Cyberattacks surge: How to protect ourselves if we haven’t been targeted

In the past few days, an intense wave of cyberattacks has impacted several multinational corporations and entities, highlighting the vulnerability to digital crime. Among the major corporations affected are Telefónica, Banco Santander, Iberdrola, SnowFlake, Ticketmaster, Decathlon, and the Dirección General de Tráfico (DGT). If you are a customer of any of these entities, here are the steps to follow.

Who’s Behind It?

Preliminary investigations point to organized cyber gangs as responsible for these attacks, ruling out the involvement of foreign powers with political destabilization intentions. Experts from the Guardia Civil and National Security agencies are conducting the investigations.

The Cyber Scam Campaign Following the Cyberattacks

Following a cyberattack that exposes large amounts of personal data, a cyber scam campaign usually follows. These scams can last for months or even years and can manifest in various formats:
Phishing: Emails that appear to be from official entities, including malicious links.
Smishing: Text messages (SMS), iMessages, Telegram, Messenger, or WhatsApp pretending to have a pending package or fine.
Vishing: Phone calls and voicemail messages attempting to obtain banking information.
Pharming: Redirecting users from a legitimate website to a fake one to steal personal information.
Baiting: Using infected storage devices, such as USBs, left in public places to tempt victims to use them on their devices.
Scareware: Malicious software that tricks users into believing their computer is infected, urging them to download or buy fake cleaning software.
Pretexting: Obtaining personal information by creating a fabricated scenario (pretext) that persuades the victim to provide data.
Technical support fraud: Fake support technicians contacting victims, claiming there is a problem with their device and requesting remote access or payments to fix a nonexistent issue.

These scams often use the identity theft of the affected entities to obtain confidential data such as passwords or make fraudulent charges to bank accounts.

How Your Data Is Used After a Cyberattack

Stolen data ends up in underground markets of the Dark Web, where it is sold and reused for criminal purposes:
Money theft: Access to bank accounts and credit cards.
Identity theft: Creation of fake accounts, loan applications, or fraudulent purchases.
Spam and attacks from your devices: Using your devices to send spam and carry out mass attacks with more infected systems.
Social engineering: Psychological manipulation to facilitate new attacks.
Industrial espionage: Sale of data to competitors.
Internal cyberattack: Using employee data to force them to attack their own company or to blackmail them.

What to Do If You’re Affected

If you suspect that your data has been compromised, it is essential to contact the Spanish National Cybersecurity Institute (Incibe) for advice and take appropriate measures to protect yourself.

The recent wave of cyberattacks emphasizes the importance of being vigilant and prepared. Stay informed and take proactive measures to protect your personal information. In an increasingly digital world, cybersecurity is more crucial than ever.

Scroll to Top