The invisible threat: The 7 commandments to avoid falling for digital scams

In the digital age, social engineering has become one of the most dangerous tools used by cybercriminals. It’s not about sophisticated programs or complex viruses, but something more basic: human manipulation. Social engineering is the art of tricking people into revealing confidential information. Scammers take advantage of our trust, curiosity, and even our daily, constant haste to obtain data that they then use against us.

But how do cybercriminals study?

1. Social media : They’re a gold mine for cybercriminals. They scan our posts, photos, and the information we share to learn more about us. A post about our vacation can tell them when we’re not home, or a comment about our bank can give them clues about where our accounts are. So, you know: your activities or your public complaint are gaining them attention.
2. Phishing : This is the most common method. Scammers send emails, mentions on social media, or send text messages that appear legitimate, imitating our bank, fintech, or credit card company. Their goal is to trick us into revealing personal information like passwords or card numbers.
3. Reverse engineering : Some criminals go further and may call our service provider pretending to be us to gain access to our accounts.

How to take care of ourselves? The Seven Commandments.

Now that we know how scammers work, let’s look at how to protect ourselves. Here are some practical tips:

1. Limit information on social media : Don’t share excessive details about your personal life. Avoid posting your address, phone number, or even information about your vacation plans. Adjust your privacy settings so only your close friends can see your most sensitive information.
2. Be skeptical of unsolicited emails and messages : If you receive an email asking for personal information or offering something too good to be true, be wary. Verify the source before responding. For example, if your “bank” asks you to update your information, call the bank directly using the official number, not the one listed in the email.
3. Neither your fintech nor your bank is searched for on Google. Criminals are placing fake ads for financial institutions (which mimic the real thing but are clones used to capture passwords) at the top of the list to take advantage of the trust we have in the top results. Save the URL to your favorites or use the app!
4. Strong and varied passwords : Use strong, unique passwords for each of your accounts. If one site is hacked, criminals won’t be able to use the same password to access your other accounts. Consider using a password manager to remember all your passwords.
5. And yes: two-factor authentication (2FA). Enable two-factor authentication on your accounts. This is an extra layer of security: even if someone gets your password, they’ll need a second code, typically sent to your phone or through an app (like Google Authenticator). The more authentication factors you have, the lower the chances of someone accessing your accounts.
6. Review account statements and online activity : Stay alert for any suspicious activity on your bank, credit, and online accounts. If you notice anything unusual, report it immediately. Ideally, always receive notifications of transactions.
7. Avoid video calls from advisors from private or government entities: Be wary of contacts who send you WhatsApp messages or video calls informing you of fines or debts. Scammers use this pressure to obtain your account information. If you have any doubts, cut off and block these communications.

This isn’t over yet : methods change, and one thing we know over time is that methods change. We must be vigilant and informed. And, above all, alert. In the digital world, information is power. Be careful what you share, always verify the authenticity of information requests, and keep your accounts secure.