WCalling international numbers or sending fraudulent messages with job offers are among the methods used in cyber attacks.
“Cyberattacks that use a cell phone as an attack surface, whether through SMS or phone calls, are not new,” says an official source from CNCS, when contacted by Lusa.
However, “in recent years, there have been a large number of cases of this type, particularly associated with the types of ‘phishing/SMS phishing’ and social engineering incidents (which include ‘phishing’), which are carried out with the aim of collecting Sensitive information and carrying out fraud operations against potential victims, exploiting the vulnerabilities of the human factor,” says the same source.
Phishing is a type of attack in which social engineering techniques are used to obtain sensitive information from the victim. Using “Mail”. When this technique is used via SMS, it is called “Smishing,” and by phone (voice), it is called “phishing,” according to information on the CNCS website.
“Some, though not all, of the instances listed in these forms are consistent with the fraudulent phone calls and messages described, specifically some instances of ‘phishing’ and ‘phishing,’” an official CNCS source continues, responding to Lusa, noting that, “ Year after year, phishing and social engineering incidents were among the most recorded by CERT.PT,” as can be seen in the CNCS Cybersecurity Observatory’s Risks and Conflicts report.
The National Cyber Security Center states that the goal of these campaigns varies: “In some cases the goal is to lure the victim into “acting” as a “money mule,” receiving money or crypto assets into their accounts and then transferring them to other accounts, making it difficult to identify the target account. “
In other cases, “the goal is to collect personal and banking data and/or make illicit bank transfers,” and “in almost all cases, there is a strong possibility that victims’ devices have been compromised,” the National Cybersecurity Commission warns.
Therefore, the CNCS “advises good practices against ‘phishing’, ‘SMS phishing’ and ‘pharming’, as well as those regarding precautions to take with instant messaging.”
In general, “users should be wary of unusual requests for sensitive data or that trigger critical actions via mobile,” CNCS advises.
Moreover, “they should think twice before accepting any proposal that is considered too good, perhaps ‘too good to be true’,” the same source concludes.
Read also: Cyberattack puts data of thousands of Helsinki residents at risk