Every day, there are more stories about online scams and people being cheated out of their life savings. It’s a sad truth that scammers are getting cleverer and more brazen by the day and being able to spot the fake messages and websites amongst the genuine ones is getting more and more difficult.
Be vigilant and take the safety of your digital- and smart-life seriously!
Phishing scams are among the most common schemes. Criminals pretend to represent a respectable service provider and try to lure you into sharing your personal details.
The goal is to get you in a situation where you’d reveal personal information without even noticing – then criminals will use the data to gain access to your bank accounts, credit cards, authorisation devices etc.
It’s all about identity theft: once they have a way in, they’ll use it to take SMS-loans in your name, empty your bank accounts, sell your property behind your back or use other means of creating financial damage that you’ll be responsible for.
It is usually international, making it very difficult to discover and even more difficult to find justice should you fall a victim to it.
Criminals can lure personal information from you through positive incentives (rewards, prize games, massive discounts, special benefits, time-sensitive opportunities etc) as well as using threats or warnings (“Check that your personal information is not a part of the hacked database”, “Your bank account is compromised”, “If you want to keep using XYZ service, you need to…” etc.).
You should also know that scams like this can take place on websites, social media, through e-mails, SMS’s, phone calls etc.
Smart-ID and any other trustworthy service provider will NEVER ask for your PIN-codes. For any reason. You will know it’s a scam as soon as you’re asked for your PIN-codes or passwords!
As soon as you suspect something, do not click on any links sent by the potential scammers. Instead, open the official website of the company manually through your browser. If you do not know the address of their website, go to google.com and access their website through search results. All major campaigns should be easily found on the official website, and the same goes for all genuine security risks and warnings. If you don’t find them there, it’s more than likely that the campaign/threat doesn’t actually exist.
It’s also a good idea to call the customer service if you are in doubt. NB! Do not use the number provided by scammers – use the phone number you find on the official website of that company. Not only will you learn the truth, you can also warn them about a potential scam.
If you’ve become a victim of identity theft (or you suspect that someone has access to your authorisation devices such as Smart-ID or mobile-ID, has your bank details, your accounts have been accessed by strange devices etc) get in touch with your bank and the police! They’ll instruct you on what to do next.Contact Smart-ID if your Smart-ID PIN-codes have fallen into the hands of someone else or if you keep getting PIN-requests that you have not initiated.
Gone are the days when ‘scams’ meant easy to spot e-mails from “Nigerian princes looking for investments”. Modern day criminals hunt both online and offline, have all the technical skills required and know how to use spellchecks. They slide in sideways, without resorting to overly obvious tactics. They may not ask for your private information directly but try to milk it through friendly conversation or even by being ‘educating you about cyber risks’. It’s not unusual to hear that criminals had been helpful and pointed out that “PIN-codes should never be revealed over the phone, we ONLY need 2 last digits” or suggested the PIN to be entered backwards in a “way it can’t be used”. You may even be scammed through online shopping – always make sure that the service provider actually exists, and where possible use websites that are well known.
NB! Know that neither Smart ID nor any bank will ever need your PIN-codes or passwords, even if there has been an actual security breach!
Do not share your PIN-codes, passwords or user names with anyone else, including your family or co-workers. If you want to share access to your bank account, speak to your bank: it’s easy to add additional users with personal limits. The service is also fast and usually free or for a small fee.
Never authorise PIN-requests you have not initiated, not even to ‘test’ or ‘see what happens’ when your bank accounts are empty. Remember: you are legally responsible for all actions taken using your PIN-codes!
Notice when you’re being pressured: if you need act “immediately” or are being emotionally manipulated (the communication makes you feel anxious, overly excited, upset etc).
Don’t be afraid that being overly cautious will make you look stupid and go with your gut feeling as soon as something does not feel right. It doesn’t really matter what opinion scammers have of you, right?
Remember that your bank already knows all they need to know about your bank accounts, finances, credit cards etc. They do not need to ask you for that information! The same goes for other service providers: your PINs and passwords are none of their business. Do not believe any excuses, even if they make it sound believable.
If a website, e-mail, campaign page, social media post etc looks or feels wrong or broken, leave it. Unusual designs, different tone of voice, bad grammar and an unprofessional look & feel (i.e. some of the text is overly large, blinking or misaligned, contains too many exclamation points) or if you’re being addressed by the wrong name (i.e. your e-mail instead of your name) are all serious warning signs.
Does it sounds too good to be true? Then it probably is.
Do NOT trust any campaigns that the company has not published on their official website, why would they invest in marketing and then hide it?! Be suspicious as soon as you hear or read that it’s a “new trick” or a “clever tip” that would allow you to save tons of money. Know that if a company has made a legitimate mistake in their pricing, they are allowed to cancel the orders. And if scammers are behind the campaign, the ‘real company’ can’t be held responsible for refunds.
Unbelievably good offers are not to be believed!
The same goes for “serious security alerts”. If the threat is real, legitimate companies will make sure you get up-to-date and accurate information through their website and other official channels. If it’s not there, the threat must not be real.
Use Google or other search engines to check the phone numbers used to call or text you. Remember that if you call or text back, you may subscribe to a paid service without knowing, or be charged extortionate rates for your phone call. Most mobile operators also keep a list of numbers known to be used for scamming.
Unfortunately it is very easy to pretend to be someone else online: with a few technical skills, you can make any e-mail or even an SMS to look like it came from a credible source, and it is even easier to make links look like they’re taking you to a completely different website. Be suspicious and contact the legitimate service provider to ask if the campaign is real or not as soon as you have any doubts (and use Google to find their actual official website and use numbers from there!).
We’ve all heard stories about people who fall madly in love over the internet only to discover their love interest is a blackmailer; or about ‘investments’ that leave the investors bankrupt. Don’t assume it could never happen to you: successful scammers are superb manipulators and victim grooming is a long and complicated process.
Today’s scammers do not hide behind simple “Nigerian princes”: they belong to organized international syndicates treating their victims like long term investments, and they are willing to put in all the time and effort it takes.
Love scams happen when you meet someone online who is currently located in a place that would be difficult, if not completely impossible, for you to perform checks. Common claims are that they are soldiers on a mission; doctors working abroad; special ops agents whose work is classified; Christians doing missionary work or volunteers involved with an international charity project etc. It may take a week or two before any money gets mentioned and, in most cases, they orchestrate the situations so that you’d offer the money without them having to ask for it directly. Most popular ‘financial difficulties’ are related to accidents and need for protective gear/medication; unexpected illness or death of a family member; travel expenses; paying for ‘satellite connection’ (or mobile data) required to keep communicating with you; getting hurt or wounded; coming to visit you etc.
The amount needed will not be alarmingly large but will grow over time – and may turn into blackmailing if you’ve shared access to your web camera (and they’ve recorded you in secret), intimate photos or secrets.
Help and collection scams are scams where emotional blackmail is used to cheat you into donating money. Guilt combined with a chance to be a hero is a powerful motivation! Scammers give you a sad story dotted with examples of ‘optimism and true strength’, pretend to be so ‘ashamed’ or ‘pained’ to be in a situation where they need outside help that you’d feel uncomfortable grilling them for details or sharing any doubts you might have. Don’t trust any collections where money will go directly to the account of a private person if that person has not provided (without prompting!) adequate ways for background checks.
Viruses are a threat to all smart devices, not just computers! Most viruses are shared through e-mail (attachments or links in e-mails); suspicious websites (especially those offering download options for other software); file sharing programs and sites (films, music, subtitles, media galleries etc).
Viruses have different purposes: the most common being spamming, stealing your personal data for identity theft and collection information for blackmail.
Do not download software outside official websites and delete all files that have been downloaded into your computer without your knowledge or intent.Know that Smart-ID and mobile applications of banks (including any updates) should always be downloaded only through Google Play, AppStore or Huawei App Gallery.
If you’re not sure, consult IT-savvy friends or colleagues before you download anything.
Spyware, like the name suggests, is designed to spy on you to gain access to the contents of your device and everything you do with it (user names, passwords, banking information, social media profiles, cloud services etc).
How to act if you suspect you may be infected:
Ransomware is a type of malware that has become increasingly popular: it locks the contents of your device (‘kidnaps’ it) and tells you that you need to pay a ‘ransom’ to regain access to your device and it’s contents. Ransomware demands often threaten to delete the contents of your device permanently if you do not act within a very short timeline. If you do not pay, they may threaten to make the contents of your device public, harass people in your contact list or take over control of your bank accounts.
How to act:
Smart-ID: safe and secure solution
Smart-ID meets the European Union’s highest security standards and digital signatures given with Smart-ID have the same legal standing as handwritten ones.
PIN-codes
PIN-codes keep your personal data protected: as long as you do not make your PIN-codes accessible, they can’t be used against you.
