Password fishing or phishing, for short, is one of the most widespread tools cyber-criminals use to steal money. As bait, phishers send their targets emails that allow to extract personal data from those who open them. Cybersecurity experts note that such tactics are used against both individual citizens and against companies. Below, the Director of the National Center for Cybersecurity Rytis Rainys explains, how to recognize the potential threats and how not to become another fish for the fraudsters.
Rytis Rainys

The victims usually give their data away themselves, although theft also happens

When sending emails, cybercriminals usually send content that psychologically affects their victims to willingly reveal their personal date, such as their login information for e-banking or credit card information. The other commonly used tactic – to infect the email receiver's computer with a virus, that allows to extract personal data without the victim's consent.

Criminals imitate even the websites of banks

Rytis Rainys, the Director of the National Center for Cybersecurity, notes that phishing emails often contain links to fake websites of banks or other relevant institutions. When the receiver opens the link, they are prompted to fill in empty fields that appear on the website with their bank account and login information – which then goes directly to the fraudster.

According to R. Rainys, the most straightforward way to protect your data is to stay vigilant and critical.

"Banks do not send emails with requests for their users to provide their user or personal information. Such emails can be immediately treated as an attempt to steal your data. Further, you should simply not respond to any suspicious email and not click on any questionable links. They can hide corrupt websites or malware, intended to extract personal data", warns the Director of the National Center for Cybersecurity.

Cybercriminals also target businesses

In addition to individual residents, businesses of all sizes also regularly become targets of various cybercrimes.

R. Rainys explains that, in a classic example of online fraud, "cybercriminals strategically collect information about the targeted companies' structure and leadership, their names, surnames, and other information. Then, pretending to be these managers or CEOs, they send emails to the company's accountants and request them to transfer some of the company's funds to a specified account".

Very recently, such attempts to commit cybercrime were observed in Vilnius and Kaunas. The targeted companies managed to avoid any damage because of the vigilance of their accountants, who did not believe in the authenticity of such emails.

5 clues that suggest you might be targeted by cybercriminals

Fortunately, critically evaluating every incoming email can help avoid falling victim to most attacks by online fraudsters. Below is the list of five most common traits of phishing emails:

1. Too good to be true. Cybercriminals use extremely appealing offers to capture their targets' attention. Usually, these emails tell the target that they won a new phone or a vast sum of money in some lottery and ask the target to provide their personal information in order to supposedly reclaim the prize.

2. Extraordinary rush. Another beloved tactic cybercriminals use is to create a false sense of urgency for their target to provide their information. For example, they urge to reply to the announcement of winning a lottery immediately, saying that the offer is about to expire; alternatively, they may ask to renew your personal data claiming that otherwise the user will be locked out of their e-banking system or other accounts.

3. Unclear links. In their emails, data thieves usually send links that imitate well-known websites. To determine if the link is valid, read the internet link attentively – often the difference is just one letter or symbol. For example, links to all bank website begin with https, while fraudulent websites – with http (that is, they drop the "s"). Further, often fake domains have nothing in common with the bank's title – such as brr.bayarit.gob.mx.

4. Attached documents. Emails used for cyberattacks often include attachments containing malware or direct you to download documents with malware. If opened, such documents immediately install malware to the user's computer, which is then used to extract personal data.

5. Unusual sender. If you receive an email from an unrecognizable sender or a familiar sender but under unexpected circumstances or with unusual requests, do not react to it or check the information provided in the email through other channels (for example, by calling the sender). Data thieves might imitate your friends and colleagues and, pretending that they are in some sort of financial trouble, ask for you to transfer money to their account.

Leave a comment
or for anonymous commenting click here
By posting, you agree to terms
Read comments Read comments

Cyber spies can operate in your computer: how to protect yourself against them?

Criminals are becoming increasingly innovative in the technological age. One of the tools...

Not even animated movies are off-limits: how to recognize propaganda in culture?

The Kremlin’s ideological and political propaganda often reaches us not only through the official,...

Offensive and illegal content online threatens adults as well as children

Studies show that, on average, 65% of internet users have experienced some kind of an online threat....

As online shopping becomes more popular, more and more fraudulent sellers appear: how to avoid them?

According to Eurostat, the statistics agency of the European Union, Lithuania is one of the leading EU...

The history of Lithuanian statehood has always been built by members of various ethnic communities

Ethnic minorities in Lithuania lived through the same historical tendencies as the country in which...