The personal data of 533 million Facebook users appeared on a hacking forum on the Internet. Among them were data of nearly 2.7 million users from Poland. Leaked names, phone numbers, home addresses as well as locations, previous locations, birth dates, biographies, account creation dates, relationship status, and sometimes email addresses. The Financial Ombudsman warns that such a large information base may be used by criminals for attacks using social engineering techniques or attempts to break into other profiles or accounts, including bank accounts. What steps are worth taking?
According to the Financial Ombudsman, the data leaked a few days ago may be used as a tool for identity theft or breach of other security measures. That is why it is so important to protect personal information and react appropriately to phishing attempts. The Ombudsman already recommends taking appropriate steps and creating a habit of protecting personal data by each of us.
Remember that if an unknown person is calling you, it may be a scammer. Even if the person provides you your data in order to authenticate the contact, this data may come from a leak. We should also pay more attention to emails and SMS messages we receive from strangers – these may also contain malicious software used for fraud or theft.
Leaking email addresses can allow scammers to impersonate real organizations, including the banks where our accounts are located. The Commissioner for Human Rights draws attention to the significant risk of the theft of funds from bank accounts. In order to minimize the occurrence of this risk, it is worth checking whether the bank uses strong authentication for all possible types of activities.
One of the most common forms of attack is a message to update your confidential data. Another form of fraud is the so-called “surcharge” fraud involving the impersonation of couriers, energy companies, debt collectors, or government offices in order to persuade you to pay by clicking on a link leading to a fake payment gateway. Be vigilant if you receive such a link. It will be much safer to enter the bank’s website address in the browser yourself or to use a tab you created yourself.
The Financial Ombudsman informs that in the event of an unauthorized payment transaction, this fact should be immediately reported to the bank together with the request for a refund, and a parallel notification of the possibility of committing a crime to the nearest police unit should be submitted. In accordance with the current legal status, the bank should return the amount of the unauthorized transaction to the customer’s account no later than by the end of the business day following the finding of the unauthorized transaction or after receiving the notification from the customer. A step that is worth taking preventively today is reviewing the data we share on social media platforms. In the era of increasingly common identity theft scams, it is worth presenting your data on the web with caution. Information that is not necessary for the creation and functioning of social media profiles is best to be left offline.