An email with the sender of a bank and the subject that warns that the account has been blocked. Inside a message that looks like the bank and asks to enter with username and password. Other email in English and the recipient's last name: "Mr. Gonzalez – Very Important". Inside, promises of profits or commissions for a unique and unforgettable opportunity. A Facebook post or a WhatsApp message with a link that leads to a form to access a credit with unbeatable conditions. These are some of the most common pitfalls phishing, the most commonly used hacking method on the Internet.
This type of coup was the most widespread in the world and in Argentina in 2018. Back then cryptojacking, O malware, cybernetic reversals and the exploitation of vulnerabilities, according to a report by a cyber security firm.
The new features of the phishing -as it's called the computer attack method, which consists of the cheating to steal money from bank accounts, data or installation of malware – included the use of sites with security certificates, said the report of Slovak company ESET, referring to the acronym HTTPS that is read in the browser bar to indicate when a site is secure.
During the second semester, the use of attacks launched from sites with these certificates reached 35% of the total, number that at the end of 2016 was 5%.
In addition, traditional propagation channels such as electronic mail have been added to it in a remarkable way. messaging applications, with which the attackers could reach a greater number of potential victims, according to the report.
"Safety practices that used to be recommended in relation to phising, they continue to be valid, although they are not sufficient, due to the new characteristics of attacks of this type. Now it is not enough to check the URL, the security blockage or the use of HTTPS, it would also be useful to check the common name of the site in the security certificates, to compare it with the domain of the site in question, "commented Miguel Angel Mendoza, expert of ESET Latin America
How does the phishing methodology work?
Everything is based on the user's conviction, through rhetorical strategies, so that he exposes his banking information without hesitation. These tactics are framed in so-called social engineering, a concept widely used in the field of computer security, which refers to the ways hackers to obtain customer data.
Screenshots of fraudulent e-mails from scam artists who present themselves as service companies to steal user data.
Everything can start over the phone: called apocrypha of alleged bank employeesFor example, they establish conversations full of rhetorical and misleading questions that lead the client to reveal information. For example, your email address.
I received a strange email from my bank, why?
As part of the attack, the client will receive spam messages, where personal information and contact information will be requested.
You will be prompted to click on a link included in the email itself, which will redirect you to a fictitious website, even if it looks like the bank's.
There you will have to fill in the input data for homebanking or even give out more personal information. There are cases where more than 80 coordinate board numbers are required. Many fall.
These attacks are not personal, but massive campaigns that reach thousands of customers from different banking entities. And for this reason, a bank user "x" may receive fraudulent correspondence from an "e" entity.
How to detect fake emails?
It's usually spam (unwanted). It almost always refers to the need to update the database "for policy changes" or "banking security reviews".
It is common for the message is very catastrophic: is there any warning for the future account closure.
Screenshots of the message arrives at WhatsApp, where they give slippers, but this is a scam. (Segu.info)
Although they have the bank logo, these emails often have writing problems (incorrect syntax and / or misspellings).
The email can also offer strange banking services from which advertising has never been received. They show data that does not correspond to our account, such as names or last names that we do not use. And they ask for more data. The sender usually has a foreign name.
When you pass the cursor over the link you are invited to click (hyperlink), below, on the screen, you can see that the server does not appear to belong to the domain of the bank (URL). The difference can be large or subtle, like a letter or word of less or more.
The second place among the most frequently used attacks was cryptojacking, cHow do you know to hijack the processing capacity of a foreign computer to make money through crypto-coin mining?
O cryptojacking It began to have a great deal of activity late last year, "being the most detected threat by ESET's worldwide telemetry between December 2017 and June 2018," the report said.
7% of such attacks in Latin America occurred in Argentina.
Malware, third in all, was the main cause of security incidents in Latin American companies.
Among other features, in 2018 began to appear samples of malware specially designed to affect the devices called the Internet of Things, computers that after committed are used to carry out other attacks.
Cyberexorcism was also widely used in 2018, with several campaigns that tried via e-mail to deceive the people of the supposedly getting information that compromised them; In several of these actions, there was a specific fact that made the user believe that it could not be a scam, ESET said.
The "top 5" of the attacks is completed by exploiting vulnerabilities detected in outdated systems, with a total of 15,300 episodes recorded by the company's antivirus systems.