QCOSTARICA – Scams, phishing, spam, spoofed websites and misleading offers abound in cyberspace, but this time of year, when our gift list grows dramatically, it is particularly vulnerable to these types of scams.
When we talk about phishing we are referring to a form of deception by which attackers send a message (hook) to one or more people, with the purpose of convincing them to reveal confidential information such as passwords and credit card numbers.
There is more than one form of phishing, but there is one tactic that is the most common: Victims receive an email or text message that mimics (or “impersonates”) a trusted person or organization, such as a coworker, bank, or government office.
This person or institution asks to send data such as bank accounts, passwords, telephone number, among others, to access some important information or “avoid any penalty.”
Recently, PandaLabs, a laboratory specialized in computer security, released information about a wave of phishing attacks, in which scammers impersonate the popular Amazon marketplace to get hold of the victim’s bank details.
These are some recommendations that you should consider before sitting at your laptop and buying:
- Avoid online transactions from a public Wi-Fi, especially when you are divulging persona information. Most of these public networks are vulnerable to hackers and could easily obtain all your registered information. If you are away from home, it is recommended to use mobile data on your smartphone or share the internet connection to your laptop.
- If you are suspicious of the origin and content of the email, delete the message without opening it. Remember that these emails use names and adopt the image of real companies, carry as sender the name of the company or that of a real employee of the company, including websites that are visually the same as those of real companies and use gifts as a hook.
Check the from on the email and note who is the sender. If in doubt, delete the email completely, but most important do not open any link. Of course, as a general rule they are poorly written or translated, so this can be an indicator that something is not right.
- Do not enter your bank’s website by clicking on links included in emails, as they could secretly direct you to a fraudulent website. Type directly the web address in your browser or use bookmarks/favorites if you want to go faster. Avoid saving your passwords, enter the password manually.
- Common sense and prudence is as essential as keeping your computer protected with a good antivirus that blocks these types of attacks. There are many free reputable antivirus programs if you cannot afford a subscription, but not all free are good. Also, you should always keep your operating system and web browsers up to date.
- If you realize that you have fallen for a phishing, identify what type of information you have compromised; change your passwords, cancel subscriptions and block the bank card if necessary and contact the supplanted company or institution, or your bank.
The holiday season is the perfect time for hackers to strike as people let their guard down. Ensuring that you are protected against phishing scams, spoofed websites, and unencrypted financial transactions is a must.