Cybercriminals target Thomas Cook customers in the wake of the company's collapse
The collapse of travel firm Thomas Cook has caused chaos for hundreds of thousands of holidaymakers around the world. But if losing out on planned trips was not bad enough, cybercriminals are taking advantage of the confused situation to scam customers out of their money.
There have been numerous reports of fraudsters pretending to be representatives of either Thomas Cook or a bank, using the promise of a refund to get people to part with bank account details.
The news is not exactly surprising. Taking advantage of a situation such as this is a common tactic in phishing attacks and other forms of cybercrime. As well as phone calls from cybercriminals, would-be victims are also being targeted via email.
In response to the targeting of Thomas Cook customers by cybercriminals, David Emm, principal security researcher at Kaspersky Lab, says: "[the] news around scammers targeting those affected by the collapse of Thomas Cook is yet another reminder of how cybercriminals are targeting all areas of our lives. Cybercriminals will stop at nothing to capitalise on opportunities to obtain valuable data from innocent people -- including personal details, payment card information and other valuable information that can be used for criminal purposes".
Kaspersky also offers advise that could help people avoid falling victim to scams. People should:
- Never give away their card information over the phone. No legitimate company would ask this of anyone. Don't disclose any information to people you have no reason to trust. Demand any caller asking for personal to verify their identification.
- Never respond to any unsolicited message or click on attachments or links: most spammers verify receipt and log responses. The more you respond, the more spam you're likely to receive.
- If an offer seems too good to be true, it probably is. So you'd better avoid it.
- Carefully look at the address bar before entering any sensitive information such as your login and password. If something is wrong with the URL (it's misspelled, doesn't look like the original or uses some special symbols instead of letters), don’t enter anything on such sites.
- Don't click on links coming from unknown sources (be it in e-mails, messengers or social networks).
- Use a security solution with behaviour-based anti-phishing technologies, such as Kaspersky Security Cloud or Kaspersky Total Security, which will warn you if you are trying to visit a phishing web page.