Alert levels should be increased for credential theft and fraud attempts that can harm people and businesses. The alert was issued by the National Center for Cyber Security (CNCS), which highlights two campaigns growing in the country. Hey One is the technique of defrauding the CEO and the other is to capture data associated with the mobile phone's digital key.
Judicial police have indicated fraud schemes against the CEO, as they recently arrested a suspect for transferring sums totaling 307,000 euros to an account belonging to a company owned by him. a CNCS promotes the growth of this technology that affects citizens and organizations, resulting in significant financial damages.
These campaigns focus on sending emails or text messages, whether SMS or via apps, where the malicious agent pretends to be an entity connected in some way to the targeted organization.. You can pretend to be a manager or even a supplier, who issues orders, usually of a financial nature, to employees of the same organization. This may lead to situations where amounts are transferred to accounts linked to the fraudster.
In order to better understand this type of scheme, in addition to best practices for prevention,… CNCS has made the relevant resources available on its website page.
Regarding the digital mobile phone key, the new campaign seeks to collect data associated with the account, along with other types of information, such as banking information, that could put it at risk. It must be remembered that the digital mobile phone key is the official digital identification document of citizens and this allows signatures and replacement of credentials to access services.. CNCS also offers resources and recommendations on Current context For the mobile phone digital key, in addition to the techniques discovered that were used to defraud citizens.
Among the recommendations is the usual advice not to click on strange addresses or attachments in suspicious messages. You should always be suspicious of requests for access codes or credentials, even if the message appears to come from a trusted entity. You may never share digital mobile key codes or access credentials via message or phone, even if the other party appears to be a dangerous entity.