The Europol Cyber Crime Centre (EC3), the European Banking Federation and their members from the public and private sector have disseminated an awareness-raising campaign related to the seven most common online financial swindles. The campaign, called #CyberScams, was done last October within the framework of the European Month of Cybernetic Security and promotes cybernetic security for citizens and organisations, putting the stress on simple steps to protect personal, financial and professional data.
Police forces from 28 EU member states, from five non-member states of the EU, of 24 national bank associations and banks and many other investigators against cybercrime want to heighten the public’s awareness of this criminal phenomenon. This pan-European effort promoted was pushed forward by a communication campaign via social channels and the application of national laws, banking associations and financial institutions.
Following the recommendations of the IOCTA 2018, the most effective defence against social engineering is the education of potential victims that could be any of us when we are on line. Making the public aware of how to identify these deceptive techniques can provide us with both personal and financial security online.
For this campaign, the support material, which includes information concerning the 7 most common online financial scams and how to avoid them, has been done in 27 different languages and is available to be downloaded by the public:
- CEO fraud: the swindlers pretend to be your CEO or a senior representative of the organisation and invite you to pay a false bill or make a non-authorised transfer from your current account.
- Invoice fraud: they pretend to be one of your clients or suppliers and they deceive you into paying future bills into a different bank account.
- Phishing / smishing / vishing: they tell you or send you a text message or email to cheat you into sharing your personal, financial or security information.
- Fraudulent use of bank webpages: they use bank phishing emails with a falsified web link. Once you click on the link, a range of methods are used to gather your personal and financial information. The site looks like the legitimate page, with minimal differences.
- Romantic scam: they pretend to be interested in a romantic relationship. This usually happens on online dating websites, but the fraudsters often use social networks or email to make contact.
- Theft of personal details: they gather your personal information via social network channels.
- Investments and swindles involving online purchases: they make you think that you are an intelligent investment or present you with a great but false online offer.
Internet has become very attractive to cybercriminals. Attackers use sophisticated tricks and promises to make money or to obtain valuable financial information. Swindles involving a lost family member or Nigerian princes are not the only tricks any more. The tactics used by cybercriminals are getting more innovative and increasingly difficult to detect. From pretending to be the CEO of your organisation and pretending to have a romantic interest, today’s swindlers will do whatever it takes to get what they want: your money and your bank credentials.
Social engineering continues to grow as the driving force of many cybernetic crimes, with phishing being the most frequent form. Criminals use them to meet a range of objectives: to obtain your personal data, seize your accounts, steel your identity, begin illegal payments or persuade you to continue with any other activity against your interests, like transferring money or sharing personal data. One simple click could be enough to compromise your entire organisation.