How credible police messages can be misleading
You may have already received emails or phone calls purporting to be from the police informing you that you have been fined or that your bank account has been hacked.
These e-mails are sometimes even signed by Eric Snoeck, Commissioner General of the Federal Police, Michel Goovaerts, Chief of the Brussels Capital Ixelles police zone, or by prosecutors. However, most of these are phishing emails sent by cybercriminals.
To close our #SCAM campaign, we look back at the phenomenon of "phishing" with two cyber experts: Commissioner Christophe Van Bortel of the Regional Computer Crime Unit (RCCU) of the Federal Criminal Police (PJF) of Antwerp, and Chief Inspector Tijl De Groot of the Local Computer Crime Unit (LCCU) of the Brussels CAPITAL Ixelles (POLBRU) police zone.
Commissioner Van Bortel's name has already appeared several times in such emails. "When I first saw my name in an email, my first reaction was , 'My name has been misused, this is a case of identity fraud. I'm going to have a file opened with the prosecutor's office.' However, things were not so simple. I then looked for another way to approach the phenomenon and decided to focus on awareness and prevention," explains the curator. "By the greatest of chances, I was contacted by the editorial staff of the WinWin programme on VRT (Radio 2). They asked me if it was true that the names of real police officers were sometimes misappropriated. For the TV version of the show, they were looking for different types of scams committed in the name of the police. With me, they had someone in the police who could testify to this kind of abuse. At the same time, I was able to get some messages across. So it was effectively a win-win situation for both sides. »
Despite the many awareness and prevention initiatives, many people still fall into the trap of phishers. "We don't always have a clear idea of the financial damage caused by phishing," says Chief Inspector De Groot. "The objectives of criminals can be very varied. Do they simply want to steal personal data or are they primarily looking for a sum of money? People regularly report to us that they receive e-mails apparently sent by Catherine De Bolle, Eric Snoeck or our chief of corps. Fortunately, they usually contact us before falling for it. In such a case, it is simple, all you have to do is draw up a report. »
"I've already seen someone lose a large amount of money as a result of phishing," says Christophe. "The daughter of a victim contacted me to tell me that her father had received a phishing email. In the message, the criminals demanded a sum of between 7,600 and 8,000 euros, to be paid to avoid legal proceedings, i.e. a fine. Shortly after making the payment, the father received the following message: 'It's still not settled, you now have to pay 16,000 euros to avoid being arrested'. The victim then felt that something was wrong and called her daughter. That's how they ended up coming to me. »
One wonders how these cybercriminals manage to make victims. "They send hundreds of emails. These relate to offences of which the recipient is accused, generally acts of indecency. In the email, the scammers claim that the payment of a sum is necessary to avoid a fine or legal proceedings," the commissioner continues. "Sometimes criminals tell you that your computer has been hacked, and that you have to pay if you want things to go back to normal. In the end, it's always the same story. They tell you anything hoping that you will swallow and pay. »
"In reality, it's quite simple for cybercriminals to send these kinds of emails," adds Chief Inspector De Groot. "They work with relatively cheap packages. Even if a small percentage of recipients react and fall for it, their investment easily pays off. In general, they even benefit from it, and it requires little effort. »
How to spot a phishing email?
"When I give this explanation, I always say: above all, pay close attention to the content of the message. If it gives you cold sweats, it is a sign that you should take the time to examine it carefully. Usually, you are asked to react urgently. We have to ask ourselves: What is the real situation? Where did this email come from? How can I check this with official authorities? Christophe explains. "There are easy ways to verify the authenticity of an email. If the message is from the police, call your local station. Do the same with your bank branch if the message is supposedly sent by the bank. They will be able to immediately confirm or deny this information. »
"The sender's email address can also give you a clue," Tijl adds. "However, it is no longer so easy to see from the outset whether an e-mail address is correct or not, unfortunately. The advice we used to give is to check the visible header to see if the email address matches or not is no longer relevant. The technology is so advanced that it is becoming increasingly difficult for both citizens and us to spot fake email addresses. One victim had received emails that appeared to be from their own email address. This person was therefore convinced that the cybercriminal had hacked into his company. In such a case, I would also tend to panic. In reality, these cybercriminals do not have access to your account. This is simply spoof, an identity spoof, in which the fraudster uses a fake sender address to make it look like the email is from your own address or another trusted source. Creating profiles of this type is quite simple and inexpensive.
TIP:
Check the sender's real email address by hovering over their name. The real address is then displayed. However, it is important to remain particularly vigilant: scammers also manage to create email addresses that look very similar to real real addresses, sometimes with minimal differences.
The official police email address ends in @police.belgium.eu, but we've seen phishing emails using the @poli.ce.belgium.eu domain before.
Often, the message has links that you have to click on to confirm your data. In principle, a reliable web address (URL) starts with "https". The ones starting with "http" are a little less reliable. But unfortunately, this is no longer always the case. Hovering over the address will show that the URL does not link to the website of the instance mentioned in the message. In fact, there is only one golden rule: NEVER click on the link in the message; Go directly to the official website of the organization.
"Nowadays, the simple act of opening an email can already be dangerous. In the past, it was believed that there was no harm in opening the email as long as you didn't click on the link. But now it can happen that an email contains malware," warns Tijl. "It can be in a PDF file, in an attachment or something like that. It is therefore recommended that you install a good antivirus on your computer. Just be careful: prevention is better than cure! »
Another phishing phenomenon that has emerged quite recently is recovery room fraud. In short, cybercriminals who have already taken money from you send you a new phishing email, in which they claim to have found that you have been the victim of a phishing attempt and supposedly offer to help you get your money back. In reality, they rob you even more.
What should I do if I am a victim?
People are trapped every day. Often, they do not dare to go to the local police station to file a complaint, because they are ashamed of having let themselves be duped.
"Cybercriminals abuse people's trust. But those who are fooled are not stupid," exclaim our two cyber experts. "It's not even about naivety. The victims have nothing to reproach themselves for. It is the criminals who are to blame. »
"We regret that people don't dare to file a complaint. There is therefore a black figure that escapes us. A second reason we often hear is: We're not going to file a complaint, because it won't do any good. In any case, we will never see our money again. This is not true. The political world is also paying more and more attention to this issue. Thus, banks are now obliged to reimburse the damages suffered," explains Commissioner Van Bortel. "The importance of filing a complaint is that the complaint in question may well be the missing piece of the puzzle that will allow us to dismantle a criminal organization."
"I understand that you can feel fear or shame at the idea of entering a police station, precisely because you are afraid of being tried," says Chief Inspector De Groot. "That's why citizens can file a complaint at any time via Police on Web. This can be a first step. Personally, I do not recommend it, not because it is not good, but the statements that are processed are only processed during office hours and the information we receive often proves to be insufficient. And in any case, the victim must come to see us anyway. In such situations, speed is everything. The sooner we are informed, the sooner we can take action. This is all the more true in municipalities or cities which, like my POLBRU police zone, have an LCCU: there are specialists who are able to take charge of the case immediately. Our reception staff members are aware of our existence. We also give them advice and explain to our police officers how to properly register a complaint, among other things. Smaller police zones, which do not have an LCCU, transmit their information to an RCCU, like Christophe's, which then processes it. »
"I would like to add that if you have made a transfer, you must immediately notify your bank," says Christophe. "Most banks have a dedicated fraud hotline that is accessible 24/7. You can find an overview of the individual issues in the Febelfin brochure. They can already take the first steps to block the transfer or notify other banks to prevent the transfer. This leaves a little more time to make an appointment at the police station to file a complaint. Since Monday 22 June, the procedure has been even simpler and faster. Card Stop has become FraudStop. You can now also contact your bank on 078 170 170 if you think you are the victim of a phishing attempt. »
Both Christophe and Tijl attach great importance to prevention and awareness. "Prevention also plays a role. A victim will tell what we have explained to her to her aunt, who in turn will repeat it in her neighborhood, etc. We also provide courses for the elderly as part of Seniorflik. I've been teaching cybersecurity in nursing homes since last year. It's very pleasant. There is a lot of interaction," says Tijl.
"I often give presentations in schools and associations," Christophe continues. "I was fully involved in the #SCAM campaign and I am very often asked by the press to speak on this and other topics related to cybercrime."
If you receive a phishing email, the instruction is "forward it to suspect@safeonweb.be," but what happens to all those emails? Katrien Eggers, spokesperson for the Centre for Cyber Security Belgium (CCB, which is also the organization behind Safeonweb, editor's note), gives us some explanations.
"We receive between 25,000 and 30,000 messages a day. They are not all read, they are processed automatically. What does this mainly consist of? The links in the database are automatically retrieved and checked. We do not block links to suspicious websites, but we do redirect them to a warning page. So, if you forward an email with a suspicious message to suspect@safeonweb.be, it will go through this entire process. Suspicious links are then added to a kind of blacklist. If another user receives this same email and clicks on the link, they will no longer be redirected directly to the fake website, but will arrive at the warning page. It is possible to bypass this warning page, but it will take a few more clicks. The user will then deliberately access a website that we have pointed out to be dangerous. »
The system behind this warning page is known as the Belgian Anti-Phishing Shield (BAPS), an initiative of the CCB that warns users when they try to access a fraudulent or malicious website. Reporting phishing messages is beneficial not only for yourself, but also for other potential victims.
"We also publish warnings about phishing or other current cybercrime phenomena on the website once or twice a week safeonweb.be the website." We also publish this information on the Safeonweb app. The thousands of emails we receive every day are kind of the inspiration for these news articles. »
According to Eggers, phishing emails in which cybercriminals impersonate the police or Europol are among the most persistent forms of fraud, and have been for years. "Despite repeated warnings, messages like this continue to circulate and claim new lives. We could issue a warning about this every week. »
Safeonweb is part of the Centre for Cyber Security Belgium, whose main mission is to inform citizens about cyber threats and online security. The CCB also helps organizations and businesses strengthen their cybersecurity. More information on safeonweb.be and ccbbelgium.be.