In the middle of working hours, our colleague Monica’s phone rang. Unknown number with the Slovak phone prefix of the Orange network. After picking up, an English machine sounded on the other end of the line, which introduced itself as the Office of the Government of the Slovak Republic and asked to leave data on the bank account after a signal. At this point, Monika turned off the call and blocked the number. In the scenario, she recognized a regularly recurring fraud, which has already deprived several Slovaks of money. What others have we encountered recently, and how did we know they were fake messages?
Fraudulent emails with subject line: Your account has been compromised. Your data has been stolen. Find out how to regain access.
In such a message, several elements are immediately suspicious. The email came from a Czech domain, but the subject is in Polish and the text of the message is unknown characters. In addition, another text contains a link on which the alleged victim should click to find out what data was lost and how to get it back.
In the event that the data is indeed stolen, the report should clearly state what information is involved, where it was stored, how it’s known that the attack occurred, who discovered it, and so on. For example, if they suspect that a password has been stolen, services most often request action from you in the form of an immediate change of security features and only send you an official link to make the change. Anything else smells of fraud and it’s not advisable to click on it.
Personally-sounding messages asking for money
Who wouldn’t want a significant half to go on a work trip for 10 days and send more than 25,000 euros to your account to take care of yourself comfortably? Indeed, it’s so beautiful, it’s hard to believe. That’s why you absolutely shouldn’t believe. The strange sender as well as the web address, the amount in the Tether cryptocurrency and, in addition, the name and password directly in the message. These are all red flags that say Report, Block, Don’t Respond!
Fake Netflix
If you’ve set up automatic monthly billing directly from your card, it may happen that the payment doesn’t get through for some month. Either there’s a lack of funds in your account or you’ve changed your card and forgot to report the change to the service.
In this case, the service will really send you a message that a problem has occurred and needs to be resolved. However, instead of a suspicious link, it should contain instructions on what to do, for example saying this: Log in to your account and update your bank details. You then log in to the official service page on your regular device, where you will find an accurate description of the problem and a quick solution. This way, you can get everything in order to safely and happily continue watching your Netflix.
Couriers from Haiti
Today, courier services communicate through various channels – from SMS messages through emails to Viber. However, each of their messages must contain a specific package number, ideally with the sender, and information about the option of payment for possible cash on delivery, usually in cash or by card to the delivery man. The latter is the key, because you should always receive some form of income document for your payment.
In addition to the missing shipment identification, there is, of course, a suspicious link in this message with the .ht domain ending that belongs to Haiti. It’s very unlikely that a courier company with a branch in Slovakia would use a Haitian website… And of course, if you haven’t ordered anything and don’t expect any shipments, you don’t actually have anything to pay.
Friendly message from the police, and with an “official” summons at that.
What’s suspicious about this report was written directly by its recipient, our colleague and administrator of bartan servers, Jano:
- Mr. Hamran starts his email with a “Hello”, I think he considers me a friend.
- He respects me, but threatens me with force (police).
- It’s signed as “Dr Štefan Hamran”.
- In the text it says “I am a colonel…” and he probably wouldn’t really present himself in an official letter like that.
- When it comes to child pornography, they can infiltrate my computer, apparently without evidence.
- I’ll be interrogated by email.
- Maroš Žilinka is a specialist in cybercrime.
- I’ll be registered as a sex offender and my photo will be published in the media.
- They’re looking forward to my reasons, probably to have fun with them too.
- Grammatical and stylistic errors are a separate chapter to consider.
- And the cherry on top is the personal stamp “Štefan Hamran”, not the stamp of the police.
The official Facebook page of the Police of the Slovak Republic points out this and other frauds we have recently encountered.
Fraud with a human face
Lastly, we’d like to draw your attention to the recurring, but very difficult to detect, scam that you may encounter on social networks. Our colleague, who’d like to remain anonymous, writes about his personal experience:
I encountered this kind of scam for the first time last year when I created an Instagram profile, where I was contacted by a woman from the US. She started to follow me and text me and after a few messages, she sent me a picture from the bathroom and asked for a picture of me. At this point, I started to look for what was going on on the Internet…
The second case also happened on Instagram when a female account that looked completely normal started to follow me. The lady was going to a shooting range, so we wrote about it, and then she sent me her number and started asking for mine and for some other personal data.
And the third story that happened to me is that I was contacted by a lady who claimed that although she isn’t from Slovakia, she’s in Slovakia because she’s opening a franchise restaurant, and she needs to safely transfer certain amounts of money through my account to the next…
What these people were planning, I learned from the Internet when I was looking for information about it:
- Lure out photos and then ask for money for not publishing them.
- Create an emotional relationship (albeit remotely) and start luring money (someone close to me is in a hospital, I need help, etc.).
- Obtain personal information, phone number, email, anything that can be misused.
- Persuade someone to invest in cryptocurrencies and so on.
In such cases, it’s difficult to determine that it’s a fraud. A normal person sits on the other side of the computer, not artificial intelligence or a chat-bot. They’re trained in communication, have good grammar and speech. But they write only in English and the structure they conduct the conversation in is essentially identical with every type of fraud. Therefore, it’s enough to persevere, not to send anything, and time will certainly reveal the true character of the deceiver. Fortunately, I was careful and was able to block everything in time. But I’ve been very careful on the Internet ever since.
We advise you to do the same. Check every message or link on Google before you take any action. And don’t be intimidated. When someone asks you for something, you have the right to ask why. And if they don’t have an adequate answer, then they’re certainly not entitled to your data.
P.S. Don’t be like Nick.
