This post is also available in: Português (Portuguese (Portugal))
Portal da Queixa points to digital literacy as the best weapon to fight cybercrime. Seven tips to know how to defend yourself against cyber attacks
Computer attacks have increased during the pandemic. According to the most recent data from the Office of Cybercrime of the Attorney General’s Office (PGR), cybercrime reports doubled in 2021, reaching 1,160, more than double the number of the previous year (544). The Portal da Queixa registered the same growing trend through complaints received on its platform, with more than 6,000 online scams alone last year. Digital literacy is the best weapon to fight computer crime, defends the Portal da Queixa, reinforcing some alerts to consumers to have an informed and secure presence in the digital environment.
If it is true that computer attacks have been going on for several years – with schemes that assume different modus operandis, with greater or lesser impact -, it is also true that cybercrime associated with vertiginous technological evolution is about to last. From cyberattacks aimed at government entities, banks, brands and companies, this is news that has been repeated in recent times. This year alone, which has barely begun, there were attacks on the website of the Assembly of the Republic, Grupo Impresa (SIC and Expresso), Cofina (Record, Correio da Manhã, CMTV, Sábado and Jornal de Negócios), and now to Vodafone.
Investment in cybersecurity will become a vital priority for companies, brands and organizations and, for consumers, the path pointed out by the Portal da Queixa is to build strong digital literacy. For Portugal’s largest consumer social network, being alert, informed and aware of the situation can really make all the difference. The idea is to know how to recognize dubious and fraudulent scenarios and how to act when you are a victim of a scam.
— Create secure passwords and update them regularly: having the same password for everything is an easy target. Nowadays, there are secure platforms – like Lastpass or 1password, for example – where you can save your passwords, and thus avoid always using the same one. You can also accept passwords generated by Google and save them on platforms for this purpose.
— Do not skip software updates: It only takes a few minutes, and is an important action that will allow security and privacy settings updates. It contributes not only to the safety of those who are working remotely, but also to the protection of the company of which they are a part.
— Doubtful sender, with the alert message: never open this type of message from unknown senders or numbers, especially if they invite you to open a link or share personal data. Alert messages (alleged debts, late payments, cancellation alerts) are a common practice in phishing attacks. Despite intimidating or generating curiosity, never open any suspicious links and never share personal data. In the case of emails, and as the Tax Authority warns, always confirm the sender of an email you receive and that seems dubious.
— Known brand or entity, but with a strange message: if you receive a message from a recognized entity or brand that invites you to open a link, do not open it. In the case of websites, always make sure that they are genuine and not duplicated. An easy way to check if the site is reliable and secure is to see if it has an SSL Certificate (if the site has HTTPS and a padlock in the address bar). To prove its security, hover your mouse over the link to see the complete URL, thus evaluating the reliability of the content.
— Attacks via social networks: the duplication of profiles of brands, celebrities or influencers is real and increasingly common. There are fake “Giveaways” profiles that lead people to leave their personal or credit card details on unknown platforms. There are profiles that send mass messages announcing that they were the winner or even those that offer products directly. In all of them, there is something that denounces them: as a rule, the speech is dubious, there are Portuguese errors, since the attack attempt is often made by international hackers and who always ask for credit card details or to subscribe to some platform that leads to the sharing of such information.
— Bank fraud, if you have been a victim of phishing, alert your bank: banks are already aware of fraud situations, which is why they have increasingly created security mechanisms for activating cards. However, card duplication or data loss is still an unresolved issue. If you have been a victim of phishing, immediately cancel all your cards and alert your bank about what happened.
— When in doubt, always report it and share your experience: The complaint on the Complaint Portal not only alerts the brand to what is happening but also helps other consumers to realize that they may be about to be the target of fraud. A complaint also has the power to lead the brand to think about solutions, for example, to strengthen the security of the website, among other things, so that it continues to be safe for users. Here, brands also play an important role, because when an attack happens, the first step to take is to restore credibility and show concern for the customer.
It is recalled that, even in January, the Portal da Complaint warned of an increase in complaints that denounced fake websites that used the name of the clothing brand Tiffosi, in a scheme similar to what had already happened to Stradivarius, in November last year. The latter was recently denounced again, with multiple complaints from people scammed through fake websites of the brands of the Inditex group, such as Zara, Pull&Bear, Massimo Dutti and which also include Stradivarius.
It should be noted that the last Annual Internal Security Report (RASI) already warned of cyberattacks against Portuguese critical infrastructure with the aim of “accessing classified information with political and economic value“.
The latest data from the PGR’s Cybercrime Office shows that cybercrime reports have doubled in the past year. In 2021, the increase was “even more expressive” than it had been in 2020, with 1,160 complaints received, against 544 in 2020. In 2019, there were 193.