When Norway shut down in 2020, the whole of society had to adjust and push itself on digital platforms. Scammers took advantage of the situation and new fraud methods came to the fore. We Norwegians are particularly vulnerable.
We have a high capacity to pay, we are one of the most digital societies in the world and we choose to believe in each other better. Plus, we’ve been on our own during the pandemic, which means we have to rely more on our feelings and evaluations. These feelings are cynically exploited by the perpetrators. Thorbjørn Busch, a security expert at Telenor, tells Nettavisen that social manipulation is the common denominator.
Delete the email as soon as possible
This week, nearly 150,000 fraudulent emails were sent to Telenor email clients. The emails appear to come from Telenor and Online.no, asking customers to “update payment methods” or see a “new private message”.
– These emails do not come from Telenor, although at first glance they may seem so. This is actually a classic case of bill fraud and classic phishing, where criminals are looking for your money or other sensitive information.
It’s hard to say what bypassed Telenor’s mail customers, but Bosch suspects there are significant dark numbers.
– If you’ve received such an email, you should delete the email as soon as possible – and at least don’t click on any of the links, Busch points out.
Scammers have also taken a step further and warned Telenor customers about fraudulent email scams.
– This makes everything more pessimistic. By warning of fraud in a fraudulent email, they are likely to be able to lure more people into the trap, as the message gets a false appearance of legitimacy.
Able to cheat BankID codes and one-time passwords
Busch says that previously it was easier to research scams either due to bad websites or poor Norwegian, but the scammers have become more skilled over the years. However, upon closer examination, it will be possible to see that the links do not lead to the Telenor website.
You will be asked to log into the site to update your payment information. If you follow the link, you can get to a page that can look a lot like Telenor’s. But everything you enter here will instead go to scammers – who can, for example, withdraw money from your card.
Fraudsters are also able to sneak into other sensitive information.
We have also seen cases where fraudsters have similarly been able to cheat BankID codes and other one-time passwords based on their victims, by following through in real time. The email also encourages you to “Please keep the window (SMS OTP CODE) open in your browser if receiving the code is slow”. This supports the suspicion that they are looking for a one-time password, says Bush.
One-time passwords can be used to hijack user accounts. Second, criminals can pay you for money, or cause other resentment against you, he adds.
Fortunately, the telecom giant has been able to stop many scam emails.
Fortunately, we were quickly notified of these fraudulent emails, and were able to enter the relevant fraud pages into our Nettvern security filter. As a result, Telenor customers will not be able to access fake websites, so there is also no risk of leaving private information such as passwords and credit card numbers.
Digital Anxiety Grows
In 2021, Telenor blocked 282 million fraudulent calls globally. 42 million of the calls were to Norway.
– This number is important. As the terrain becomes more difficult, threat actors must make the attack more credible and build a better scene. I’m starting to get too advanced.
Bush points out that a lot of everyday crime has shifted to digital surfaces in the past two years.
– Every day we are exposed to up to several scam attempts, in all digital channels. When our daily business on mobile or online is seen as a potential trap, it does something for people. At the same time that we are encouraged – and sometimes forced – to switch to digital solutions, there are some who in the process become more vulnerable than others, and therefore more anxious as well, notes Bush.
For some, it’s a digital anxiety.
– I think most people have felt this feeling many times. Regardless of concerns or not, my experience is that very few Norwegians “get up and nod” about the methods in place, the consequences, and the countermeasures that can be taken to guard against digital attacks, Bush adds.
Now the security expert sees the need to increase the knowledge in the society. This is no longer an optional subject, but Norwegians should study it and learn more about it.
We now see that the problem is getting worse to the point that a greater joint effort will be needed to raise the general competence of the population around digital security and fraud. Here, digital public education is the key to increasing knowledge. We see large numbers, but also very complex and targeted attacks that people are deceived.
Bush points out that the need exists in all age groups, especially the elderly.
– They were almost forced to connect to the Internet and mobile. Here you have a weak group, and we have to make sure they get a good show and good training. Additionally, we need to generate more information in other languages. This is how we reach everyone in our society, Bush concludes.
“Explorer. Unapologetic entrepreneur. Alcohol fanatic. Certified writer. Wannabe tv evangelist. Twitter fanatic. Student. Web scholar. Travel buff.”