It emerged at the weekend that 533 million Facebook users’ phone numbers and personal data had been leaked in a low-level hacking forum.
According to reports, data includes full names, phone numbers, location, e-mail address, and other information. Users from 106 countries are affected – 32 million in the US, 11 million in the UK, and 6 million in India.
Goldmine for scammers
Why this is bad news during the pandemic. Daniel Markuson, digital privacy expert at NordVPN provided some insight:
“Such information is a goldmine for scammers, so we can expect to see more personalised phishing or social engineering attacks all over the world, especially as this information has been posted for free. It means that anyone with shady intentions was able to get their hands on it.
“This leak raises huge concerns, especially now. Cybercriminals exploit fears or feed on the need for urgency. We have already seen a surge in pandemic-related cybercrimes and this trend continues. Now, as countries all over the world are starting to roll out vaccination programmes, there is another opportunity for cybercriminals.”
In March, NordVPN Teams observed that vaccine-related Google searches in the US had grown by 1900% since January. This shows that Americans are becoming increasingly anxious to get their Covid-19 vaccine and might be an easy target for hackers, NordVPN reported in a press release.
In December, Interpol issued an alert to law enforcement authorities in 194 countries, warning them to prepare for crimes revolving around Covid-19 vaccines. Investigators have also reported vaccine-related activities on the dark web.
With the amount of personal information leaked from Facebook – cybercriminals can create convincing phishing or social engineering attacks.
Coronavirus news: How to protect the shepherds
How to spot a phishing e-mail or smishing SMSes, according to Markuson:
1. Check the sender’s address or telephone number. Don’t just trust the display name – pay attention to the e-mail address, telephone number, and other sender credentials.
2. Look for spelling and grammar mistakes, design issues. Serious companies and institutions don’t usually send out e-mails with bad grammar; e-mail design is usually lean and precise.
3. Don’t click on links or download attachments. If that’s an e-mail – hover your mouse over the link to see the destination link. Check if it looks legitimate and, especially, if it contains the “https” part to indicate a secure connection.
4. Consider context. Were you expecting such an e-mail or SMS? If not, it is probably suspicious, especially if the offer is too good to be true.
5. When in doubt, contact the company or institution over the phone or alternative e-mail address and ask to confirm if the e-mail is legitimate.
6. If you notice something unusual – report the incident to the authorities. Raising the alarm can help not only you, but others affected by the leak.
Everyone can become a victim of phishing scams. Although some of them are pretty obvious, others can be challenging to spot. As a prevention measure, use cyber security software such as VPNs, antiviruses, spam filters, and firewalls. – Copy issued by NordVPN