An ONLINE FRAUD attack is the attack intending to trick you into revealing your most confidential and sensitive information: your personal data as name, surname, social security number, your bank account details and other sensitive information that may be used either to impersonate you in the relationship with your bank, or, sometimes, to trick you into performing online transactions.
Normally the Online Fraud attack has two components: unsolicited e-mail and visit to a website as directed in the e-mail. In this case the social engineering component is very important, the message trying to be as much persuasive as it can be. The objective is to trigger human emotions and make you either to make a donation or money transfer, or to take advantage of a bargain offer, buying valuable goods at cheap prices.
Scams: there is a consecrated name for this type of e-mail frauds where you are contacted by someone pretending to be a relative of a rich dictator from an exotic country that has just been deceased and your help is needed to cash a huge amount of money that is to be transferred to your account, or by a consultant or former top manager of a multinational that needs to “repatriate” some commissions that are “not so legal”. In this type of cases you are promised a large revenue as a percentage of the transaction but what you get in the end is your bank account emptied by the cybercriminals.
Messages that pretend to come from various entities like banks, or customs, or tax authorities, offering to you high value goods that have been confiscated or that are to be disposed, inviting you to bid for them.
Messages coming from a pretended e-tailer or retailer that is terminating the stocks offering highly discounted valuable goods. In this case the trigger is the human greed or sense of bargaining. The transaction is to be made in a fake e-commerce website, where you are tricked into making a credit card payment but you never receive the goods.
Messages pretending to come from privates that are selling their stuff (normally used computers, cars, mobile phones and tablets, luxury goods) because either they are not using them or they are in financial difficulties and desperately need cash. In this case you are given various warranties but are little by little drive into making a money transfer in a given account and, as in the previous case, you never receive the goods.
The website component is rarely imitating the legitimate pages of the entities, normally the social engineering component contained in the message is strong enough to make you make a legitimate transaction, either in a fake e-commerce (in some cases) or directly from your online banking platform.
There’s no reason to postpone training your employees
Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.