Regardless of the fact that 77.6% of computer and social engineering cyber-attacks are mainly aimed at companies and their employees, phishing, vishing and smishing techniques are the most commonly used in both areas (personal and work), especially in relation to banking transactions.
The objective of these three frauds is the theft of information through corporate impersonation, using the following means:
- Sending e-mails relating to verification or updating of data (card number, bank signature, password, etc.); advertising campaigns or sweepstakes and discounts, sending the recipient to a fake web page, in which we will be asked to enter certain personal and access data, to correctly complete the update or to be able to participate (phishing).
- Making telephone calls on behalf of our bank to verify or validate a supposedly cancelled transaction. Again, we will be asked to provide our password and signature or digital token, to help us remotely to make the appropriate checks or adjustments to our bank account (vishing).
- Sending of warning or informative SMS or Whatsapp , with a link to the fraudulent website, in which it will be indicated to enter supposedly incomplete or outdated data, and strictly necessary for the continuity of the service (smishing).
The best way to avoid being scammed and suffering information theft, with the economic losses that this may entail, is to “double check”. Before providing any information that may be considered confidential, we recommend that you avoid responding at that moment and contact the person or entity that is requesting the information, but through official channels.