Expert tips to not fall for virtual scams – Tecnologia

A person working on a notebook
Cybercrime has grown more and more through social networks; It is important to have security measures in place to avoid scams (Photo: Reproduction/Freestocks)

With new cyber scams popping up every day, netizens face the challenge of staying protected. Two-factor authentication, and different passwords, are some of the practices that can be adopted.

Recently, the number of hacked or cloned personal files has increased, not only with the aim of stealing personal data, but also to make people close to them victims. For Rafael Bastos, technology consultant and founder of rea31 Hackerspace, the best way to avoid falling for virtual scams is to always be suspicious of suspicious actions.

Bastos points out that if a relative or friend sends a letter asking to borrow money, ask to pay a bill, or something similar, it is important to contact the person and confirm this information.

“One time a cousin of mine sent me a message on Instagram asking me for money, I doubted and called him,” he says. Bastos says that when he called his cousin, he mentioned that he had not asked for any money through letters.

The consultant warns that this is a very common practice in the digital environment. “Sometimes someone gets a weak password or a password that has already been leaked in a database, or even a password reuse habit, and this kind of problem happens. The person doesn’t even know that the profile has been hacked and that profile is being used for a coup, A real profile,” he points out.

In social networks where we maintain closer contacts, such as WhatsApp, it is also important that you have this type of distrust. It highlights “Croaks send a link by text message and the person clicks. When the person clicks, it authorizes the WhatsApp application of another person, the fraudster, who has access. Many hijackings in WhatsApp, Twitter, Instagram, and Facebook are done in this way.”

The expert also warns of scams where criminals try to clone personal files. The person downloads all the photos, posts them all with the same description, in the same order, adds friends and says, “Look, I had a problem with my old profile, I made a new one.”

From this point, the scammers start behaving like the real user and with this they start applying the scams.

“If the profile has 200 followers, you think it’s a real profile. If someone sends you a message with two or three followers, you’re suspicious, but if you know the person, they have 300 followers, they created a new profile and to delete the old one?” If you don’t confirm with the person otherwise, you may be cheated,” he points out.

Bastos also explains that the best way to avoid these scams is to always contact the person. He points out that reporting via WhatsApp is not the best option, as the network can also be cloned. He points out that “the connection can help the person, maybe they are hacked and don’t know.”

The expert recommends that digital passwords should be changed every 3 to 8 months, preferably not repeatedly, in order to prevent you from being invaded by your networks.

“A person can also use a password manager, like Lastpass, 1Password, software that keeps your passwords in a secure vault, you just need to know the password for that vault and change it every three months. And other passwords that you don’t even need until you know, You can create 60 to 70 characters and copy and paste them every time you need to access a service. That’s what I do and I recommend it,” he advises. “The best password is the one you don’t even know.”

Raphael also refers to MFA, in free translation, multi-factor authentication, which most social networks adopt today. With these security means, when you try to sign in to a service, networks ask for confirmation via SMS.

Additionally, it also highlights apps that generate random passwords for each access. “Google Authentator, for example, generates a six-digit password that you have to enter this code every time you use the service. Using authentication is almost mandatory, and there is no way not to use it nowadays,” he warns.

The expert points out that email for each service can be quite complex, but categorizing between personal email and professional email is essential. “You have a public email and login email to other accounts like Twitter and Instagram and people won’t know what the public login email is,” he explains.

Leave a Comment