In Costa Rica, a phishing campaign was detected, which is related to the municipal sector and the certified digital signature In this regard, phishing is becoming more and more common. It is a type of fraud where personal data is illegally appropriated. But how do scammers do such a cybercrime? They do this, for example, by making replicas of official sites, through emails, messages, or even calls.
Digital scammers are becoming more and more sophisticated when it comes to committing their misdeeds, so you must be more vigilant and cautious so as not to fall victim to a cyber-scam. And it is that, in the midst of the health emergency due to the pandemic, where the use of the Internet was privileged to work and study, ransomware attacks grew by 485% during 2020.
This type of crime consists of encrypting the information on your computer or telephone, which is hijacked until the affected person pays a sum of money. “The use of the Internet has expanded, not only information is moved, money is traded, and then we are using a‘ highway ’full of risks, from which we must protect ourselves,” said Raúl Rivera, an expert in cybersecurity.
In Costa Rica
In the case of Costa Rica, the level of risk was revealed by the Ministry of Science, Technology and Telecommunications, the Directorate of Digital Governance and the National CSIRT, which detected the beginning of a phishing campaign involving domain names from the sites to the municipal sector.
We must take into account that phishing occurs when a scammer pretends to be a trusted person or company in an apparent official electronic communication, usually an email or a website, to deceive and get the victim to reveal sensitive personal information such as passwords, credit card or social security information, as well as bank account numbers, among many others.
In this campaign in question, the first identified site includes, in its address, municipalidadenlinea-firmadigital, with which, as its name says, seeks to trick the user into managing their certified digital signature, as well as the alleged payment of municipal taxes.
To avoid becoming a victim of cybercrime, you can follow these tips:
• Verify that the site where you are going to enter is truly an official government site. It can be done by calling the entity by the official numbers and it can also be verified in the Official Site Validator https://sitiosoficial.gob.go.cr
• When providing personal data, ask yourself what someone wants your information for and if this is appropriate. There is no reason for someone to need your username or password to access public information.
• Do not be rushed or pressured by a request for information.
• Be careful if you are being pressured to share information or make a payment right away.
• Have an antivirus and antimalware installed on your computers to prevent infections and malware downloads.
• If you are the victim of a computer scam, you can contact the Judicial Investigation Agency’s confidential line 800-800-06-45.
• Do not answer calls or text messages from unknown numbers, or any other that seem suspicious.
• Never share your personal or financial information via email, text messages, or over the phone.
• Do not click on any link in a text message.
• Use only official sources for information. Be wary of chain letters from which the official source of the information provided is unknown.