In today’s world, almost everyone has received an e-mail from somewhere with a suggestion on how to win a million dollars or a proposal to help begin a business. These kinds of doubtful opinions should be immediately thrown into the trash. But from time to time, e-mails can come from a serious sender whose intents and purposes, you will believe. For example, they can notify you that your cell phone operator has introduced a new tariff plan of which you are promptly made aware. You will probably open such an e-mail with an attachment, without thinking about a dirty trick – and you will infect your workstation with a virus that can steal your private information and financial data.
In the financial market, cyber fraud has received a “new life” with digital technologies’ progress. We are living in a digital society with a digital economy that simultaneously provides us with new opportunities in our professional activities and everyday lives and are significant causes of risks. These risks are often cybercrime, even though 7 out of 10 workers claim to understand the risk of cyber threats and how to protect themselves from cyber-attacks. In addition to this, two-thirds of workers at least became the victims of cybercrime once in their lives. On any day, there are 1.5 million cyber-attacks, which concludes about 18 victims per second with increasing yearly damage from cyber-crime of $110 billion.
There are two essential aspects of Cyber-Attack
- The ones against whom cyber-crime is planned such as, citizens, communal and private firms that can include financial institutes (banks, insurance corporations, several funds, exchanges, etc.)
- What are cyber-criminals stealing or destroying – money, other property, private data, etc.
The methods of committing cyber-crime are of two kinds:
- Social engineering
- Virus program
Cyber-crime through social engineering methods comes from the refusal to fulfill the routine requirements of the security of your system and the need to earn money without inconveniences. Bookkeeping software and processes can keep all the confidential information saved. Methods to commit fraud within the social engineering framework fall into two groups:
- Information-stealing from bank cards
- Data seizure from system carriers, also through the Internet
For example, you might get a text that your card is blocked, and for unblocking it, you have to call a given number. The attacker will convince you somehow and will force you to provide the passwords and PINs of the card, or maybe to even go to the ATM allegedly for unlocking it. As a result, the victim himself will transfer the money to the fraud scammers.
What to do?
It is never wise to call the phone number specified in the text message. Instead, one should only use the information written on the back of the card.
With the help of social engineering, cyber-criminals usually try finding out the details that are sufficient for transferring money from the victim’s card to the scammer’s card, such as card digits, validity period, CVV code (three numbers on the back of the card). It is essential to keep in mind that the bank representatives will never (either by telephone or through the mail) ask for full card information, the card’s passwords, or PIN-codes. Your full name and the last four digits of the card will be enough for them to consult.
Professionals specializing in the investigation and prevention of cyber-crime offer the following classification of cyber-crime:
- Internet banking systems frauds
- Fraudsters cheat by using confidential data such as login, bank card number, CVV- value, i.e., three digits on the back of the card and PIN code.
- Fraud in electronic money (through ATM or online transactions)
- A piece of code or a sequence of commands that use software vulnerabilities and are used to attack a computer system.
- Anonymization (the procedure of deleting information from the database to conceal the source of data)