One morning on WhatsApp you get a message from the head of the institution or company where you work. Pray for help. He's stuck in traffic and can't log on to the system, and he has to make a payment urgently. He begs you to do it for him and gives the information for the transaction. You enter the Internet banking and pay according to the data provided by him. Although he has never contacted you via WhatsApp before, you have no reason to doubt that the message is authentic. But it's a fraudster using new technologies and social engineering, and it's just damaged the organization. You go to the police, you report the theft. The search yields no results, and the money is irretrievably lost.
Colleagues in Infobip know – Roland Lipošinović’s stories have elements of thrillers and are read in the breath. They learn about protecting organizations and data from such attacks, which is one of his main tasks as an information security coordinator. This year as part of the EDIH Adria Roland project free four-hour training for employees of small and medium-sized enterprises and public authorities, institutions and organisations.
The first was held in mid-March at Infobip's Alpha Centauri campus in Zagreb, and the second is scheduled for Tuesday. 30 April the Infobip Quantum the Vodnjan, Istria 9A, from 9 a.m. to 1 p.m.. Take the opportunity and register yourself and colleagues today for Roland's education Modern threats to information security: What Everyone Needs to Know. Contact us by e-mail at info@edihadria.eu and we will help you with the application.
-In the digital age, information security begins and ends with employee education. Because neither the best antivirus tools nor the most expensive protection systems can completely eliminate the human factor. And that's almost always a minor mistake, inattention, miscalculation. Assailants use it extensively, Roland explains.
A moment of inattention and one wrong click trigger an avalanche that until then you thought was happening to others. But now you are the person to whom the laptop is locked or the person from whose LinkedIn profile hundreds of baits were sent. Or malware entered the organization through your account. The assailants seek ransom, otherwise they destroy important data.
Cybercriminals do not attack with weapons, but the consequences of their actions can be devastating. They play bait every day and wait. Whether or not they will receive something depends on the caution and assessment of those whom they have intended.
-Organisations are made up of individuals. If an individual is more aware, then the organization is also safer. The attackers are often from faraway countries, including other continents. Thanks to the internet, they have new opportunities and greater reach. Their intrigues and tactics are increasingly complex and difficult to identify, Roland explains.
- Recently, in a carefully directed fraud, a multinational company was damaged for $25 million. Criminals misled Hong Kong's finance department employees, pretending to communicate with him as a department director from the UK. They staged a fake video call that supposedly involved the director of finance and several other employees who were known to the victim. Technique-generated video creations deepfake they were so persuasive that the victim of the fraud – thinking that, in a virtual meeting with the finance director and other colleagues, she had followed their instructions and paid $25 million from the company’s account.
- Coming to work in the morning, the employee picked up a branded USB stick from the floor of a garage where his company has parking spaces. He thought the stick was accidentally dropped by one of his colleagues. He brought it back to the office. Undoubtedly, someone plugged him into the company's laptop and opened the door for a cyber attack with severe consequences.
Some of the fraud scenarios seen in Croatia in the past 6 months:
- You have received an SMS message from “your bank”, with a very convincing text, and a link to the page where your credit card details are requested.
- You have received an “email” about the parcel that is currently being delivered to you. In the message there is also a link to a page that asks you to enter your card details.
- Through a social network, a person you do not know addresses you, but their profile seems convincing to you. He presents himself as a consultant for a foreign company looking for employees in your city. He suggests a job interview and asks for your phone number to arrange for details.
- Through the social network, you are in contact with a person for romantic reasons. Although you have never met this person, you believe that it is love. It's been a while, but the person refuses to meet you. It misleads you about your appearance, wealth, and intentions. The goal is to get you to pay her money at some point, and then she will disappear without a trace.
Would you like to participate in one of Roland's trainings at Infobip? Registration is very simple, express your interest in info@edihadria.eu. Participation is free of charge, and the number of participants from each company and institution is not limited. Book your place today!
English 
Croatian 
Italian