Skip to content
Front Page: NCSC-FI
Front Page: NCSC-FI
Go to SearchSearch
English
Menu

National Cyber Security Centre's weekly review – 31/2024

Information security now!

Published

This week we are covering topics such as loan scams and how tax refunds due in the autumn are also of interest to criminals.

TLP:CLEAR

Topics covered in this week’s review

  • Several reports of loan scams during the summer months
  • Bank details also being sought over the phone – police investigate large-scale scams in Finland and abroad
  • Tax refunds get the scammers going again
  • The grass is greener on this side of the fence – See you at Assembly 1–4 August.
Kuva osoittaa neljä eri esimerkkiä, mitä seurauksia voi olla tietovuodolla.
The consequences of a data leak fraud e.g. shopping on victims' bills hijacking user accounts e.g. impersonating a victim, spreading scams, new breaches exploiting sensitive information e.g. extortion, bullying and other harassment breaking into a bank account e.g. stealing money or money laundering

Instructions

* Always check the company granting the loan carefully and make sure of its legality and conditions before taking out a loan.
* If you receive a dubious call about a loan, you can always verify the matter using the official contact details of the company granting the loan.
* Do not disclose your personal data to an unknown party.

If you have been scammed, proceed as follows:

* Contact your bank.
* Report the offence to the police

My personal data has been stolen or leaked – Checklist. (External link)

Bank details also being sought over the phone – police investigate large-scale scams in Finland and abroad

Police warning (External link) scam calls phishing for personal and bank details. The Eastern Finland Police are investigating a large-scale scam in which criminals try to obtain the victim's personal and bank details or online banking credentials over the phone. They may also try to persuade the victim to accept credit transfers through their own online bank.

Earlier, Europol reported a case in which law enforcement authorities in Spain and Portugal arrested 54 people responsible for crimes against elderly citizens. The criminals had used scam phone calls and social engineering. The criminal, posing as a bank employee, contacted victims and assured them that there was a problem with their bank account. The personal information obtained from the call was shared with other members of the criminal network who then turned up on the victims' doorsteps. The scammers managed to get hold of the victims’ debit or credit cards and their PIN codes, as well as their online banking credentials. In some cases, criminals also broke into the victim's homes to steal cash and valuables such as jewellery. To date, there have been at least 84 victims and, according to Europol, (External link) the financial benefit to the criminals has been about EUR 2,500,000.

Similar cases have also been found elsewhere in Europe, and are now emerging in Finland. The theme is slightly different, but the crime always starts with a scam phone call. In the Finnish cases, the scammers are not known to have physically approached the victims.

Tax refunds get the scammers going again

Tax refund season often wakes up scammers, as it is indeed doing this time. The authorities have been following scams in the name of the Tax Administration for years, and the content of the messages has remained almost the same for a long time. Many scams have been reported to the National Cyber Security Centre, enticing people to visit a phishing site posing as a login service. The victim may think they are logging into the Tax Administration's service with their online banking credentials, but in fact the bank details entered on the fake page end up in the hands of a criminal. With a hijacked bank ID, the scammer can access the victim's online bank account.

Scammers who phish for bank codes use all sorts of methods to defraud you: fraudulent messages can come via SMS or email with PDF attachments, on anything from tax refunds to messages from the police. This week has seen a particularly high number of VAT refund scam messages: “You have overpaid VAT for Q1 2023. You are entitled to a VAT refund.” Who wouldn't be delighted by messages with the headlines "Good news about your tax refund – All information here” or "Your tax refund is secure – Confirmation and details". But the scammer’s assurances about the security of their own messages are not true. The credible-looking scam messages vary in font and the official-looking PDF attachments are enhanced with authentic-looking Tax Administration logos.

So far, nothing directly harmful has been found in the PDF attachments to the emails, so there is no known harm from opening the attachment. However, the links in the attachments do not lead to the Tax Administration's service, but to a website that harvests bank codes. If you have mistakenly entered your bank details on a phishing page, please contact your bank as soon as possible and let them know.

Tietojenkalastelu vuosikello
Criminals follow the rhythms of the rest of society. Scams and phishing Black Friday and Christmas bring parcel-themed scams and bogus online shops Also scams at the end of the year on the pretext of tax refunds Invoicing fraud increases during the holiday season

The grass is greener on this side of the fence – See you at Assembly 1–4 August

Scifi-henkinen tekoälyllä generoitu kuva rehevästä, metsäisestä laaksosta, jonka yllä leijuu kasvien peittämä pallomainen rakennus. Teksti: Ruoho on vihreämpää aidan tällä puolella (osasto 6D11). Kuvassa myös Traficomin Kyberturvallisuuskeskuksen ja Keskusrikospoliisin logot sekä Co-funded by European Union -tunnus.
Stand 6D11 The grass is greener on this side of the fence

Traficom's National Cyber Security Centre and the National Bureau of Investigation will be represented at the Assembly gaming event at Helsinki Exhibition Centre on 1–4 August 2024.

Criminals and fraudsters are after the knowledge and skills of enthusiasts of the gaming world. We also want to remind you that there are limits to experimentation and hacking that should not be crossed. The grass is actually greener on this side of the fence! You can come to our stand 6d11 to meet representatives of the National Cyber Security Centre and the National Bureau of Investigation and ask any questions you may have about information security and hacking.

You are also welcome to play Neuron Race: you can challenge YouTuber Herbalist on Saturday at 3:15 PM! In addition, the Test Server's Young Hacker Community and the EU's Cyber Citizen project have produced games that provide an introduction to the nuts and bolts of hacking and to information security.

For example, our presentations will feature white hat hackers explaining what ethical hacking is and how to get involved. We provide security tips for young people and parents, and explain how to turn a hobby into a career in programming and gaming.

Cybercrime Exit (External link) is an EU co-founded project aimed at preventing cybercrime among young people. The target group is young people aged around 12–25 who have committed or are at risk of committing serious cybercrime. You can seek out the activity yourself or be guided there by professionals. Interest in cyber is a great thing and we need experts in the field. The project aims not only to raise awareness about recognising legal and illegal online activity, but also to encourage young people to develop their skills in legal alternatives.

Seminar programme at the Content Stage 
Thu 7:00–10:00 PM. From hobby to profession – The hows and whys of software and cyber
Fri 1:30–2:30 PM. Don't take a hit! - Security tips for gaming 
Sat 11:30 AM–12:15 PM. Ask anything about information security – tips for parents of children and young people 
Sat 2:15–2:50 PM. The grass is greener on this side of the fence - white hat hackers on stage 
Sat 2:50–3:00 PM. Why is ethical hacking worth it?

Recently reported scams

In this summary, we provide information about scams reported to NCSC-FI during the past week.