fraudsters call from a random number or, using certain technologies, replace it with the real number of the Bank's Call-center.

When they call, they may introduce themselves as the bank's security service and, under various pretexts, create a sense of urgency so that you panic and do what they ask, for example, transfer money, dictate an SMS code or card details.

Examples of persuasion may be based on the fact that they allegedly recorded suspicious transactions in your bank account and now advise you to cancel them urgently or transfer money to a "safe account". To do this, they just need to dictate a password, SMS or card details.

How to protect yourself

  • The most important thing to remember: real bank employees will never under any circumstances, ask to dictate a password, SMS, PIN- code or CVV / CVC-code when calling.
  • Disable the reception of calls from hidden numbers by means of the phone (if available) or use a special service of a mobile operator, which may be paid;
  • When receiving such a "call from the bank", do not enter into dialogue and hang up. Then check your accounts either through the official mobile applications of banks, or by calling the official number of the bank Call- center in person. In no case do not call back the people who called you through the phone call log;
  • For prevention, try not to advertise or publish your phone number on the Internet, social networks and so on. This will help reduce the chance that your number will fall into the hands of intruders.

Template # 2 - a call from "loved ones" with a substitution of the number

Fraudsters use certain technologies to replace their number with the real number of someone from your loved ones and when they call, they inform you that they need a money order to solve an urgent problem.

Some may even fake their voices and pretend to be the real owner of the number.

How to protect yourself

  • Don't panic, don't rush to collect the money;
  • Try in any way to contact the persons mentioned by the scammers;
  • Contact the law enforcement immediately.

As a rule, the victims of such calls are elderly people, to whom one can easily gain confidence. Therefore, we strongly recommend conducting preventive conversations with loved ones.

Template # 3 - phishing messages (SMS or messages in social networks)

In private messages of social networks or on the phone, SMS may come from the unfamiliar numbers with a message that you can receive money, a prize or other kind of benefit.

The subject of messages can also be similar to the examples in the above templates # 1 and # 2.

This message may contain a malicious link that can be used to download a malware or spyware to your device. However, sometimes the attackers force the victim to perform other actions, for example, call back a paid number, subscribe, or give out personal information.

How to protect yourself

  • Never follow hyperlinks in the messages from the unknown numbers;
  • Do not send reply SMS and do not take the actions requested in the messages; 
  • Install antivirus on all your devices from which you access the Internet. When choosing an antivirus, you should pay attention to the popularity, rating and reviews;
  • If you received a message from the familiar contacts, then contact them yourself for clarification, because it is possible that the scammers hacked them in the social networks or used a number spoofing method.

Template # 4 - virus programs

When surfing the internet, you may come across various links or banners offering you a benefit for a click.

There is a huge risk that clicking on such links could provoke the installation of malware or spyware on your device. These programs, in turn, can intercept your personal data, passwords, payment card details.

The same danger is fraught with programs and services from unverified developers in app stores.

How to protect yourself

  • Install antivirus on all your devices from which you access the Internet. When choosing an antivirus, you should pay attention to the popularity, rating and reviews. Keep in mind that unnamed antiviruses from unverified developers themselves may contain malware;
  • Do not visit suspicious sites and do not follow hyperlinks that promise you benefits;
  • Use only official app stores, and even there, be careful, look at reviews and recommendations. Any clones of popular applications can be "infected". It is advisable to avoid applications designed to work with several services at once: always make a choice in favor of official programs. Decent developers almost always have a corresponding indicator in the form of a tick or similar mark.

Why you cannot let strangers call from your phone

Having received your phone for a while, the attacker also gains access to SMS messages from the bank.

Further, by calling the bank, he may ask to transfer funds to his account.

At the same time, the key task of the bank is to identify the user and check his intentions by means of a digital code in the form of an SMS message, which the attacker sees on your smartphone while he is at his disposal.

After transferring funds, the attacker, by deleting the message from the bank with the code and changing the amount of funds on the card, virtually completely eliminates the traces of his act.

In such a situation, the loss can be detected after a while, when the owner pays attention to his account either in his personal account, or when trying to pay off.

This situation is not in the nature of a hacker attack, but uses psychological techniques and can lead to extremely negative consequences.

In addition, if the phone has Internet access, if the smartphone temporarily falls into the hands of an attacker, it is possible to install specialized software to view confidential data (keys, passwords, etc.) and then send them to the attacker's server.

Thus, access is opened not only to confidential data, but also to the owner's personal information, which can also lead to the loss of funds.

An experienced specialist will take a few minutes to carry out such manipulations, and the owner of the phone will most likely not notice anything.

Therefore, if a stranger approached you with a request to make an emergency call:

  • do not pass the telephone into his hands,
  • dial the desired number yourself,
  • offer to talk on the speakerphone.