In recent days, the media has reported about . Criminals boasted that they had a database of millions of logins and passwords – and quite fresh, because specialists identified information from this year in a set of 4.5 million records. Cybercriminals gathered in one gigantic database login data for such websites as Facebook, Allegro, gov.pl, Onet and WP e-mail accounts, x-kom and Morele stores, as well as mBank and ING banks.
Cybercriminals often act blindly. But not always
Many Internet users are unaware of the full threat of data leakage. The fact that such a leak can be dangerous was discovered by a Gazeta.pl reader who contacted the Next editorial office to warn others.
It all started with a simple message on Messenger sent by a friend. – We gossiped, talked about our plans for the weekend and holidays. It was a completely normal conversation “about everything and nothing”, which we had many times before – said the reader of Gazeta.pl. The exchange of correspondence lasted a day or two. Interestingly, there were often references to earlier conversations in the conversation. Finally, a question arose, which had already been discussed between women before – about a loan.
This did not surprise me at all, because I had lent money to this person before. The amount didn’t seem too high to me either, so I transferred the funds
– admits the reader.
Gazeta.pl’s interlocutor was not even surprised by the new account number sent by her friend – she simply stated that she preferred to transfer her money to another bank this time. The woman forgot about the case, until she finally realized that her friend had been silent for longer than before. She contacted her on Facebook but got no response.
I grabbed the handset. I asked why he didn’t reply. And why doesn’t he return the money. I heard ‘What loan?’. And after a while I realized that I had not talked to a friend via Messenger earlier, but to a scammer
she said.
After a short conversation, it turned out that the Reader’s friend had actually been unable to access her Facebook for some time. Before she could do anything about it, however, it turned out that someone asked for money on her behalf. The women realized that this someone was well prepared for the attack. He read all the conversations, remembered many facts from the lives of both women, which is why he impersonated one of them so well. The reader quickly realized that her friend had been targeted by a hacker who had taken over her password. And because she wasn’t using 2-Step Verification, she had no chance to react to the account takeover.
We both reported it to the police. To my great surprise, we met not only with indifference, but also with an attempt to convince us that we had an appointment. That we are trying to defraud the bank, extort money from it. The police officer was very displeased with the fact that first I sent the transfer of my own free will, and now I want something from him. He said the conversation we printed out looked perfectly normal, that we were just talking to each other and now we’re lying
– says Gazeta.pl reader.
Ultimately, the perpetrator of the Facebook hack (and possibly the email account) was not detected, and the money was never recovered. And it turns out that the reader’s losses could be much greater.
I lost PLN 2,000, but I could have lost more. If this person asked me for PLN 5,000 or PLN 10,000, I would transfer the funds without batting an eyelid. I’ve lent her much more money before, and she’s always given it back without a problem. Now I know you can’t rely on the news for this kind of thing
the woman concludes.
Criminals often act “in the dark”
Criminals most often do not choose their victims intentionally, acting en masse by sending mass messages. The targets are those whose data has been leaked to the Internet. They often try to convince recipients to perform a specific action – e.g. make an additional payment to receive a package. They assume that among millions of recipients there will be someone who is actually waiting for the parcel and does not read the message carefully. Such “ideal victims” respond to the links or text messages sent, providing their credit card number and bank login details, without thinking too much about the consequences. False information about the need to unblock an account – bank account, social networking site, VOD service – works on the same principle. There are thousands of variants, criminals simply hope that someone will react to the scenario they invented.
As you can see, data leakage can be dangerous. It may happen that we come across a criminal who meticulously prepares for an attack. When it comes to money, it is better to never take shortcuts, and it is worth securing accounts and passwords. Do not use the same password for several services, change passwords frequently, and use two-factor authentication whenever possible.
Source: Gazeta
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
