IT security tips for older users
More and
more seniors are actively using digital platforms such as WhatsApp, email or
social networks to communicate, stay informed and stay in touch with their
loved ones. While this is great news, this reality also has a darker
side. Indeed, older people are often more vulnerable to scams and all
kinds of online scams, due in particular to the fact that they did not grow up
with these technologies. That's why, as part of our security training
series to mark Anti-Malware Day 2019, we decided to dedicate an article
specifically to older users. This article aims to help them recognize and
guard against certain techniques of fraud the most common, including phishing
attempts (or phishing ) email, WhatsApp or social networks
such as Facebook or Instagram.
Visit: http://delhitrainingcourses.com/blog/ for more such cyber security tips and tricks
It is
often the case that adults using these platforms click on questionable links,
fill in forms with their personal data or share a false offer without being
suspicious. This is largely due to the fact that they are not aware of the
risks that exist in the digital environment and of the way criminals act when
it comes to developing their deceptions, which makes them a easy target to rip
off.
A
recent New York Times
article claimed that scammers find the most vulnerable audiences among
seniors. It included the story of a woman who used the Internet to buy a
dog and who, after performing a search on Google, entered a fake site which has
usurped the identity of the site which she thought she was accessing. What
ultimately happened was that after writing an email to the alleged company and
being offered a discount on the price of the puppy that interested her, the
wife and her husband were deceived, but not without first transferring $ 750 to
the fraudsters.
Phishing:
a deception still as flourishing as it is dangerous
Although
criminals use different modus operandi to conduct their campaigns of deception,
we will focus here on a particular example, which stands out for its frequency
and its formidable effectiveness: phishing.
In
general, this model of deception begins with a message or publication that
reaches the victim through a digital means, such as email or a social network,
in which criminals pose as an entity or a brand of trust so that the victim
takes a measure contrary to their interests, such as giving their password,
credit card number or other personal data.
Although
this malicious practice dates back over 20 years, it remains very effective for
cybercriminals, mainly because users find it difficult to recognize it
effectively.
Below, we
explain in a simple way how to recognize a phishing attack, according to the
methods that we have identified as the most common, in the following platforms:
email, WhatsApp, Facebook and Instagram.
Email
phishing
It all
starts with an email regarding an irresistible offer, a problem with the user's
account, or some other excuse, seeking to arouse the interest or fear of
potential victims. Although the email may contain an attachment, which we
should not download or open if we are not sure that it is a legitimate email
(because it may contain malware), the technique most frequently used is a link
that takes us to an external site where our information will be stolen.
As an
example, we recently discussed phishing mail campaigns in which the identity
of Netflix has been impersonated , messages (emails or SMS)
claiming to come from the Ministry of Revenue , a well-known online
payment platform. , a Colombian bank and another in Peru ,
as well as phishing campaigns simulating online shopping services such as Amazon .
Phishing
via WhatsApp
As in the
other platforms described in this article, with the arrival of WhatsApp, the
criminals found a scenario that allowed them to reproduce this model of
deception.
Unlike
the way the message arrives by mail, in the case of WhatsApp, it is usually a
message that contains a link and sends us a contact who shares it, believing
that it is something legitimate, as was the case, for example, for these
campaigns detected this year where the identity of Spotify , Nespresso , WhatsApp or Nike .
Phishing
on Facebook
Phishing
campaigns on Facebook can be done by private message. However, unlike
WhatsApp or email, phishing on Facebook also works by posting on a wall, which
can range from false advertising to the publication of a contact who, probably
the victim of a deception, has published information that leads to a site that
seeks to steal your information.
Some
phishing campaigns on Facebook that we have analyzed in recent years were, for
example, deceptions in which the victim was tagged in the publication of a
supposed video, as for example here , or this banking Trojan
horse posing as an advertisement for McDonald's .
Phishing
on Instagram
Of the
four platforms analyzed here, Instagram is the most recent. As on
Facebook, in this social network, most phishing campaigns start from false
advertisements which direct victims to shopping sites or seek to steal
information after filling out a form, but they can also start from a direct
message from a stranger that catches your eye.
A
well-known phishing campaign that has been circulating in Instagram for a long
time masquerades as the eyewear brand Ray Ban and seeks to steal
personal data and login information from Instagram users. Generally, in
this campaign, after having stolen the references from the victim's Instagram
account, it publishes in the stolen account advertisements for Ray Ban eyewear
offers.
Conclusion
Phishing
is another technique that kills many people due to the ignorance of
users. We hope that this publication can be useful for the elderly and
that they can learn to recognize this type of deception when it occurs. On
the other hand, in addition to knowing the threats and risks that exist online,
we recommend that you use an antivirus solution on your computer and your
mobile devices and activate multifactorial authentication on each of
the platforms that offer this. option.
Join Ethical Hacking Course in Delhi From DICC to learn more IT Security Tips and Tricks.
Comments