How to keep yourself and your money safe from fraud

You probably think you are untouchable, right? That you are not among the potential victims of cybercriminals? That you would never fall for a phishing attack? That you always think soberly and wouldn’t believe a phone scammer?

Think again. As intelligent and alert as you are, you also have weaknesses that get worse when you’re overloaded with work, have an inbox with hundreds of emails, find yourself in an extreme situation, or are more distracted than usual. To err is human, and it has happened to all of us.

Cybercriminals are becoming more and more inventive and skilled in their craft, which boils down to one thing – being able to trick you into stealing your data, identity, and money.

What measures does iCard take to protect you?

We are here to provide you with financial services and peace of mind through the highest level of financial security. We protect you and your money, relying on tools and procedures of the latest generation:

• encryption algorithms
• bank-grade infrastructure
• constant monitoring
• regular external audits
• iCard mobile app security features – login with biometric data, encrypted chat, real-time transaction notifications, two-factor authentication, freezing/blocking of payment cards, etc.

Your security depends on you, too, despite everything we do as a financial institution. In the following lines, we will introduce you to the most common dangers and discuss how to protect yourself.

4 types of scams to watch out for

Cybercrime is any crime related to acquiring, illegally processing, or using computer data. Cracking the password to your email, one of your social media accounts, or your online banking account is all cybercrimes.

Let’s take a look at the most common scam attempts.

1. Phishing

Phishing is the most common threat targeting a large number of victims simultaneously. It is usually executed via email. Criminals register a fake domain to pretend to be a reputable organisation that people trust. There are typically slight differences in the organisation’s name that are noticeable only upon careful reading. Senders rely on our tendency to read quickly without checking the URL behind the links, the sender’s full email address, the correct spelling of the organisation’s name, adherence to spelling norms, and a professional tone (which never includes creating a sense of urgency and threats such as “if you don’t do X, disaster Y will occur”).

2. Spear phishing

Suppose in standard phishing, the “fisherman” casts his nets, trying to catch more fish (i.e. more people) in them. In spear phishing, he aims for one specific fish, i.e. he is pointing his spear to one recipient of the email, who is thoroughly researched through so-called social engineering. Cybercriminals collect personal and business data (name, job title, employer, email address, marital status, etc.) to create a personalised email targeted at the victim. These days, this is a relatively easy task since such information is available both on corporate sites and on social networks. The more information we disclose publicly, the more vulnerable we are to spear phishing attacks that have proven far more effective than previous ones.

3. Smishing

In so-called SMS phishing, criminals send text messages (not only standard SMS but also messages in popular chat applications) that mimic the legitimate messages we are used to receiving from trusted sources (banks, tax or health authorities, online merchants, etc.). They usually include links or images that lead to fake sites with blank fields for entering confidential data.

4. Vishing

Voice phishing (vishing) could be the next step in the cybercriminals’ evil plan. They have already obtained confidential information from their victim through emails, fake sites, or other means. However, this information proved insufficient to achieve their goal – usually to get the victim’s money. Thanks to the two-factor authentication, they need an SMS token or code to confirm the transaction they are trying to make with the victim’s payment card. That’s why they call on the phone, posing as an authorised person who should get the missing data from you.

The examples are numerous. Remember, cybercriminals can combine different tricks to get to you. A phishing attack does not exclude a phone call. Be on the lookout for various combinations of means of connection. The main goal of these people is to get to your money – sometimes directly, and other times by stealing financial information or through one more step before stealing information – gaining your trust.

Humans are the weakest link.

Remember, cybercriminals don’t hack computers, tablets, and phones. They hack people, trying to get into their minds, most often through applying social engineering techniques. Everything you love—your family, your job, or even online shopping—can be used against you if it falls into the wrong hands. It is up to you whether you will succumb to the psychological manipulation aimed at causing specific reactions that will harm you.

Fraud is not a technological issue but a socio-psychological one. You may have created the most robust password in world history, but it is all for nothing if someone tricks you into sharing it.

How to keep your data safe from cybercriminals?

Here are some practical tips that will keep you away from the dark side of your virtual life, and your digital wallet will remain intact:

• Only log in to your iCard account through the mobile app or our web banking. Do not enter your login information anywhere else or share it with anyone.

 

• Do not share authorisation codes received via a push message or otherwise with anyone, even if they claim to be our representative (they are not!).

 

• Do not trust telephone operators who ask you to share sensitive information – password and username, temporary access password, card number, PIN code, CVV/CVC security code (written on the back of the card), etc., even if they claim to be our employees (they are not!).

 

• Always use your virtual cards when shopping online. Freeze (block) them after every payment.

 

• If you receive an SMS requiring action on your part from an unknown sender posing as iCard, be careful, mainly if the message contains a hyperlink or phone number. Do not click on such links and numbers.

What if your card details are compromised?

• Stop communicating with the scammer immediately.

• Instantly freeze your cards from the app so a third party who has obtained their details can’t use them.

• Contact us via in-app chat, on our website or by phone.

Follow these simple rules, never put your critical thinking to sleep and don’t be afraid of scams. Together we can prevent them.

Haven’t discovered the security of the iCard digital wallet yet? It’s time to download the app: