Cybercriminals have new methods of operation. How to defend yourself against them?

The Scientific and Academic Computer Network (NASK) and the CERT Polska team warn against a new wave of phishing attacks on the Polish Internet. This time, fraudsters are even trying to impersonate representatives of the police and international law enforcement agencies, such as Interpol or Europo! But this is not the only new method. We tell you how to defend yourself against this type of attacks.

Beware of suspicious emails

According to experts, e-mails are currently being sent on a large scale on the Polish Internet, containing information about a problem with receiving incoming messages. This is one of the newest ways in which cybercriminals try to persuade their victims to click on the link contained in such a message.

After clicking on such a link, the user is redirected to a crafted page that supposedly solves the problem with receiving new messages. In fact, it is an attempt to extort sensitive personal data that will be used by fraudsters to commit further crimes.

– In fact, the user is on a malicious website containing a fake email login panel. Login details completed on such a website fall into the hands of criminals and can be used to take over your email account and use it for other malicious activities. – experts explain.

How to defend yourself against cybercriminals?

To make life more difficult for online fraudsters, you should first of all – if the service provider offers such an option – activate two-step verification of access to a given online profile. This is currently one of the basic methods of protection against cybercriminals, which very often prevents unauthorized access to private online accounts (not only e-mail accounts, but also e.g. on social networking sites).

The second basic rule of online health and safety is the mandatory verification of the address leading to a suspicious website. Nowadays, web browsers try to do this instead of the user and often inform us that we are trying to enter a dangerous website, but the principle of limited trust will work better here than any security measures in the software itself.

– Pay attention to the email address of the sender of the message. Please remember that a correct address does not constitute absolute confirmation that you are not dealing with fraud. However, a private address, completely unrelated to the institution the sender is impersonating, is an obvious warning signal. – explain experts from the CERT Polska team.

The online way to “be a policeman”

Experts from NASK informed about online criminals impersonating the police and representatives of Europol and Interpol. There have been reports of emails with attached PDF files that attempt to mimic court and police documents. Their content is constructed in such a way as to arouse concern among recipients and thus encourage them to download and open such an attachment.

The recipient of the message most often finds out that they are threatened by, among others: serious financial penalties, placement on the sex offenders' list, or even arrest. Sending a reply to such an e-mail results in receiving a message stating that the fastest and effective way to avoid criminal liability will be to transfer an appropriate amount of money to the alleged law enforcement authorities.

Note: false information usually includes a false stamp and signature of the acting police chief, Marek Boroń.

As you can see, the audacity of cybercriminals knows no limits, which is why experts once again appeal to Internet users to take all possible security measures.