Despite the full-scale war, online fraudsters have not disappeared. On the contrary, there have been more cases when people are being robbed online using new schemes. For example, phishing messages are sent about payments or assistance to those affected. How does phishing work now? What are the dangers of open Wi-Fi networks? And what should you do when money is charged from your card? Oleksandr Korvin, the head of the “Security 360” course at the “Boryviter” Military School, will help you understand.

  • Phishing messages – a popular fraudulent scheme for stealing data. How does phishing work?

    In fact, phishing mechanisms implemented through messengers have become quite popular now, as this is a new form of communication. How does it work? You receive an email message that usually demands something from you, puts pressure on your emotions, or offers to follow a link to see some important information about you, for example. Or to look at a photo where you are tagged, or that someone died in a car accident. Another option: you are required to take certain actions to protect your account. For example, “PrivatBank” contacts you or the online store you use writes that there have been certain actions on your account. The message says that you urgently need to log in to keep your account. The person reacts “on emotions”, clicks on the link, and is taken to a website that looks similar to the one they expect to visit. But in reality, this site is a fake. The person then enters personal data, email, and password, but in fact, they are not transferring them to the site they trust, but to a fake site. The attackers own this site and then use your authorisation data for their own purposes. If it’s an online store, they can start buying goods. And if it’s your personal email, for example, the attackers can gain access to all your accounts associated with this email.

  • How to recognize phishing messages?

    They put pressure on your emotions, demand that you take some sudden action, or simply inform you of some tragic event. This way, they engage you on a certain emotional level, without giving you time to recover and understand why you received this message. In addition, phishing messages are sent by fraudsters, not large commercial companies, so there may be spelling mistakes and no branding. There are various small markers that can let you know something is wrong.

  • How to protect your account?

    In addition to avoiding clicking on strange links, you can set up two-factor authentication on your key accounts, such as email. In addition to entering your password, you will also need to confirm your identity with your mobile phone. In this case, an attacker will not be able to get past this second factor because they will not have your phone.

  • How to react to messages from friends or acquaintances asking for financial help?

    If you receive such a message, you need to validate it first, as it requires you to take action to transfer funds. There are several ways to do this. The account from which you are being contacted may have already been taken over by a fraudster. And you will see that this is supposedly your friend. In this case, you can verify their identity. For example, by asking them what you and they know. There’s another tricky way: talk about things that didn’t really happen, asking “Do you remember…?”.

    If the person begins to confirm this fiction, then you are obviously dealing with a scammer. 

    Also, if the message seems suspicious, you can call the contact and confirm that it is from them.

  • What data theft software exists, how does it work, and where can you come across it?

    They vary in how they work. Some of them can lock your computer, encrypt your hard drive or SD card, and demand money for unlocking it. These programs are called “ransomware”.  There are “keyloggers” that simply read your actions, i.e. keystrokes on the keyboard, and send it to the attacker. This way, they can get your login and password and use them. What are the mechanisms to protect against such programmes? Two-factor authentication is the most effective and simplest protection mechanism. It’s important not to open strange attachments sent by email or personal messages, or visit sites you don’t trust, know nothing about, or find suspicious. You also need to have an up-to-date operating system, updated on time, and anti-virus software. This will give you a fairly strong level of protection.

    It’s important to remember that the greatest danger in the context of malware is not so much viruses as unauthorised actions of applications. I mean, there are applications that ask you for some kind of access to your contacts, to your geolocation. And you don’t know how this will be used. There are applications that can use a touch sensor to understand what buttons you press and thus, for example, read your logins and passwords. Therefore, you should also be very careful with the applications you install for your daily use.


  • What are the dangers of open Wi-Fi networks?

    Open Wi-Fi networks are easy to read. When you log in to a banking system, you transmit your login and password so that you can be identified as a specific person who has access to that account. All of this data should be protected, but on an open Wi-Fi network, there is nothing stopping an attacker from buying an analogue device for a few tens of dollars, installing it, and starting to intercept this traffic. In this way, logins, passwords, and credit card details can be stolen.

    It’s okay to use open Wi-Fi networks, for example, in a cafe, but don’t do any sensitive transactions there. Don’t log in to your email with your username and password, don’t shop online, don’t use banking systems. Or just use your mobile internet for this.

  • How can the fraudsters who stole your data use it in the future?

    If your email is stolen, for example, this is perhaps the biggest danger. Because it is the key to all your other accounts. When you sign up for a new service, you always provide your email and password. Why does this happen? Because the system needs an identifier, and your identifier is always your email. What happens if you forget your password? You click on the “forgot password” button on this resource, and you get an email with a password recovery mechanism. Now imagine that a thief has gained access to your email. He has your account. The first thing he will do is change your password so that you can no longer use your account. Second, he will check all your registrations that are linked to this email and click “forgot password” everywhere.

    And now password recovery mechanisms will be sent to your email, but to which he has access. The result: you lose access to all accounts. 

    And this means that the person with these accounts can then do what they want. If he has access to your banking system, he will transfer money, buy goods.

    The second aspect concerns credit cards. I had an unpleasant experience with Google Pay. I suddenly noticed that my card was being charged with transactions of 4,000 hryvnias with a pause of a few seconds. In this case, you should immediately block the card.  

    Then you write two complaints. The first one is to Google Pay. You say that these are not authorised transactions because you have not made them. Secondly, you contact the bank that maintains the card from which the payments are made and also inform them about this story. I got my money back. The story ended positively for me.