Social media giant Facebook has been accused of being exposed to a low-level hacking
forum, according to a report by Business Insider. The attack caused the leak of personal data for 533 million users’ details, including phone numbers, full names, email addresses, locations, and other information. Affected users are from 106 countries across the globe, including 32 million in the USA, 6 million in India and 11 million in the UK.
Digital privacy expert at NordVPN, Daniel Markuson commented that the information retrieved through this kind of cyberattack is a “goldmine for scammers”. He said: “We can expect to see more personalized phishing or social engineering attacks all over the world, especially as this information has been posted for free. It means that anyone with shady intentions was able to get their hands on it.”
Markuson expressed concern about the continuing trend of pandemic-related cybercrimes which have taken place over the past 12-18 months. He cited that with international vaccination roll outs taking place around the world, there could be continued opportunities for cybercriminals to take advantage.
He continued: “In March, NordVPN Teams observed that vaccine related Google searches in the United States grew by 1,900% since January. This shows that Americans are becoming increasingly anxious to get their COVID-19 vaccine and might be an easy target for hackers.
“In December, INTERPOL issued an alert to law enforcement across 194 countries, warning them to prepare for crimes revolving around COVID-19 vaccines. Investigators have also reported vaccine-related activities on the dark web.”
Using the large amount of personal information leaked from Facebook, cybercriminals are able to create convincing social engineering attacks or phishing. With this in mind, here are six top tips on how to spot a phishing email or smishing SMS:
1. Make sure you check the sender’s address / phone number. Do not trust the display name – double check.
2. Be wary of spelling and grammar mistakes, or design issues. Genuine emails from serious companies and institutions are unlikely to send out communication with bad grammar or bad designs.
3. Never download attachments you are unsure about or click on links. If the email includes a link, take a moment to hover your mouse over the link to see the destination link. Does it look legitimate? Does it contain the “https” part to indicate a secure connection? With SMS it is preferable to search for the website yourself.
4. Think about context. Is this communication something you were expecting? If not, it is potentially suspicious, especially if the offer seems too good to be true.
5. Contact the company or institution if you have any doubts. Preferably over the phone or via an alternative email address – you can always ask to confirm the legitimacy of the email.
6. Report the incident to the authorities is you notice anything unusual. Making sure they are aware will not only help you but could also help others who may be affected by the leak.
Arguably, the majority of phishing scams are easy to see but anyone can become a victim of phishing scams with an accidental click or a momentary lapse of concentration.
Cyber security software such as VPNs, antiviruses, spam filters, and firewalls can help to
prevent serious damage to your software.
Daniel Markuson is a digital privacy enthusiast and an Internet security expert at NordVPN, a leading virtual private network (VPN) provider. Daniel loves to serve up generous helpings of news, stories, and tips to help people stay private and secure.
NordVPN is the world’s most advanced VPN service provider, used by over 12 million internet users worldwide. NordVPN provides double VPN encryption, malware blocking, and Onion Over VPN. The product is very user-friendly, offers one of the best prices on the market, has over 5,000 servers in 60 countries worldwide, and is P2P friendly. One of the key features of NordVPN is zero-log policy. For more information: nordvpn.com.