The threat landscape has evolved more than ever, as sophisticated and determined attacks are increasing financial and reputational risks. Cyber fraud is rising exponentially as the internet grows, transcending geographical and socio-economic boundaries.
India reported 52,974 cases of cybercrime in 2021, an increase of over 5 percent from 2020 (50,035 cases) and over 15 percent from 2019 (44,735 cases), as per the National Crime Records Bureau’s (NCRB) ‘Crime In India – 2021’ report. This is only expected to grow further in the coming years. In this context, robust security measures and techniques are critical to build cyber resilience.
As part of Cybersecurity Awareness month in October, Microsoft Security lists down some of the most common cyber frauds that users face today along with ways to stay protected.
“Phishing” is the most common type of attack, and it happens when an attacker contacts a user by pretending to be somebody they know or an organization they trust and tries to get them to provide personal information or open a malicious website or file. Most phishing attempts arrive via email, but they can also come via text messages, direct messages on social media, or even phone calls (called “Vishing”).
Steps to prevent phishing attacks:
1. Look carefully at messages and pay particular attention to the email address of the sender. If the message claims to be from your bank but the sender’s address is not your bank’s domain name that should be a loud warning.
2. Never open any links or attachments you weren’t expecting; even if they appear to come from somebody you trust. A link from a phishing email will take you to a site that looks very genuine but is designed to trick you into entering your personal information. If you get an attachment you weren’t expecting, don’t open it. Instead reach out to the sender, preferably via a different method like text message or phone call and confirm that the attachment is genuine before you open it.
Malware (also referred to as a “virus”) is a malicious software that can be designed to steal users’ personal data, do identity theft, use a device to quietly attack other machines, use a computer’s resources to mine cryptocurrency, along with several other malicious tasks. There are a few ways your machine can get infected with malware, but the most common ways are by opening a malicious file attachment or downloading and opening a file from an unsafe website.
Steps to prevent a malware attack
1. Be careful. Don’t open attachments or links you weren’t expecting. Be extremely thoughtful about what apps you choose to install and only install reputable apps from reputable providers. Be especially careful about downloading files or applications from torrent or file sharing sites.
2. Be current. Make sure that your operating system and applications are updated with the latest patches and fixes.
3. Be defended. Have an active, current, antimalware program running on your computer. There are also a number of third-party antivirus applications you can choose from.
Tech support scams
Another attack that we see often is the technical support scam. In this attack the scammer contacts you and tries to convince you that there is something wrong with your computer and that you should let them “fix” it for you.
The two most common ways they contact you are via fake error messages on your computer, or by calling you on the phone. If ever faced with such a situation:
1. Remember that real error messages from Microsoft, or other big tech companies, never include phone numbers for you to call them.
2. Microsoft and other legitimate tech companies will never cold call you to tell you that there’s a problem with your device. Unless you contact us first, we won’t call you to offer tech support.
3. If your screen suddenly fills with scary pop-ups, you should immediately close your browser (try pressing ALT+F4 if you can’t do it with your mouse). If you can’t close your browser, try restarting your computer.