Fraud and how to identify it
Online fraud appears in many forms. Cybercriminals act rather professionally and continuously come up with new ways to attempt to hoax all of us. Fraudsters may approach their victims through email messages, impersonate a police officer and call their victims or, say, create a fake website looking credible that may resemble, for example, of an online bank’s login pages.
Identity theft
If your personal data falls into the wrong hands, a criminal may attempt to use the data to steal your identity.
Identity theft means that a criminal uses another person’s identity, uses their personal data and causes harm to the victim. Identity thefts often result in financial loss: stolen information can be used for purposes such as attempting to borrow money or order goods in another person’s name. This is fraud.
Information leak
An information leak is when personal data or other confidential information may have fallen into the wrong hands. Information leaks may occur deliberately or accidentally. For example, a letter that is accidentally sent to the wrong person may be an information leak. Information leak does not always cause harm but sometimes the leaked information may be used to commit identity theft, for example.
Data breach
A data breach occurs when someone breaks into a company’s information system and steals confidential information stored on it, possibly with criminal intent.
Malicious software (malware)
Malware is software that is downloaded on the computer for criminal purposes. Your computer may be infected by malware when you download files from the internet, open email attachments or follow links on social media, for example.
Criminals can use malware to attempt to monitor what you do with your computer, to steal your online bank identifiers or carry out fraudulent transactions.
If you suspect that your device is infected by malware, do not use it for banking purposes. If necessary, ask for help to remove malware before you start using your device again.
Advance-fee scam
Advance-fee scams refer to Nigerian prince scams and their variations, among other types of fraud.
In a typical scam, the fraudsters contact their victim on social media or by email to tell that they have won or inherited large sums of money. In order to get the money, the victim should, however, pay unexpected expenses, such as customs duties, air freight charges and legal fees.
This is how you avoid advance-fee scam:
- Do not reply to emails that promise large lottery prizes, inheritances or other rewards
- Remember that no trustworthy party will give away money for free
- If you have not participated in a prize draw or lottery abroad, there is no way for you to have won
- Never send your personal information to strangers, such as bank account numbers or a copy of your passport
Fake or forged invoices
Fraudsters aim to access companies’ invoice information and to forge the account number, for example, in the invoice as to be their own number so that the paid amount is diverted to the fraudster.
To gain access to companies’ invoicing data, fraudsters use emails and phishing websites to attempt to steal employees’ Office 365 usernames and passwords. After obtaining these, the fraudster logs into the employee’s email account to send more phishing messages or keeps tabs on the employee’s email traffic.