In recent years there has been a significant increase in the field of cybercrime. In particular, since the state of alert was declared due to the Covid-19 crisis, the incidence of cybercrime has shot up. Moreover, it is expected to further increase in the coming years as new technologies emerge and since their use has become more and more widespread in society’s daily life.
One of the main forms of this type of crime is phishing, a technique in which someone impersonates an entity by means of an e-mail or SMS in order to gain a user’s credentials or credit card information. These messages are sent impersonating the identity of the recipient’s trusted contacts and are almost indistinguishable from the real ones. They usually contain a URL or a file with the URL to a website that seems to be the legitimate one and which is used to trick the recipient.
Over the last few months, the Basque Cybersecurity Centre (BCC), the organisation designated by the Basque Government to promote cybersecurity in the Basque Country, has been warning of a massive campaign of e-mails aimed at various companies, foundations, etc., with the objective of fraudulently obtaining credentials, infecting computer with malicious software and obtaining contacts to continue spreading.
In view of this situation and in order to help minimise the chances of becoming a victim of this type of crime, the following are some security measures that companies and users of technologies can implement in order to protect themselves:
- Take notice of the email address from which the message is sent.
- Pay attention to the message as it often contains meaningless expressions and/or spelling or grammatical errors.
- Call the sender and make sure who sent the email.
- Be aware that no company is going to ask to change the password by email.
- Never enter the bank's website through URLs included in e-mails.