Recently Kateryna Kobernik, editor-in-chief of Ukrainian magazine “Babel”, ordered a tablet on the OLX platform and was left with nothing.
The cybercriminal faked the official service number and sent her an external form to enter the credit card data. After she transferred 14 thousand hryvnias, the seller disappeared. In her post on Facebook, Kateryna accused OLX of ignoring security, but is it true and what does cyber hygiene have to do with it?
Who’s to blame?
In this case, the user made a mistake. Before purchasing something, each customer should read a complete usage guide, which states that in case of OLX delivery it is not allowed to go outside the platform – there should be no SMS, links, etc.
Imagine that you came to the shopping mall and bought a Louis Vuitton bag for 500 UAH. Then you found out that it was a fake, and started to demand explanations from the management of the shopping mall. But they only rent out space. As well as the OLX does.
Regarding the possibility of phone number spoofing, it is a problem with systems that were created 40-50 years ago. “Quality modern applications are based on almost paranoid security, and about the old GSM mobile communications system we cannot say the same,” – says our Operations Director Vitaly Yakushev.
Therefore, it is possible to spoof the number. And you don’t have to be a hacker or a coder to do this. There is a lot of information about it on the Internet as well as ready-made services.
“You pay 1 or 10 UAH and can send SMS from any number to any number. That is why the rules are always the same: stick to the basics of cyber hygiene, be alert and careful, do not disclose financial information, and check where you enter data (even if the site looks identical),” – explains Vitaliy.
So how do you check who sent the message?
It’s very simple – just call and ask. If it is a service like OLX or bank – you need to call the support team. It is important to find a phone number on an official website by yourself, instead of using a number from the message you received. There are no other ways. Only a mobile operator can see the fact of phone number spoofing. And it is a privilege of engineers, not regular call center employees. To get this information, you need to file a complaint.
“It’ s important that people learn from their mistakes and think about security, rather than blaming everyone around them and stepping on the same rake again. We’ve launched a project about the daily cybersecurity on the internet called Cyber Nanny. You can also find there some short funny videos about shopping on the Internet,” said Vitaliy.
What if Internet fraud succeeded?
First of all, contact the OLX service to block the seller. And then file a complaint with the cyber police, where you specify the phone number of the scammer, give your account details, and all information you have. After that, you can cross your fingers and hope that the scammer was inexperienced and left a digital trace.