Online fraudsters continue to reduce the majority of American adults because they sneak into virtual calendars and security systems aimed at defending users against overfishing personal information.
A recent survey of more than 9,000 adults before Pio Research Center I found that approximately 73 % witnessed at least one of the online fraud or attacks.
The most common virtual negatives were fraud in credit cards, online fraud and ransom attacks – A type of harmful programs It prevents you from accessing computer files or system until a ransom is pushed.
About 24 % of those surveyed said they had received an email, text message, or their deception to give up personal information.
An estimated 32 % of the respondents said they were victims of a fraud over the past year.
It is often said The elderly is more vulnerable To fraudulent online. However, in 2021, The Federal Trade Committee mentioned The adults of General Z, the Millennium Generation, General Xers, combined between the ages of 18 and 59, were 34 % more likely than adults aged 60 years or older to report the loss of funds for fraud.
These generations groups are deceived by online plans that arise from the advertisement of social media, investment fraud, or fake jobs.
The latest hunting attacks, or attempts to obtain sensitive data occur, through your online calendar, (Google or Outlook Calendar), and the application of multiple factors and HTML attachments.
Online fraud evading it is a challenge, but cyber security experts say there are steps that you can take to protect yourself.
Unwanted calendar calls
Escander Sanchez Rola, director of artificial intelligence and innovation in Norton, said the fraudsters constantly find new ways to attract you to abandon your personal information in an indiscriminate way, and the calendar related to your email account is one of them.
Unlike traditional fraud, such as text or unwanted call, you require your participation, this invitation appears automatically in your calendar without approval or denying it.
Sanchez Rola said that anyone can easily deceive him because he could confuse you in thinking that you have accepted the invitation at some point.
The fraud occurs when clicking the invitation to get more information.
The link in the invitation to a web page for hunting that disguises as an enlargement link can lead you, or it can ask you to download harmful programs that are hidden as an update for the programs.
This is often targeted by CON Work Email accounts and corresponding calendar applications.
Warning signs of this fraud include:
- Calendar invitation is undesirable.
- There are spelling errors in the link or address of the sender associated with the evaluation date.
- The invitation is related to work, but you are the only person who receives him.
What you can do: Change settings in your online calendar to block automatic updates. Microsoft Outlook users can follow up These online instructions To change their calendar settings; Google users can reduce invitations that appear in their schedule Follow these online instructions.
Derek Manki, the chief security strategy and vice president of the threat company in Fortinet, said if you have any doubts, do not respond directly to the invitation.
“Instead, he sent an e -mail to the reliable contact from that organization if they have confirmed the meeting and asked for more details,” Manki said.
Multi -factor authentication fraud
The multi -facta authentication application, also known as “two steps checks”, is an application on your phone that provides you with a symbol or router “Yes or not” to check that you reach an account related to the authentication.
“The multiple -factor authentication attacks have occurred more than a decade ago,” Manki said. “They often take new models, or target new platforms such as applying ratification.”
The fraud occurs when you receive multiple notifications from applying the authentication, although you did not request verification.
“This fraud revolves around wearing you to the point of clicking on an unknown notification and making your personal information by mistake,” Sanchez Rola said.
Warning signs of this fraud include:
- The authentication application requests verification or provides you with the verification code you did not request.
- The authentication application sends many notifications respectively although you did not demand the application.
What You He can Do: If you are getting a series of authentication application notifications, stop temporarily before clicking.
Sanchez Rola said: “Approval of a login did not request is to hand your keys to a strange person,” Sanchez Rola said. “You just don’t do it.”
There is a safer way to use the authentication app – such as 2FAS, Aegis Authentical, Microsoft Authenticator, Stratum or Google Authenticator – is the use of a program that provides you with the verification code. Do not use an application that sends a notification because this is how the deception can press you to save your login information.
Another step in protecting yourself is to change your passwords frequently, as it reduces the lifetime of the shelf for those stolen and sold.
Email messages with unknown HTML attachments
An email with an unknown HTML attachment can return you to a web page for hunting or calls you to download harmful programs.
Manki said he was the oldest technique in the book, but it is still used today.
He said: “HTM/HTML files contain a symbol that can be used in a variety of ways, including the implementation of harmful textual programs, for example JavaScript, which can drop information theft on the system.” “Likewise, it can be used to start the hunting page to harvest credentials.”
Budgets will try to use the names or reliable services that are used daily.
“If it is not an unwanted e -mail, the end user must always wonder about the identity of emails that are sent,” said Manki.
Warning signs of this fraud include:
- Email sender is an unknown contact.
- The attachment inside the email is undesirable and appears suspicious.
What can you do: Manki said that exercising is always cautious before opening any attachments in an email.
Find my finger at the URL of the attachment. Mansi said that the typographical names are when the domain names have a small contrast from the legal presentation.