Fraud online as legitimate businesses and agencies successfully scams people for their money Juho Jauhiainen, Security Specialist at Traficom’s National Cyber Security Center.
Scammers pretending to represent trustworthy outfits such as the national postal company Post, Microsoft and most recently the tax administration have been increasingly successful.
In recent days, criminals opened a new scam under the guise of the Finnish Taxman. Victims of the system are sent a message that a tax refund is waiting for them – and all they have to do is click on the link to get them back.
However, this link is not related to the tax office and instead urges victims to disclose identity cards and credit card information, Jauhiainen explained.
One such message seen by Yle showed the tax administration logo and color schemes. However, the Finnish text was quite cumbersome and probably an automatic translation.
They are not really from Microsoft
At the same time, a common Microsoft IT scam has plagued targets in Finland since last year
About 50 criminal complaints have been filed with the Helsinki police this year, according to the head of the city’s police cybercrime unit. Jukkapekka Risu.
In that scam, potential victims receive calls from scammers who speak broken English, falsely claiming Microsoft technical support and asking permission to remotely connect to target computers. Once the hurdle is overcome, the scammers then try to go after the victims ’money, Risu explained.
"With remote access software, the scammer darkens at some point on the device screen and then clears his account. It often takes some time to go through everything; savings and other accounts and credit cards," he said, adding that one victim lost 85,000 to such a scam at the beginning of the year.
In that case, however, these funds were successfully recovered, Risu stated.
The phone numbers used by the fraudsters are created automatically, so even people with hidden numbers can be targeted, he said.
Last year, the capital’s police department received about 1,000 complaints about Microsoft scams, according to the National Investigation Bureau’s (NBI) criminal commissioner Juha Tompuri.
In total, the criminals behind the Microsoft system have so far charged about 2.8 million euros to the victims in Finland, and this year about 200 such cases have been registered in the country, Tompuri said that he emphasized his preference for conditions. "fraud and criminals" rather than "scammers" when talking about factors.
The Microsoft scam has already passed in less than two months this year to victims with more than a million euros, Tompuri said.
"This is a professionally organized activity," he said.
The story continues after the picture.
However, he acknowledged that combating cyber predators is difficult because criminals regularly change their practices and are also in international outfits that pose challenges to traditional policing at the local level.
According to the cybersecurity center Jauhiainen, another common method used by scam users is text messaging. In one such system, victims are sent a message that appears to be coming from the Post saying that the package is on its way. If the included web link is followed, the wrong website will try to spread personal information, such as Apple ID information.
The scammers then try to get the victims to agree to billing credentials that will later appear on their phone bills, Jauhiainen said. In some cases, malware is installed on victims ’Android smartphones.
How to protect yourself
Jauhiainen stressed that people must be careful when disclosing personal information and when contacting authorities such as the tax office that are suspicious of health.
"The tax administration never sends links to people telling them where they can get their tax refunds. The tax office handles such matters only through it [secure] website," he explained.
Authorities generally do not pass on detailed sensitive information to individuals via email or web links.
The tax authority warns on its website that it will never ask its customers for personal information such as credit card or bank account information.
Contact the bank first and then the police
Helsinki police Risu said that people who find out that they have been cheated should first contact their bank and then the police – especially in that order.
The bank can see where any directed funds went and – if requested quickly enough – can be retrieved, he explained and pointed out that about half of cybercrime victims are able to get their money back.
Risu said that if scammers call saying they have IT support, people should just hang up the phone.
NBI’s Tompuri said there are a few rules of thumb to avoid becoming a victim of cybercrime.
"Don’t click on links, don’t download unknown programs, and don’t give away your information, or at least think twice before you do," he said.
"If I receive an email from a company like my bank or My Mail, I never click on the links in the message, but instead go to the company’s official website.
Jauhiainen agreed with the strategy, saying that people themselves should carefully type the addresses of websites into web browsers instead of relying on potentially questionable links.
Cybercriminals are becoming more creative in their efforts.
Recently, scammers tried to trick people with gift card offers from Tokmanni, Prisma, Elisa, Finnair and HBO Nordic. According to the Cyber Security Center, they have even used the coronavirus crisis as a means of cheating victims.
"Scammers are resourceful. In practice, they can come up with anything" Risu said.
Source: The Nordic Page