Home » Phishing

Learn how to avoid phishing or identity theft on the Internet

In an increasingly global and computerized world, Internet scams are the order of the day. The Spanish Penal Code includes a total of nine different types of cybercrime. Perhaps the most widespread is phishing or identity theft which, through fake pages or emails, manages to steal confidential information from users such as passwords, credit card numbers or bank accounts, among others. In this article we tell you how to avoid phishing with simple tips and tricks.

The phenomenon in figures: 120,000 attacks and more than 14 million euros in damages per year.
The ingenuity of hackers to get away with their crimes is advancing at an unstoppable pace: online frauds are becoming increasingly difficult to identify and the types of phishing are multiplying. According to the National Institute of Cybersecurity, some 18,000 cases of online phishing were recorded in 2014, a figure that soared to 120,000 in 2018. The data on this phenomenon in Spain are particularly alarming: according to Kaspersky Lab, our country is one of the most affected by this practice, behind Guatemala and Brazil. The most widespread phishing attack is banking, although well-known companies such as Paypal, Mapfre or Mercadona have seen their name involved in this type of online scams. Although the figures are not exact, it is estimated that the losses generated by this criminal activity are well in excess of 14 million euros per year.

How a phishing attack occurs

The procedure is always the same: by means of spam mails impersonating institutions of all kinds, cybercriminals redirect victims to fake pages where they enter confidential information that is instantly stolen. Imitations of logos and other features are becoming more and more successful, so identifying them at first glance is not as easy as it seems. With the data in their possession, cybercriminals can access their victims’ email or bank accounts and use them as they please.

Tips on how to protect yourself from phishing

The fact that phishing has become an increasingly sophisticated practice does not mean that it is impossible to detect. To protect yourself from phishing, as users, the best tool you have at your disposal is caution. Be wary of messages asking you to provide personal information; no institution asks for such information by phone or e-mail, nor does it ask you to verify your identity. Check the sender’s address and if it is, for example, your bank, it is advisable to contact them to verify the authenticity of the email.

As for the body of the email, discard those that use standard greetings without personalization or contain spelling mistakes. It is important that you do not click on links or download suspicious email attachments and be wary of messages promising gifts or special offers. Finally, make sure that the pages you access use the https security protocol, as this means that the information is sent privately and securely, and create secure passwords for your different accounts.

What to do in case you become a victim of identity theft online
You didn’t notice and… wham, you’ve been hacked! In this case, you must act immediately to minimize the consequences. The first thing to do is to call your bank to block your bank account to avoid any unwanted transactions. The second step is to report a case of phishing to the competent bodies such as the Technological Investigation Brigade of the National Police, to which you can file a complaint at a police station or online, or to the Telematic Crimes Group of the Civil Guard, also through an online form.

Finally, citizen cooperation is essential to detect this type of Internet crime. Inform the company that has been the victim of this type of cybercrime so that it can take the necessary security measures and notify other users of the situation.