Information security now!
This week we’ll cover topics such as the malware that is spreading on internet marketplaces and how associations must also invest in information security
Topics covered in this week’s review
- Malware is now spreading on internet marketplaces
- It is important for associations to invest in their information security
- Now is the time to make sure you have risk management in place
- Information Security 2025 event to be held in March again – this year’s theme: protecting the digital society
- Recently reported scams
Malware is now spreading on internet marketplaces
Scams have been running on the Tori.fi (External link) and Facebook Marketplace platforms, among others, where the seller of a product has been tricked into installing malware. In order to get a seller to install malware, a fraudulent prospective buyer asks them to download a product's delivery app from a site that resembles the official app store, but which is not the real app store.
Downloading an app from a website that falsely resembles an app store leads to malware being installed on the victim's device. The malware allows scammers to take control of their entire phone. The malware can collect sensitive data, passwords and login details from the device. The information collected can be used by a criminal to access the victim’s online bank account, for example.
According to current information, criminals have already seized around EUR 450,000 from victims.
Malicious apps can mimic real and official parcel delivery apps, such as those from Matkahuolto and Posti. In the cases so far detected, the malware specifically targets Android devices, and the sites that distribute it are disguised as the Google Play app store, for example.
The police and the NCSC-FI remind people that apps should always be downloaded from official app stores. Don't trust a link in a message or email, even if it appears to direct you to an official app store. Instead, go directly to the App Store via your device’s own app menu. Read more tips in our TTN article: Malware is now spreading on internet marketplaces – here's what to do (https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/internetin-kauppapaikoilla-leviaa-nyt-haittaohjelma-toimi-nain (External link)) (in Finnish)
Police bulletin on the matter: Avoid malware that is spreading on internet marketplaces – your money is at risk (https://poliisi.fi/-/varo-internetin-kaupankaynnissa-leviavaa-haittaohjelmaa-rahasi-ovat-vaarassa (External link)) (in Finnish)
It is important for associations to invest in their information security
There are more than 100,000 associations in Finland, according to the Finnish Patent and Registration Office (https://www.prh.fi/en/yhdistysrekisteri/statistics/numberofassociationsandreligiouscommunities.html (External link)). Many people belong to several different associations, and the data on members who are minors also includes the personal data of their guardians. Associations are among the biggest processors of personal data (https://tietosuoja.fi/mika-on-henkilotietorekisteröityä (External link)).
Associations and clubs should invest in the technical protection of their membership registers. Many associations also make use of various commercial membership registration systems. Even in these cases, it should be remembered that the responsibility for the security, access control and data protection of the registers lies with the associations.
For example, the NCSC-FI has received reports of cases where a membership register system has been used to send various phishing messages after a data breach. In many cases, the use of multi-factor authentication would probably have prevented a data breach and its immediate consequences.
If the system in place allows it, all users of the membership register should be forced to use multi-factor authentication and require a sufficiently strong password. Service users may also require the service provider to improve security if, for example, the individual service provider does not allow the introduction of multi-factor authentication in the system.
If you discover a data breach or an attempted one
- File a police report (https://poliisi.fi/en/report-a-crime (External link))
- You can also report the incident to the NCSC-FI (https://www.kyberturvallisuuskeskus.fi/en/report (External link)),
- If personal data has been accessed in the course of an attack, please report it to the Office of the Data Protection Ombudsman (https://tietosuoja.fi/en/data-breach-notification (External link)).
https://www.kyberturvallisuuskeskus.fi/en/publications/instructions-data-breach (External link)
https://www.kyberturvallisuuskeskus.fi/fi/julkaisut/pienyritysten-kyberturvallisuusopas (External link) (in Finnish)
Now is the time to make sure you have risk management in place
New EU regulation brings with it stricter requirements for organisations. The CRA, NIS2 and GDPR require risk management to be embedded in business. This is not only a legal obligation but also a significant business advantage. With risk management in place, your organisation is better protected against cyber threats. Improved reliability, in turn, ensures the continuity of your business and increases customer confidence. Start by mapping your organisation's current risk management practices and updating them to comply with EU regulations.
Read more: New EU regulation and risk management: ensure that your organisation is ready
https://kyberturvallisuuskeskus.fi/fi/toimintamme/hankkeet-ja-projektit/ohjelmistoturvallisuuden-kehittamishanke-2024-2027/eun-uusi (External link) (in Finnish)
Information Security 2025 event to be held in March again – this year’s theme: protecting the digital society
We are living in an era in which digital technologies are shaping our lives, the ways we work and our societal interactions. How well prepared are we to protect this rapidly evolving digital environment? How do we ensure that our societies and everyday lives are based on cyber-secure solutions – from the earth’s surface all the way to space? What kind of threats will we face in the next few years?
Questions like these will be discussed at the free Information Security 2025 seminar organised by Traficom and the National Emergency Supply Agency on 12 March from 9 AM to 5 PM.
Check out the programme and sign up for it at tietoturvaseminaari.fi/en
Recently reported scams
In this summary, we provide information about scams reported to the NCSC-FI during the past week.
WHAT TO DO IF YOU GET SCAMMED
- Immediately contact your bank if you have made a payment based on a scam or a criminal has gained access to your online banking service or payment card information.
- File a police report. You can file a police report online. (External link)
- You can also report the incident to the NCSC-FI.
- Instructions for victims of data leaks (External link)
Recognise online scams and protect yourself from them
ABOUT THE WEEKLY REVIEW
This is the weekly review of the National Cyber Security Centre Finland (reporting period 24–31 January 2025). The purpose of the weekly review is to share information about current cyber phenomena. The weekly review is intended for a wide audience, from cybersecurity specialists to regular citizens.