By Ecaterina Matenco, Cybersecurity Officer at the Research and Educational Networking Association of Moldova (RENAM)
In the last year, RENAM, the national research and education network of Moldova detected a large number of cyber attacks and threats. This article focuses on cybersecurity threats faced by common users, as well as the basic rules for protecting users from cyber-attacks and cyber fraud.
Cybersecurity incident statistics, recorded and processed by the MD-CERT (Computer Emergency Response Team) from RENAM over the past year include:
- 69% Copyright infringement
- 15% Cryptocurrency investment scam
- 8% Phishing
- 3% DDoS attack
- 2% Malware
- 2% SPAM
- 1% Other
Let’s analyse the first three types of incidents and their impact on common users.
At a first glance, it is not clear how this type of incident affects the common user, as copyright infringement issues affect mostly corporations, companies and authors. Why is the common user involved here? Every time we download any unlicensed software, we cannot be sure that we are not downloading some kind of malicious program on our computers at the same time. In other words, by using cracked software, we all become more vulnerable to different types of fraud.
What to do?
Cryptocurrency investment scam
Cryptocurrencies have become very popular, many want to invest in cryptocurrencies, but often fall into the trap of scammers.
What to do?
We need to approach this investment with a cool head, trying not to succumb to aggressive marketing. Let’s do our own market research, study first — invest later. Download applications only from official platforms and, of course, be careful with offers that are far too tempting (such a pyramid schemes), as well as with recommendations from people who appear knowledgeable. Never invest funds allocated for essential needs! Remember that any investment can be completely lost.
This type of attack has been used by scammers for decades, but hasn’t yet lost its relevance. Probably, each of us received a message by e-mail (or instant messages) asking for help in withdrawing money from the country for a fee — this is a type of phishing attack. The purpose of this attack is to gain access to sensitive data. Fraudsters will offer the most favourable conditions, quick earnings, or vice versa, often using scaremongering tactics.
What to do?
Try not to open suspicious emails and not to follow suspicious links. Pay attention not only to URLs and website names, but also to the certificates before entering any sensitive data: make sure that the ‘Site information’ shows that the connection is secure (click on the padlock icon in the left side of the website address).
The goal of all scammers is to make money from you. Therefore, be extremely careful when it comes to money and your sensitive data. If you do not take responsibility for your own safety, then no one will be able to protect you.
About the author
Ecaterina Matenco is a Cybersecurity Officer at Research and Educational Networking Association of Moldova (RENAM), member of the Computer Emergency Response Team (CERT), and since September 2018 she has been involved in the EU-funded EaPConnect project. She also has been involved in the GN4-3 project as security software developer since 2019.
Ecaterina received her master degree in applied computer science from Moldova State University, Chisinau in 2021. She is an author and/or co-author of several of scientific and popular science publications in the cybersecurity field.
Also this year GÉANT joins the European Cyber Security Month, with the campaign 'A Community of Cyber Heroes'. Read articles from cyber security experts within our community and download resources from our awareness package on connect.geant.org/csm2022