Cybercriminals are constantly refining their strategies. They abandon spontaneous actions and develop complex schemes that take into account the individual characteristics of potential victims. They begin collecting information about the victim from open sources — social media and other publicly accessible platforms — and then use this data for personalized attacks.
Essentially, the attacker learns about the victim's private life through publicly available content. Social engineering techniques help cybercriminals fill gaps in their data collection. For example, under the guise of conducting official surveys and research, scammers obtain data on potential victims. They then analyze it and develop a customized cyberattack scenario.
According to bank, 10,000 people have completed training at one of these online institutions on the darknet. The course lasts seven weeks and culminates in exams.
Recently, fraudulent call centers have increasingly recruited callers with knowledge of various foreign languages. However, these "callers" don't require any other specialized knowledge to work — just the ability to follow standard scripts and gain trust.
(c) Source
Essentially, the attacker learns about the victim's private life through publicly available content. Social engineering techniques help cybercriminals fill gaps in their data collection. For example, under the guise of conducting official surveys and research, scammers obtain data on potential victims. They then analyze it and develop a customized cyberattack scenario.
Where do they teach social engineering techniques?
Fraud is an entire shadow industry with numerous specializations. Hackers are trained at shadow "universities," where they learn methods for extracting personal and financial data. The instructions contain ready-made scenarios, manipulation techniques, and psychological warfare. The "training materials" include scripts for phone conversations, phishing email templates, and much more.According to bank, 10,000 people have completed training at one of these online institutions on the darknet. The course lasts seven weeks and culminates in exams.
Recently, fraudulent call centers have increasingly recruited callers with knowledge of various foreign languages. However, these "callers" don't require any other specialized knowledge to work — just the ability to follow standard scripts and gain trust.
How to protect yourself?
To minimize the risk of becoming a victim of a targeted cyberattack, it is important to follow these guidelines:- Verify incoming information. Don't trust calls or emails, especially those with urgent requests.
- Don't fall for overly tempting offers or deal terms; be skeptical. Scammers often promise mountains of gold in exchange for your personal information.
- For online services, create separate accounts using alternative email addresses and phone numbers. These "digital doubles" will help you separate your real identity from your online activity.
- Don't share your personal information or financial data on social media. Review your account privacy settings to limit access to your information.
- If you receive suspicious requests, do not click on any links in the message. Contact the organization directly using the information on its official website.
- Enable multi-factor authentication on your accounts. This will make it more difficult to access your data even if your password is compromised.
- Scammers may try to force you to act quickly by creating a sense of urgency. Don't rush into making a decision.
- Install reliable antivirus software on your device to protect it from malware.
- Learn about common scams and social engineering techniques. Knowing cybercriminal tricks will give you confidence and help you recognize threats faster.
(c) Source
