Objects that never arrive, fake job offers, expensive holiday bargains or email phishing. Every day, thousands of people fall victim to online crime, and learning how to identify this type of criminal activity is essential in order to protect yourself from cybercriminals.
During the 12 months following the state of alarm in Spain, the number of online frauds targeting businesses grew by 44.44% according to data from TrasUnion, a company dedicated to analysis and information. This figure rises to 46% on a global level. Meanwhile, the number of attacks targeting consumers rose by 24%.
After analysing thousands of transactions and more than 40,000 websites between March 2020 and March 2021, the study found that the Spanish cities that were targeted the most were Madrid, Barcelona and Valencia. The telecommunications sector tops the ranking of the most affected, followed by financial services, gaming, gambling and tourism. TrasUnion noted that, during the period of de-escalation of restrictions and confinement, online fraud originating in Spain was 95% higher than the world average and 45% higher than the European average.
Adaptation of cybercriminals
In this pandemic scenario, Spain has become a frequent target for all types of cyber-attacks, after the United States (well above the rest of the countries) and Germany. According to the latest Digital Civility Index (DCI) prepared by Microsoft, online scams and frauds account for 44% in our country.
The intense use of technology, which grew over the course of 2020, has led to this increase in cybercriminals. Changing habits have also attracted criminals to the digital realm. So considerable has this transformation of crime been that they are already known as “mutant scams,” as indicated by the company Trend Micro, specialising in data security and cybersecurity for companies.
Most common frauds
In addition to the classics, there are new types of digital fraud that are becoming a major nightmare because of the problems they cause. Knowing about them is the best way to avoid them.
- Phishing: this is the most widely known and yet still the most common. The criminal impersonates a person or organisation via email in order to obtain personal or banking information from their victim. They may also intend to infect personal or corporate devices via malware or malicious software.
- Malware: this is any type of malicious programme or computer virus such as Trojans, which are hidden in legitimate programmes and require the user’s direct intervention to download them, spyware whose aim is to collect all kinds of information from the user, or adware, whose mission is to display specific advertising to the user. They all exploit any kind of vulnerability they find in computer systems and mainly affect SMEs and large companies.
- Fraudulent online shops: according to Salesforce’s Shopping Index, in the first quarter of 2021 alone, the e-commerce sector in Spain grew by 65%. As online shopping increases, so does danger. Bargains work as a lure for less Internet-savvy users. Fake online shops also use these kinds of irresistible offers that also come in the form of holiday rentals, job offers, Black Friday campaigns, etc.
- Social engineering: in this case, cybercriminals use people themselves through manipulation. Since techniques closer to psychology and the study of human behaviour are used, victims end up trusting their “attacker,” who pretends to be someone they know, such as a company or public administration, believing that they will receive help or a free service.
- Sextortion: this term comes from sexual extortion and is the digital version of this type of blackmail. Criminals hack devices in search of sexual images or content. Teenagers, due to their increased use of social networks, and women are the most frequent victims. This cybercrime, which is dangerously on the rise, can have very tragic consequences, as it sometimes ends in suicide, precisely because of the characteristics of the victims.
- Instant messaging: the Office for Internet Security (OSI) warns of the growing use of WhatsApp as a means to carry out different types of fraud, from impersonating the identity of the victim and requesting money from their contacts on their behalf, to a defamation campaign after a supposed loan was requested and was not paid.
How to avoid online fraud
As well as being aware of the different types of crime to which we may be exposed, there are a number of simple rules to follow:
- Look after children and adolescents: cybercriminals are not considerate of the age of their victims.
- Keep all your devices and antivirus software up to date.
- Check the websites you visit and buy from official and trusted websites.
- Shy away from great deals if they are not on verified websites.
- Look for trust seals that guarantee payment gateways and privacy in online shops.
- Verify the identity of email senders. Do not open unsolicited emails or emails from strangers.
- Do not disclose any personal information.
- Do not share intimate photos or videos.
- Do not open attachments.
- If you receive a sextortion email, do not send money, it may all be a lie.
- If you have any doubts, report them to the State Security Forces and Bodies (FCSE) or the Internet Security Office (OSI).