Saturday , July 2 2022

What are the most common scams on the web and what to do to avoid falling to the trap – 12/21/2018


E-mail with a bank sender and the subject that warns that the account has been blocked. Inside a message that looks like the bank and asks you to log in with username and password. Another email in English and with the recipient's surname: "Mr Gonzalez – Very Important". Inside, Promises of profits or commissions for a unique and incredible opportunity. Post on Facebook or WhatsApp message with a link that leads to a form to obtain credit with unsuitable conditions. Here are some of the most common hazards to phishing, the most scam method used by hackers on the Internet.

This type of scam was the largest spread in the world and Argentina during 2018. Accordingly, the cryptojacking, y malware, cyberrevorsions and exploitation of weaknesses, according to a report by a cyber-induction company.

New features phishing -as the call is called a computerized assault method, which includes the cheating to steal money from bank accounts, data or installation of malware – including the use of websites with security certificates, said the ESET Czech company report, referring to the HTTPS acronym read in the web browser bar to indicate when there is a secure site.

During the second semester, the use of launched attacks from sites with these certificates reached 35% of the total, a figure at the end of 2016 was 5%.

Additionally, traditional plugin channels such as electronic mail were added to it in an incredible way message applications, that the assailants could reach more potential victims, the report said.

"Security practices that used to be recommended in relation to # phishing, they remain valid, but not enough, because of the new features of such attacks. Now it is not enough to check the URL, the security lock or the use of HTTPS, it would also be useful to check the common name of the site in the security certificates, compared to the main the site in question, "said Miguel Ángel Mendoza, a Latin American ESET expert

How does phishing methodology work?

Everything is based on the consumer's conviction, through rhetoric strategies, so that it discloses its banking information without hesitation. These tactics have been framed in the widely-known social engineering, a widely used concept in computer security, which refers to the complex roads of hackers to get customer data.

Screenshots of fraudulent scammers emailing service companies to steal consumer data.

Screenshots of fraudulent scammers emailing service companies to steal consumer data.

Everything can start by phone: called apocrypha of alleged employees of the bankFor example, they set up conversations that are full of rhetorical and serious questions that lead the client to disclose information. For example, your email address.

I got a strange email from my blank, why?

As part of the assault, the client will then receive an email where personal information and contact information is requested.

You will be asked to click on a link that is included in the post itself, which will redirect you to a fake website, even if it looks like the bank.

You will then have to fill in the data to the home bank or even give more personal information. There are cases where more than 80 coordination card numbers are requested. Many fall.

These assaults are not huge but personal campaigns that reach thousands of customers of different banking entities. And for that reason, a "x" bank user can receive a fraudulent post entity "and".

How to find out the false message?

Usually spam mail (no need). It almost always refers to the need to update the "policy changes" database or "bank security reviews".

That is commonplace the message is quite catastrophic: there is some warning about closing the account in the future.

Screenshots & messages that reach WhatsApp where they give slippers but that's a scam. (

Screenshots & messages that reach WhatsApp where they give slippers but that's a scam. (

Although they have a bank logo, these emails usually display writing problems (poor syntax and / or bankrupt).

The e-mail can also offer strange banking services, never advertisements received. They show data that can not correspond to an account, such as names or surnames that we do not use. And they require more data. The sender has a foreign name as a rule.

By passing the cursor via the click to click (hyperlink) link, below, on the screen, you can see that the server does not appear in the bank field (URL). The difference can be large or inconsistent, such as a letter or a word of less or less.


The second place was among the biggest attacks that were used cryptojacking, cHow is it known to be a kidnapping ability to process a computer overseas, to earn money through cryptocurrency excavation?

Y cryptojacking He started to have a great activity towards the end of last year, "the most perceived threat of ESET telemetry around the world between December 2017 and June 2018," said the report.

7% of the attacks of this type were registered in Latin America in Argentina.

Generally, Malware, in general, was the main cause of security events in Latin American companies.

Amongst other features, in 2018 malware samples began to specially affect Internet devices from frequently-known computers, computers that have been compromised to make other attacks.

Cyber ​​developmental

The cyber-exorchy was also widely used in 2018, with different campaigns that he tried by emailed to deceive people from Probably get information that's at risk; In many of these actions there was a specific fact, which made the user believe that it could not be false, ESET said.

The "top 5" attacks are completed using weaknesses found in old systems, with 15,300 cases recorded by the company's antivirus systems.

Source link