The EaPConnect project has contributed to the GÉANT Cybersecurity Month 2022 campaign ‘A Community of Cyber Heroes‘ with very informative content such as the article by Ecaterina Matenco, Cybersecurity Officer at RENAM, the National Research and Education Network of Moldova.
The article focuses on cybersecurity threats faced by common users, as well as the basic rules for protecting such users from cyber-attacks and cyber fraud.
Cybersecurity incident statistics, recorded and processed by the MD-CERT (Computer Emergency Response Team) from RENAM over the past year include:
- 69% Copyright infringement
- 15% Cryptocurrency investment scam
- 8% Phishing
- 3% DDoS attack
- 2% Malware
- 2% SPAM
- 1% Other
Let’s analyse the first three types of incidents and their impact on common users.
Copyright infringement
At a first glance, it is not clear how this type of incident affects the common user, as copyright infringement issues affect mostly corporations, companies and authors. Why is the common user involved here? Every time we download any unlicensed software, we cannot be sure that we are not downloading some kind of malicious program on our computers at the same time. In other words, by using cracked software, we all become more vulnerable to different types of fraud.
What to do?
We must have a reasonable approach to software downloads. First, we need to ask ourselves if we really need paid for software. It might be possible to replace it with a free version or equivalent. Should we require a paid for version, we need to think about how often we will use it. In case of single use, we can start by downloading a free trial version, always paying close attention to the terms of use. If the software is required on a regular basis, it’s recommended to ask our organisation to purchase it. If planning to purchase such software for personal use, then we recommend evaluating existing discounts for students and teachers, for example, many vendors have free offers for software for education.
Cryptocurrency investment scam
Cryptocurrencies have become very popular, many want to invest in cryptocurrencies, but often fall into the trap of scammers.
What to do?
We need to approach this investment with a cool head, trying not to succumb to aggressive marketing. Let’s do our own market research, study first — invest later. Download applications only from official platforms and, of course, be careful with offers that are far too tempting (such a pyramid schemes), as well as with recommendations from people who appear knowledgeable. Never invest funds allocated for essential needs! Remember that any investment can be completely lost.
Phishing
This type of attack has been used by scammers for decades, but hasn’t yet lost its relevance. Probably, each of us received a message by e-mail (or instant messages) asking for help in withdrawing money from the country for a fee — this is a type of phishing attack. The purpose of this attack is to gain access to sensitive data. Fraudsters will offer the most favourable conditions, quick earnings, or vice versa, often using scaremongering tactics.
What to do?
Try not to open suspicious emails and not to follow suspicious links. Pay attention not only to URLs and website names, but also to the certificates before entering any sensitive data: make sure that the ‘Site information’ shows that the connection is secure (click on the padlock icon in the left side of the website address).
The goal of all scammers is to make money from you. Therefore, be extremely careful when it comes to money and your sensitive data. If you do not take responsibility for your own safety, then no one will be able to protect you.
For more information about Cybersecurity Month 2022, visit: https://connect.geant.org/csm2022
About the author
Ecaterina Matenco is a Cybersecurity Officer at Research and Educational Networking Association of Moldova (RENAM), member of the Computer Emergency Response Team (CERT), and since September 2018 she has been involved in the EU-funded EaPConnect project. She also has been involved in the GN4-3 project as security software developer since 2019.
Ecaterina received her master degree in applied computer science from Moldova State University, Chisinau in 2021. She is an author and/or co-author of several of scientific and popular science publications in the cybersecurity field.