Tenable provides tips on how to protect yourself from virtual scams during the election season

Cell phone scams are already old acquaintances and are becoming more and more elaborate. Using social engineering, a variety of manipulation techniques to obtain confidential information, cybercriminals are taking advantage of the surge in searches related to candidates, debates and election day information to launch attacks and cause headaches for voters. Often simple tactics confuse even the most careful and careful people with their personal information and passwords. A recent Forrester Consulting study commissioned by Tenable found that 18% of cyber attacks suffered by Brazilian companies were the result of social engineering.

A scam known as Phantom Hand tricks the victim into installing apps or accessing links that allow access to the device. Criminals silently access messages, e-mails and passwords to carry out banking transactions

One of the frauds already used is that which imitates an election poll. Hackers send a link to a fake survey on people’s Whatsapp, which directs them to a fictitious website. Once accessed, the victim provides access to the mobile device, and criminals steal personal information such as credit card numbers.

Social networks are also not secure. Posts with messages from candidates or with fake news can draw the attention of even the most unsuspecting, who, by accessing the content, allow criminals to infect mobile phones or computers. The most common ones deliver speeches with sensationalistic and often false titles, the so-called “clickbaits”. Before clicking, check the information on the websites of news agencies or in official press vehicles and make sure that the information is indeed true.

The links can also lead to another scam known as Phantom Hand, which tricks the victim into installing apps or accessing links that allow access to the device. Criminals silently access messages, e-mails and passwords to carry out banking transactions.

Good deeds can also hide cyber risks. Requests for monetary donations (in this period there may be criminals who take advantage of the so-called virtual crowdfunding for election campaigns) from unknown numbers or even contacts recorded in the cell phone directory are frequent and usually steal large amounts from the victim who just wants to help a loved one or from someone for reasons that are sensitive.

“Criminals do not stand still during elections. People and companies need to be careful. Reviewing everything you get online will help you avoid scams over the next few weeks. Additionally, one of the best ways to protect your accounts from hackers is to use additional security measures, such as two-factor authentication. This feature makes it much more difficult for cyber criminals to gain access,” says Filipe Pinheiro, Senior Security Engineer at Tenable.

To avoid falling for these scams, Tenable, a cyber exposure management company, has put together 10 tips to protect your devices.

1. Do not access suspicious links: Even if a relative or a dear friend sent you the link, be very careful before clicking. Whatsapp, for example, shows when a message is often shared. Avoid accessing links from these messages.

2. Get informed through official channels: Seeking information about candidates for public office is part of our role as citizens. But to make sure that you have access to true information and without the risk of hacker attacks, choose the official websites or channels of political parties and the Federal Court.

3. Attention on social networks: Since social media is one of the main channels of connection between people and politicians, it would not be surprising if some verified accounts were compromised or fake accounts were created to share scam links. Be extremely careful before accessing a social media link, especially when you’ve been tagged.

4. Grammar can save: Malicious messages often contain English errors and this may be a sign to keep clicking away.

5. Invest in a good antivirus: Antivirus programs can sometimes be a bit expensive, but they are more of a guarantee that your devices are protected. Nothing compares to the financial and time costs you will incur if a criminal gains access to your personal information.

6. Enable 2-step verification: It might sound hard and it’s true. Two ways to unlock the app can make it more difficult to attempt fraud.

7. Change logins and passwords: If you notice strange movements in your email, bank accounts, messaging apps and social networks, change your login and password immediately to avoid further damage.

8. Do not repeat passwords and use different characters: Speaking of passwords, don’t use numbers or letters from documents, dates, or names. Mix upper and lower case letters and use characters like #$%. And never repeat the same password for two or more apps or social networks.

9. Avoid connecting access to sensitive data on open or public WiFi networks: As much as possible, avoid connecting to networks that are not yours or accessing sites that require you to provide personal information. You can use the “incognito mode” function of your web browser, this will give you more security because the browser will not remember your passwords, cookies and browsing history.

10. When in doubt, consult someone you trust: Cyber ​​​​criminals use all possible means to deceive and exploit users, taking advantage of the fact that not all people are technically savvy.




social engineering


Spirit hand



what’s up

You might like it too

Monthly edition

Leave a Reply

Your email address will not be published. Required fields are marked *