ONLINE businesses are facing increasing threats from scammers who resort to “social engineering” to get confidential or personal information, according to an expert.
Such data is then used for fraudulent purposes, according to Interior Ministry Anti-Cybercrime Directorate specialist Osama Al Salah.
The GDN reported in April that cyber criminals have been exploiting the chaos over the coronavirus disease (Covid-19) to scam people, with a noticeable spike in phishing attempts and spam messages.
However, scammers are now reportedly targeting businesses and pose a graver threat than hackers, said Mr Al Salah.
Precautions
He told business-owners during a virtual seminar, ‘Protecting commercial accounts from cyber crimes’, hosted by the Bahrain Chamber of Commerce and Industry (BCCI) yesterday that simple precautions can protect them from online criminals.
“Choose more difficult passwords, ones that are hard to guess. Some people just put their first names and their mobile numbers, or their car numbers,” he said.
“Scammers will try to find information about you to uncover the password; they are also able to guess passwords that contain up to eight numbers in less than five seconds.
“Secondly, beware of social media. Instagram does not ask for your information; be careful of any email or message you may get from a social media account asking you to verify your information by asking you to submit your username and password – these are tools used by scammers to get your login information.
“For account on Instagram, Facebook, WhatsApp you should have a two-factor authentication, which helps protect your accounts almost 100 per cent of the time.
“If someone tries to access your account you get an alert that someone just tried to login, or a code with a message that your password has been changed, asking you to use the code to verify yourself.”
The expert said the directorate had received reports that even with the two-factor authentication process scammers have found a way into people’s accounts through social engineering and manipulation, with the scammer posing as a representative from the social media platform and asking for the verification code.
He stressed that no platform or service will ask users for their verification codes or passwords and any such messages should not be responded to but reported immediately.
He also reassured people that most of the time accounts can be recovered.
Mr Al Salah also warned people about possible scams from people pretending to be from telecom companies or banks to get information from people.
One of the ruses used by scammers is when they do get access to a business account they try to contact the customers saying they have won a prize and ask them to fill out forms with personal and banking information.
Mr Al Salah also recommended that business owners talk to their employees about social engineering crimes and their impacts, adding that company-wide seminars about the topic should be held every one to three months.
Cybercrimes
Meanwhile, cybercrimes can be reported on 992, 17108108 or 17108000.
The GDN reported last month that Bahrain saw almost 5,000 cyberattacks on smartphones this year with an increase during quarantine, according to Kaspersky, a multinational cybersecurity and anti-virus provider. The firm recorded 4,940 malicious attacks on mobile users in the kingdom from January to June.
However, Kuwait reported the highest number of cyberattacks (20,000), followed by Oman (15,000) and Qatar (12,000).
The implementation of quarantine measures would account for approximately 500-1,000 monthly attacks across the region.
However, the overall dynamics showed that quarantine did not have a particular influence on the Bahrain threat landscape.
This can be explained by the fact that mobile platforms were initially made to be independent from the physical location of the user and are adjustable to different lifestyles, said the firm.
ghazi@gdn.com.bh
&uuid=(email))