How to protect personal data

Введение

Unfortunately, personal data breaches happen regularly. Personal data attract scammers who are constantly coming up with new ways to use data for profit.

From this material, you will learn how to secure information about yourself and not become a victim of cyber criminals.


The source of information is a training site Fingramota.kz, implemented by the Agency of the Republic of Kazakhstan for Financial Market Regulation and Development order to increase financial literacy of the population.

How personal data gets online

Sometimes scammers manage to get personal data by hacking, for example, trading companies, service centers, even hotels and carriers. Their web-resources are protected much worse than bank ones. Moreover, even by hacking a social media account or e-mail, it is possible to learn a lot about both a person and his/her acquaintances.

Some consumers enter their data, phone numbers and card details on the pages of fake contests, lotteries and surveys or on the websites of financial organizations, stores and other companies.

Scammers can use a specialized software to forge documents and simulate various notifications. If your information somehow got into the hands of scammers, they can make a fake letter, for example, from a tax authority or prosecutor's office, send it to you by e-mail or via messengers and afterwards a scammer will personally call, threaten, blackmail and offer to "negotiate in an amicable way".

Security guidelines for personal data protection

Simple rules that are important to follow will help protect your data:

  • Do not write the PIN code on the card and do not share it with others, do not enter it anywhere except ATMs and POS terminals;
  • Do not tell anyone the full details of your card and do not post photos of it on the network, do not send it to friends and family in messengers;
  • Never voice or send your personal data to strangers, including copies of identity documents.;
  • Do not publish your personal and bank details on the Internet, do not lose sight of your card when making payments in a cafe/restaurant;
  • Refrain from participating in dubious online contests and lotteries in which you need to enter personal information, full card details;
  • If you are going to make an online purchase, make sure that the site really belongs to an online store and carefully check the spelling of the site in the address bar, it should start with HTTPS and a closed lock symbol;
  • Get a separate card designed only for online purchases. Top it up only immediately before making a purchase;
  • Connect the SMS/Push notification service to receive transaction data on your cards promptly;
  • Carefully read the contents of SMS/Push notifications, if you receive a message about an operation that you did not perform, do not enter the password and promptly call the bank;
  • Never enter a password to cancel or cancel transactions – such requests are generated only by scammers;
  • Turn on the 3D-Secure (VISA) or SecureCode (MasterCard) function for your payment card, find out from your bank how this can be done.

If there was a data breach

Thus, personal data that is available in public domain is not enough to seriously harm a person and his/her wallet. However, it helps scammers who use social engineering techniques to mislead a person and try to lure a missing parts of information.

It is widely known that scammers introduce themselves as bank employees in order to get the bank accounts/cards details. In this case, information available on the Internet helps scammers. As when a person calls you by name, knows your date of birth or national ID number, this makes to trust a caller.

It should be reminded that bank employees never call a client without prior actions from the part of a client, so it is better to stop dialogues about confirming or clarifying something right away.

However, scammers can use other methods. If a scammer knows your card number and e-mail, you can get an e-mail stating the following:"The compensation has been sent to your card No.__. Follow the link and enter the code from SMS to get it." By doing it, you will simply open access to your money.

The scammers give various pretenses. But one thing is certain, without your assistance, no scammer will be able to get to your account. According to statistics, more than 95% of all bank card scams occur when users, being under psychological pressure, disclose missing information to attackers: SMS codes, CVV codes and card expiration date, code word and passwords from a personal account. Thus, people lose their savings due to their own trustfulness, and not because their accounts were under attack by hackers.

Remember, if a client has provided secret information to scammers or third parties transfer money to other people's accounts with his/her assistance, banks will not compensate for losses.