QCOSTARICA – Intel Costa Rica issued a new alert that false information circulates on social networks about the personnel recruitment process carried out by the company in the country.
The firm stressed that the official site for people interested in a job at the company is www.intel.com/jobs, which does not ask – either through websites, phone calls or any other means – sensitive information and that any information is false. information request for data through fraudulent emails.
The use of recognized global brands for the purpose of misleading people into providing their personal information is very common. According to a report by Vade, a threat detection and response firm, hackers used 25 brands for phishing-like scams.
Phishing uses a fake email or website with the appearance of the official site or emails to make believe that they are authentic and that they redirect to fraudulent pages where people enter their data, accounts, and passwords.
The French financial group’s brand, Credit Agricole, was the most used by phishing attacks (17,755) in the first half of 2021, followed by Facebook (17,338), Microsoft (12,777), WhatsApp (8,727), Amazon (3,501 ), Comcast (3,116), PayPal (2,601) and the Chase bank (2,537).
The report emphasizes that financial brands are the favorites of criminals (36% of phishing attacks) of entities such as Credit Agricole, La Banque Postale, PayPal, Chase, Wells Fargo, Square, HSBC and Banque Populaire.
The other most used brand groups are those of social networks (Facebook, Instagram, LinkedIn and WhatsApp), cloud services (Microsoft, Netflix, Adobe and DocuSign) and e-commerce and logistics (Amazon, DHL, Rakuten, Apple and eBay ).
Globally, 10% of the brands counterfeited in phishing attacks were Internet and telecommunications companies, such as Orange, Comcast, Yahoo, SFR (9%), as well as government organizations (1%).
The firms emphasize that users must be alert and take several measures:
1. Keep your browser up to date. Cybercriminals often launch attacks to exploit known security vulnerabilities.
2. Inspect the website URL. Carefully reviewing the website URL or email address before taking any action.
3. Look for the SSL certificate. Make sure the portal address begins with HTTPS (not HTTP) and has a green lock symbol before the web address, as this implies that the website has an SSL certificate and the connection is encrypted. Notice the URL in the address line of the page, it starts with https://…
4. Watch out for grammar mistakes. Scammers rarely hire professional writers to check their copycat website content for mistakes.
5. Check if the website has been bookmarked. You can use URL checkers to see if the website has already been bookmarked; You can find many tools for this purpose by searching Check URL Security on Google.
6. Do not provide personal data. Remember that no company or bank will ask for your personal data and bank passwords; do not provide data to anyone you don’t know over the phone or by typing their accounts and passwords via email, social media or websites.
7. Use double authentication and biometric security mechanisms for all your email accounts, social networks, electronic shopping accounts and banks, among others.
Mistakes you should never make on the Internet
Online scams are not the fault of the victims, but they are facilitated by the lack of preparation and digital culture, the lack of common sense and the mistakes or incorrect practices that we continue to repeat the users:
1. Using cell phone to remember passwords. People store most of their photos, videos, data, bank accounts, keys or passwords on their cell phone and the rest on their computers, which also lack protection systems.
2. Use discontinued devices. Users should review the information on how to take advantage of and protect their devices. A common mistake is to buy the cell phone or computer and not check the information from the manufacturer or operator.
3. Having outdated operating systems. Regular updates to operating systems include security patches to newly identified vulnerabilities. Both computers and mobile phones should see updates as part of the basic protection measures. Updates also extend the life cycle of devices.
4. Open all the files that come to it. Users tend to open all the files they receive in emails, text messages, messaging chats (Messenger or WhatsApp) without any prior review or confirmation from the sender (is it known or not?) Or wonder if it may include malware or compromised file.
5. Having passwords that are easy to guess or find. Would you leave your house keys stuck on the door? Well, similar is what is done when the passwords or keys are saved on the cell phone or computer. The correct thing to do is to use double authentication systems, through which the mechanism of receiving a notification or a code on your cell phone (via SMS or email) is activated if someone tries to enter your social network, bank or email account.
6. Connect to any Wi-Fi network found. Whenever possible, people should use the mobile data of their postpaid plan or prepaid recharge when they are in public places. When using public or commercial Wi-Fi networks, you run the risk of connecting to networks that have been hacked or impersonated by cybercriminals. At best, they open the door for spam.
7. Posting everything on social media (including posting that you are going to post). Even if you have few contacts on social networks, you should know that there is always someone watching everything you post about your personal or family life, work or business.
8. Answering all calls and giving your details innocently. If are called, do not provide information. Criminals will first find out about your information on social networks, Google or public sites (such as the Civil Registry) and will use that data to make you believe that it is the bank, a public entity or a company.