One day an email arrives to a friend where they notify him that I have won 1,000,000.00, that just to receive it it is necessary to click to fill out the prize claim form ... Where they only ask for a name, full surname and telephone number, (he thought there would be no problem) he was not giving account numbers or more information.
After that days later, he received a notification from the bank informing him of a transaction in which he withdrew all his saved money ... He immediately went to the bank to make the respective claims, but the bank informs him that he accessed the account via the web and I carry out the transaction, where the security protocols requested from the bank were answered correctly, so the transaction for the bank is a legitimate transfer.
But what happened ???
According to the bank's investigators, the safest thing is that a cyber criminal has stolen the access credentials and the coordinate card for special transactions.
But how did this happen?
In order to know what happened there, it is necessary to answer some questions:
1. Did someone other than him have the password to the account?
2. Did you enter the bank account from different computers?
3. You have shared personal information with unknown persons or on untrustworthy internet sites.
4. What security method for transaction transactions does the bank have?
5. Where were the security responses stored?
My friend's responses were:
1. No.
2. No.
3) No.
4. Key card
5. On the personal computer.
Although my friend was careful to neither disseminate his password, nor use other equipment to access his account, he has not given relevant information to any place or person in the last 2 months, in turn, he has a validation mechanism of random alphanumeric and safe for operations, complying with everything that they normally tell us to avoid fraud.
If the culprit of this fraud was not due to his carelessness, who is the culprit?
Well, the culprit is the computer, which for so many years has been your companion and confidant in everything, from the sites you visit on the web to the place where you keep all your important information (just as we all do)
But how is the computer going to do? Not that he had a mind of his own.
Well it turns out that after a detailed review of the computer it was observed that there is a Malware on the computer, specifically a Spyware, that is, a spy.
Like a Spyware, what is that?
Well, it is a Malware, that is to say a malicious file, but spy-like, that is, it is installed on the computer and stealthily supervises and copies everything that it writes, uploads, downloads and stores. Some strains of spyware are also capable of activating cameras and microphones to see and hear you without your noticing.
Through this spyware, the criminals copied the access code, the user and the bank security card since it was in a folder that said "Personal documents", adding that they had a record where each time he entered the bank account opened said folder. So they could know where to look.
How did spyware get onto your computer?
Well in the mail where they notify you that I won the lottery (a lottery that I had never bought or registered), when downloading the data sheet, not only did the sheet download but also in the background the spyware was invisibly downloaded.
Unfortunately there are many cybercriminals who take advantage of people's innocence by sending mail not only that you won the lottery, travel, inheritance, among others. Many open the mail and since the forms do not give information that is considered sensitive (identification number, bank account or address), we do not see any danger, many of us say that we lose, they only ask for the name and a number, what if it is true and I lose the offer ??? And well so we fall into downloading the file and opening the door wide to the criminals.
But how is that going to be, if I'm not someone famous or politically interested in having a spy installed on my computer?
Well the answer is a bit disappointing, cyber criminals send this type of email to many, many people, just to hunt down the unwary.
And how do you avoid falling into these traps?
I would recommend a few simple things:
1. Have an antimalware (it is the same as antivirus but antimalware is its modern name)
2. DO NOT open emails that do not know where it comes from.
3. DO NOT download files from unreliable emails.
4. DO NOT access open internet networks to make banking transactions since there they can also inject malware (remember there is nothing for free)
5. Do not save bank passwords in search engines, that is, explorer, mozilla or google.
6. If you are going to carry out a bank transaction, it is recommended that you do it in any of the search engines but incognito mode, thus ensuring that the data is not saved by the search engine.
Greetings, I hope my friend's story is useful to you.
If you liked the subject, give your opinion, and if it has happened before, tell me about your experience, please.
By the way do they know that it is phishing or identity theft ??? Do you want me to tell you what it is?
Greetings
Welcome to read.cash...!!!! I have a friend who takes very seriously the issue of her digital life and the virtual world lends itself to many things that can harm a person socially and financially; it is important to take into account the recommendations you offer us ...! I am attentive to your publications...!!!!