This year, #GlobalMoneyWeek2024, which is celebrated around the world, pays special attention to training new generations in practices to safely manage their finances and avoid financial fraud, such as phishing and scams in online purchases.
This annual campaign is organized by the OCDE/INFE and aims to enable young people to acquire the knowledge and skills necessary to make well-informed financial decisions throughout their lives.
In Spain, it is promoted, among others, by the Bank of Spain, the National Securities Market Commission and the Ministry of Economy, Commerce and Business, and they have a financial education portal “Finanzas Para Todos” (Finances for Everybody) with content aimed at financial education.
From Euronet Spain we join in echoing this event on our social networks and publishing articles and advice on #FinancialEducation and how to avoid #phishing and other financial scams in the digital environment as a result of social engineering.
How online fraud affects consumers and businesses
Cyber fraud or online fraud affects both people and companies alike.
- Already in 2022 in the State of Fraud in Spain 2021-2022, the financial sector was highlighted as the most affected by cyber criminals (credit card fraud in 41.8% of cases).
- In 2023, according to the Association against Fraud in Spain, 85% of consumers have faced at least one fraud attempt, and 16% have been a complete victim.
- In general (+50%) they were in amounts less than 500 euros, but in 14% of the cases, they were +5,000 euros and only 32% of the victims managed to recover their money.
- Email and SMS, with 37% in each case, are the ways ahead of the telephone (13%) most frequented by cyber fraudsters.
- The most used technique is identity theft:
- As service companies (gas, electricity, etc.) 38%
- From banks 31%
- Of people 8%
- Irrefutable offers 8%
- Telephony 6%
And just as companies and public organizations investigate how to defend themselves, cyber criminals do not stop innovating to take advantage of any gap that allows them to achieve their objective.
New ways to commit online fraud
On the of Mitek, an identity verification solutions company, there is an interesting update on this type of crim:
- Deepfake: impersonation of the person’s identity (appearance and voice) with biometric technology.
- “Mule” account: a person (“mule”) receives illegally obtained funds in his or her account and transfers them to other accounts, generally abroad, charging a sum of money for each operation.
- Vishing: the scammer calls the victim posing as a “well-known” company and asks for information or to answer a simple question so that they say “yes” and the criminal can record it so that it can be used to impersonate their identity by authorizing charges or accessing to your bank accounts.
- Ghost Students: Scammers use fraudulent bots to request and obtain tuition to study at educational institutions with which they can steal public subsidies or defraud them with the collection of loans requested for those studies.
- SIM swap: A scammer convinces a mobile phone provider to transfer the victim’s phone number to a new SIM card, allowing them to access all personal information on the device.
- Pharming: a cyberattack that redirects traffic from a website to another fake one, although apparently the same as the original, to steal personal information or install malware on the victim’s computer.
- Whaling or fraud against senior managers: the criminal imitates being a manager in the company who orders the employee to transfer money to a fraudulent account.
- Data manipulation: the criminal modifies data before entering it into a computer system that he has previously accessed thanks to privileged information.
- Pig Butchering: to prevent a single fraudulent transaction from attracting attention due to its amount, the fraudster divides it into others of smaller amounts.
- Salami Slicing: the cybercriminal takes small amounts of money from a large number of accounts and pools them into a significant sum that he transfers to another account or withdraws in one go.
What we can learn and teach to fight online fraud
What to learn
Most online fraud and phishing attacks are caused by having weak passwords or by innocently sharing personal information that makes it easy for hackers to steal it or find it thanks to our responses to calls and/or by clicking on links inserted in emails or instant messages.
Some advices:
- Create a secure password: without repeated patterns (“123”), or easily identifiable personal data (dates, names), change it periodically and never share it.
- The URLs of secure websites begin with ‘https://’ and the icon of a closed padlock is displayed in your browser.
- Look at how the links they send you from your bank or service companies are written and if there is something strange or suspicious, do not click on them.
- Never enter your bank’s website by clicking on links included in emails.
- Never share your bank details within the content of an email, mobile instant messaging (SMS or WhatsApp) or a social network (Twitter, Facebook, Instagram, etc.).
- Check first if you recognize the sender and, if in doubt, contact by another means to verify their identity and request.
- Keep the antivirus, operating system and web browsers updated on your devices.
- Regularly review the movements of your bank accounts.
How to teach
From continuous innovation, implementing increasingly sophisticated double authentication and identity verification mechanisms (multifactor, biometric) taking advantage of artificial intelligence.
From continuous training by public and private entities that facilitates employees and citizens of all ages in learning about cybersecurity and secure finances.
If you are interested, here are some related articles:
- Education in the use of money – «Children´s financial education»
- How to make safe purchases on the Internet
- How to know if a bill is fake
- How to withdraw money from an ATM safely
#EuronetFinancialEducation #GlobalMoneyWeek2024 #financialinclusion #StopPhising
