Beware of phishing! Be careful when shopping online

Beware of phishing! Be careful when shopping online

The problem of theft committed through the use of computer technology in Belarus remains relevant.

Thus, out of 25.5 thousand cybercrimes in 2020 (by the way, in 2019 there were 10.5 thousand registered), 23.5 thousand were thefts, which accounts for more than 90% of the total.

One of the common methods of theft is phishing, the purpose of which is to obtain bank card details. The attacker, under any fraudulent pretext, forces the victim to follow a link to a fake Internet resource and enter the card number, expiration date, and CVV code there to steal this data and "clear" the bank account. Cybercriminals skillfully fake various popular Internet resources that provide services to the public and have an online payment service: online marketplaces, delivery services, retail chain websites, and so on.

The typical mechanism of action of attackers is as follows.

First, a phishing site is created, completely copying the design of the official website. For credibility, a domain name is registered that differs from the original by one or two characters.

Then, the attacker, posing as a buyer or seller, contacts the potential victim through messengers. To transfer payment for the goods, they offer to use the services of the site via a dropped link. An unsuspecting citizen follows it to the fake site and enters their bank card details into the payment service field, thereby sending them to the criminal.

– The main reason for such crimes is the carelessness of our citizens, their insufficient vigilance to operations performed on the Internet.

To avoid losing all your savings, you need to follow a few simple but very important rules.

First. If someone messages you in a messenger and offers to pay for goods by following a link, don't rush to do it! Carefully check the website's email address through search engines. A phishing resource may differ from the original by literally one or more characters. For example, instead of the official address belpost.by, you might be sent a link bellpost.be, belpost.bj, belposta.bz, bellpochta.be, etc.

Second. If an unfamiliar subscriber sent you the link, and you are firmly determined to make a deal with them, then independently find the official website of the company or enterprise through a "search engine" and use the payment service directly on the authentic resource.

Third. For online payments, get a separate bank card, without access to your main card account. By topping it up as needed, you will protect your main bank account: in case of compromise of this card, the criminal's gain will be very insignificant.