I’m not here to scare you, but let's admit it, our data is already somewhere else we are not aware of, one way or the other. If you're a huge customer of everything online (social media, online banking, online shopping, etc.), most likely your data you give to these companies had been compromised and/or being sold or shared somewhere else.
I am not a cybersecurity expert, just someone that is “chronically online”. I have read somewhere that there are possibilities or theories that in order for some online companies be able to provide free or cheap products while still not going bankrupt, they may have done something unethical; sell some customer data on the down low, in which other companies buy, especially telemarketers who are looking for people to sell products on, or worse, scammers looking for potential paydays. Others also may have use it to open dummy financial accounts under your name without your knowledge or consent Keep in mind that these are all allegedly, and obviously I’m not going to name companies that may have done this, for obvious reasons.
“If you don’t have to pay for the product, you are the product”,
Sometimes, it’s not always because of the data selling that causes your information to get somewhere else, sometimes it could be because of data breaches. Technology isn’t always perfect, and people outsmarts the internet all the time. Hackers hack websites and leak whatever data they’re getting from it, and that includes customer data. This time, these hackers are the ones selling your data for a sweet sweet price.
Trust me (or not, your call), I am a victim of small cybersecurity attacks on a regular basis (If you know, you know). There are random numbers may text you offering scam jobs, scam gaming/casino stuff, scam “raffle” winnings, sometimes texts, emails, websites pretending to be a bank, a delivery courier, Amazon, Microsoft, people you know asking for money, and more, mostly the things have suspicious links or 'contact on whatsapp/telegram/call a number' type of messages.
Thank goodness I am brainy enough to identify these suspicious items. But sadly, not everyone can. There are cases that people fall for these scams, costing them their budget.
Again, these are from data that we already gave away, which means it's already everywhere and these scam companies buy and bid to get our data from the companies who sell it. Most likely, we are all now a victim of cybersecurity threat. The least we can do is not give them what they want.
15 Guidelines you should do once you receive a cybersecurity attack
Be more cautious. Here are a few tips to NOT let these scams get a hold of you.
1. DO NOT Clink the links
These scam messages often contains links, most of the time shortened. These suspicious links might contain malware that will further damage your device or phish for more of your information that they can sell or use in cases such as identity theft or bank access.
2. DO NOT Call/Contact them back
Remember: They aren't real until you reached back to them. It's a trap. Do not contact the phone number, do not give a call, and all that things the message will ask you to do. They are preying over your naivety. Next thing you'll know is you're dropping your bank info on a random transaction you don’t trust.
3. DO NOT give out personal info easily
Be cautious when giving a stranger your full name, birthdate, social security number, bank information, photos, contact info, passwords, and addresses by phone, texts, email, or web forms. legit companies will not ask unless for verification or a sale transaction (unless needed, they shouldn't ask for your SSN, really). They may also use these for identity theft.
4. RUN once they ask for money-related items (crypto, gift cards, banking info, etc)
This is crucial. As much as I want to say that this is pretty self-explanatory, it is still something that some still needs to know. Scammers want you to give them your money. Don't give out money or money-related information to people you don't know personally.
5. RUN once they ask for a one-time-password (OTP)
Legit customer service agents from legit companies will never ask for your one-time password. So, it not okay to give yours. OTPs are codes you receive to verify a log-in or sign up attempt. They are extremely personal and must be used only for your own access. Most likely they are accessing your existing account or setting up new accounts without your knowledge (identity theft).
6. ONLY contact their customer care directly
Searching a number online is dangerous. A good way to find a company's contact is to go to their actual website (or most likely in the past transaction emails/statement of account you usually receive either by emails or by mail) and find their contact phone, email, or their contact form. Make sure that before you contact, you have the correct URL, phone or email address to proceed.
7. Check the phone number/email address
It may look like an email the actual company we transact to (shopping, banks, etc) or a text message pretending to be them. Before clicking links or doing anything, check the sender email or phone number (automated text messages often have a special system)
8. Check the link before putting information
It is scary how technology, and good website design can make anyone spoof or impersonate your online banking, amazon, and other popular websites. Check the URL the site is on. If it is not the actual website, run. They're phishing, gathering your information. It’s like fooling you to put in your details make it seem you are transacting on the real thing.
9. Modify your contact information for your online transactions
This is a helpful life-hack I have seen online. To make sure you'll track back who is selling your data, you can either add the company name on your email using a + sign (example, amandag+pinkflowershop@email.com) they mass send emails all the time and don’t edit out info. That way you can detect where your data is compromised if you receive a sketchy email unrelated to the company.
10. Stay updated with the companies you transact with
Follow the companies if they have any social media, email newsletters, or a blog channel. That way, we can be updated on what's new with them. On some occasions, they also provide helpful tips to avoid being a victim of fraud that they're aware of. They may also post in there if there was a recent security breach, so that you’ll know if it’s time to update your info or make any more steps.
11. If possible, report them to concerned entities or company being impersonated
Companies have a way of dealing with fraud. Also, some companies that gets impersonated every time (example, banks) have their own system to let customers report fraud messages, they can look into it, be aware of it, inform other customers and so on.
12. Inform your friends and family members
Yes please… let them know that these things exist, and could harm them big time. That way, they know not to entertain those kind of messages when they stumbled into one, and hopefully not fall from it.
13. Update your info… especially passwords and devices.
There's a possibility that these scam entities have your password as well, Changing your passwords regularly will not let them into your account as the old password in their possession will become useless. Also, you may as well check on your device history and remove devices you are unfamiliar or don't use anymore.
14. Enable extra security on your accounts
Hackers will love it if your account is not protected. That way, they can log-in however and whenever they want to if they have your email and password. Two-Factor authentication (a verification code will be sent to your phone every time you log in) can help block them to do so
15. Just ignore them
A good way to deal is just ignore them. It's like hiding. Once they know that the number still responds to anything, they'll keep on haunting you until you give in. Good thing Google's messaging app has 'spam and blocked' filter… helped me ignore these messages.
4 Things to do if you fell victim from these attacks
Sadly, all these precautions but still, one may be a victim. Here's how to avoid going further.
1. Talk with your bank and network provider ASAP
It will help to report these scams as soon as possible to your network provider and bank. They may assist you with your strengthening your account security, inform you with some terms, and maybe even help you close the compromised accounts and get you new ones.
2. Inform the authorities
They may or may not directly help with your situation, but they can help bring awareness on the scam to the community and even escalate to the higher up and to the more concerned group, even make bills taking action to these kind situation, and even information drives and trainings on how to deal with these types of cases.
3. They got your financial info? Withdraw your remaining money
They accessed your finances, they may access it again if you do not act fast. Get ahold of your money before they do. Banks may help you secure your remaining funds, help you set up a new account and transfer it there, or advice you to do the same as withdrawing, but it's better to do it as a first aid measure.
4. Update your security info… Again!
They have seen/witnessed how they can access your account. They may have a workaround on it and access it again. Update your passwords, enable two-factor authentication, remove unfamiliar devices change your email addresses and phone numbers.
Folks, scammers and hackers are the thieves of the modern internet, and they could be everywhere. It is a good habit to be informed about these topics and know what to do if in case this happened to you or anyone you know. And if you must, guide your elders and help them understand the risks of being fall victim into these scams as well. They are the least informed and least savvy about these things, so they may need help from the younger generation like us, and sharing our knowledge could go a long way. Be careful with your money and personal information out there. Be cynical and informed.
Comments
Post a Comment