web analytics

CyberSkill recorded more than 500 reports in the first six months of the year

CyberSkill by CyberShield report, H1 2024

Cyber ​​Skill .ro is a project of the Cyber ​​Security Education Association ( Cyber ​​Shield ). The platform is aimed at all Internet users, regardless of age or level of technical knowledge, offering courses, reports and tools to improve the safety with which they use digital tools.

In the first six months of this year, Cyber ​​Skill .ro recorded a significant number of reported cyber security incidents. Thus, more than 524 incidents were brought to the attention of the Association's volunteers, among which:

330 smishing attempts – attacks that involve sending deceptive text messages to trick victims into providing personal or financial information.
94 vishing attempts – in this case, attackers used phone calls to obtain sensitive information from victims, pretending to be representatives of legitimate institutions or companies. The peculiarity of this year's campaigns is that the attackers in most cases had a Moldovan accent, indicating possible cross-border connections.
60 phishing attempts – attacks of this type aimed at obtaining personal data through fake e-mails and websites, designed to appear legitimate, impersonating well-known Romanian companies and institutions such as Romanian Post.
40 compromised sites – these attacks involved infiltrating and modifying legitimate sites so that they could be used to distribute malware or collect unauthorized personal and financial data.

In addition, the Association's volunteers together with White Hat Technology identified, through detailed reports, three new attack methods , still at an early stage, through which malicious actors tried to obtain personal data for use in targeted campaigns or to gain access to victims' mobile devices.

What are smishing, phishing and vishing?

Smishing is an attack method where criminals send seemingly legitimate text messages that contain links or requests for personal information. Once the victim accesses the link or provides the requested data, it can be used for fraudulent purposes.

Phishing involves using fake e-mails or websites that appear to be from trusted sources. The aim is to obtain sensitive information such as passwords, bank account details or credit card numbers. These attacks are often very well done, so that the victims do not suspect that they are being tricked.

Vishing is a technique similar to phishing, but used through phone calls. Attackers pretend to be representatives of financial institutions, telecommunications companies or other legitimate entities in order to mislead victims into divulging confidential information.

A site compromise involves the infiltration and modification of a website by attackers in order to distribute malicious software or steal the data of users accessing that site. Attackers can also redirect visitors to fake websites, created to collect sensitive information or trick victims into performing harmful actions, such as downloading malware.

Mail server compromise is an extremely serious threat that involves unauthorized access to an organization's mail servers. This allows attackers to send fraudulent emails, steal sensitive information, or monitor the organization's internal communications. Additionally, compromising an email server can lead to the rapid spread of malware across company networks, affecting not only the targeted organization, but also its partners and customers.

Generally, a campaign combines at least two attack techniques!

The risks associated with these attacks and the preventive measures

To prevent such incidents, we recommend that users adopt proactive protection measures , such as:

  1. Carefully check the sources of incoming messages: Users should be skeptical of any message that requests personal or financial information, especially if the message contains suspicious links or comes from an unknown source.
  2. Use of cybersecurity solutions: Installing and constantly updating security software can help detect and block attempted attacks before they do damage.
  3. Reporting illegal activities: through the reporting system available on CyberSkill.ro , users contribute to creating a safer digital community and preventing the spread of cyber attacks.
  4. Use Two-Factor Authentication (2FA): Users should enable two-factor authentication on important accounts to add an extra layer of security. Even if the password is compromised, attackers will not be able to access the account without the second authentication factor. Some sites even offer multiple layers of security (multiple steps) such as SMS, physical key (ex: YubiKey), OTP application (ex: Google Authenticator), email etc.
  5. Use of complex and unique passwords: Users should use strong passwords composed of a combination of upper and lower case letters, numbers and symbols, and avoid reusing the same password for multiple accounts. Unfortunately, most users use an average of 3-4 passwords, reused across all accounts. A password manager can help manage and store these passwords securely (ex: LastPass).
  6. Monitoring account activity: Users should regularly check activity in their financial and email accounts to detect any unauthorized transactions or messages and immediately report any suspicious activity to their bank or service provider.
  7. Using a Virtual Private Network (VPN): When using public Wi-Fi networks, users should use a VPN to encrypt the connection and protect data from interception. There are quite a few providers like NordVPN, SurfShark, ExpressVPN or CyberGhost that offer a good price ratio and connection stability. However, we recommend using KillSwitch regardless of the VPN app you have installed.
  8. Restricting app permissions : Users should review and restrict the permissions granted to apps on their mobile devices, ensuring that apps do not have access to more information than necessary.
  9. Implementing backup policies: We recommend regularly backing up important data to a device, either externally or in the cloud, to be able to recover information in the event of a ransomware attack or other data loss.
  10. Scrutinizing social engineering messages: Users should be skeptical of messages or calls that ask for sensitive information, especially if they come from unknown sources. It is important that they learn to recognize the manipulation techniques used by attackers to obtain confidential information. There is no getting rich overnight!

By adopting these measures, users can significantly reduce the risk of becoming victims of cyber attacks.

The Importance of Cyber ​​Security Education

Technology is part of our lives and cannot be ignored. From smart mobile phones to the mundane vacuum cleaner connected to the Internet, in one form or another they can all be devices through which a malicious actor can launch a cyber attack. Of course, the effort and resources are directly proportional to the " value " of the victim, and most of the time the values ​​are measurable in amount of data, not just in actual money.

Thus, cyber security education can no longer be ignored. With the rapid development of technology and increasing dependence on the Internet, cyber threats are becoming more diverse and sophisticated. That's why we think it's important for users to be informed and have the necessary tools to protect themselves, or as we say, a minimum of cyber security hygiene .

CyberSkill.ro meets this need through an easy-to-use platform that aims to cultivate a responsible and safe digital culture. Knowledge is the best defense against online threats.