Threat or Treat!

The most important aspect of information security is that those who want to abuse the subject choose their targets from both institutions and individuals. Thus, it is crucial for individuals to take precautions…

Burak Aytekin
DataBulls
4 min readOct 18, 2022

--

A plate full of different kind of cheese and some other appetizers
Photo by Lindsay Moe on Unsplash

An extraordinary incident occurred in Turkey recently. One of the biggest banks in Turkey charged its customers twice per their credit card expenses. While discussing this incident in our Whatsapp group, one of our friends mentioned that this incident can be abused by fraudsters.

Especially, phishing[1] attacks usually target people, with a lure of financial loss/gain. Two different cases happened in Turkey and England in the last months. An effort is made to gain an unfair advantage by sending SMS[2] about the HGS (Fast-Pass System which is used in Turkish highways) debt in Turkey and fraudsters sent SMSs about supporting the rising energy prices in England.

In HGS case, fraudsters sent SMSs that asked the targets to pay their debts (which were fictitious amounts) and they threaten them to initiate the enforcement proceedings if the debt is not paid. Fraudsters shared a link to conduct the payment. Of course, the payment link wasn’t related to HGS or related parties; it belonged to the fraudsters. Thus, people lost money thinking they were paying their highway toll. And in the UK case, fraudsters offered targets to support their energy bills offering them 400 cash payments. Similarly, they shared a link in the SMS. In the link, there was a form that was asking a variety of personal information and credit card information.

While discussing the bank issue in the Whatsapp group, some of us shared the common idea that fraudsters, can disguise themselves as they were from the bank and reach people to offer to cancel the erroneous transactions related to their credit card. Thus, they can use a link to get the recipient’s credit card information along with some other personal information.

These kinds of attacks usually have the following in common:

· The origin of the message is likely to be a trusted party like a service provider

· The subject of the message is usually a “threat or treat”: either you have a debt, your action can result in a debt or you’re offered a financial gain

· The message you receive includes a link to a form/web page or they ask for the information directly through the phone (or they ask you to share the information by replying to the email/SMS)

· They ask you to share financial information like a credit card number, account number, customer id, etc.

· They usually don’t address you by your name or surname (exceptions are possible)

batman disguised as a stormtrooper
Photo by Daniel K Cheung on Unsplash

It must be always kept in mind that people that organize these kinds of the scam are professionals whose job is to find ways to trick people. They usually follow the current/daily agenda and come with an offer or a threat. They use different communication channels like phone calls, emails, SMSs, etc. to reach out in a disguise.

To avoid falling into their trap, I have the following suggestions:

· Be careful about the contact information of the contacting party. For example, in the UK energy bill support case, the sender of the SMS (sender ID) seemed to be Ofgem — the energy regulator of Great Britain. In one of the corporate cases in that I was involved, the domain of the email address used for phishing was …lndustries.com which had to be …Industries.com. You see no difference, right? The first address includes the lowercase “L”, which had to be “i”[3].

· Be careful about the link that is shared in the message. It is usually like a legitimate link but it’s not. Again, in the UK case, it was “ofgem.secure-reg.com” which isn’t related to Ofgem (please DON’T VISIT the address). Always check the domain name.

· It is not usual to force/insist someone into sharing their bank details over the phone.

· If you have any suspicion about the content of the communication, reach out to the source of the information using their formal contact information to confirm the information.

· Check the warnings of the web browsers. For example, Google Chrome sometimes warns you when you’re visiting some of the websites that they may compromise information security.

Remember; the only free cheese is in the mousetrap.

[1] Phishing is a type of attack in that attackers disguise themselves as a trusted party to trick the target to take action (like clicking a link, sharing personal/financial information or conducting a payment) that could compromise their information or financial integrity.

[2] Phishing attempt to send a short message (SMS) is called smishing.

[3] The original address includes “industries”; instead, the attackers used “Lndustries”.

https://www.linkedin.com/in/burakaytekin/

More…

--

--

Burak Aytekin
DataBulls

A curious man interested in technology and (industrial) design who likes to learn from others’ experiences.