Unfortunately, personal data breaches happen regularly. Personal data attract scammers who are constantly coming up with new ways to use data for profit. The material describes how to protect personal information and not to become a victim of scammers.

If there was a data breach

Thus, personal data that is available in public domain is not enough to seriously harm a person and his/her wallet. However, it helps scammers who use social engineering techniques to mislead a person and try to lure a missing parts of information.

It is widely known that scammers introduce themselves as bank employees in order to get the bank accounts/cards details. In this case, information available on the Internet helps scammers. As when a person calls you by name, knows your date of birth or national ID number, this makes to trust a caller.

It should be reminded that bank employees never call a client without prior actions from the part of a client, so it is better to stop dialogues about confirming or clarifying something right away.

However, scammers can use other methods. If a scammer knows your card number and e-mail, you can get an e-mail stating the following:"The compensation has been sent to your card No.__. Follow the link and enter the code from SMS to get it." By doing it, you will simply open access to your money.

The scammers give various pretenses. But one thing is certain, without your assistance, no scammer will be able to get to your account. According to statistics, more than 95% of all bank card scams occur when users, being under psychological pressure, disclose missing information to attackers: SMS codes, CVV codes and card expiration date, code word and passwords from a personal account. Thus, people lose their savings due to their own trustfulness, and not because their accounts were under attack by hackers.

Remember, if a client has provided secret information to scammers or third parties transfer money to other people's accounts with his/her assistance, banks will not compensate for losses. 

How personal data gets online

Sometimes scammers manage to get personal data by hacking, for example, trading companies, service centers, even hotels and carriers. Their web-resources are protected much worse than bank ones. Moreover, even by hacking a social media account or e-mail, it is possible to learn a lot about both a person and his/her acquaintances.

Some consumers enter their data, phone numbers and card details on the pages of fake contests, lotteries and surveys or on the websites of financial organizations, stores and other companies.

Scammers can use a specialized software to forge documents and simulate various notifications. If your information somehow got into the hands of scammers, they can make a fake letter, for example, from a tax authority or prosecutor's office, send it to you by e-mail or via messengers and afterwards a scammer will personally call, threaten, blackmail and offer to "negotiate in an amicable way". For example, you will need to transfer a certain sum to an electronic wallet to stop the case from being filed further.

Transfer of money to scammers will not help you get rid of a fine, even if there is one in reality. Sometimes scammers find out that a person has a debt, lure that money from a person and then disappear. In this case, neither a fine or debt will be lifted.

Security guidelines for personal data protection

It is unlikely that you will be able to protect your data by 100%, but you can still reduce the probability of a successful attack. To do this, just follow the following guidelines:

• Do not write a PIN code on a card and do not tell it to others, do not enter it anywhere except ATMs and POS terminals;
• Do not tell anyone the full details of your card and do not post photos of it on the network and do not transmit it via messengers even to people you know well. In Kazakhstan, if someone wants to transfer money to you, all that is needed is your card number or phone number;
• Never tell or send your personal data to strangers, including copies of identity documents;
• Do not publish your personal and bank data on the Internet, do not lose sight of your card when making payments in a cafe/restaurant;
• Refrain from participating in dubious online contests and lotteries in which you need to enter personal information or financial details;
• If you are going to make an online purchase, make sure that a website really belongs to an online store and carefully check the spelling of the website in the address bar, it should start with HTTPS and a closed lock symbol;
• Get a separate card intended only for online purchases. Replenish it only prior to making a purchase;
• Activate SMS/Push notification service to receive data about transactions made with your cards;
• Carefully read the contents of SMS/ Push messages, if you receive a message about an operation that you did not perform, do not enter a password and promptly call a bank;
• Never enter a password to cancel transactions as such requests are generated only by scammers;
• Ask a bank if it is possible to enable 3D-Secure (VISA) or SecureCode (MasterCard) function for your payment card. Use complex passwords for your e-mail and personal accounts on the websites. Passwords like "12345" or "Password" will not protect you. The passwords should be different and consist of more than 10 characters, including uppercase and lowercase letters, numbers and special characters. Try to make a password that makes sense to you and which you can easily remember. Keep it in a secret;
• Use biometric identification if your mobile devices or financial services have such a capability.
• If you entered your card details on a dubious website or reported it to scammers by mistake, then immediately call a bank to block a card;
• Refrain from installing dubious and unlicensed programs on your electronic devices. Do not use public (open) wi-fi networks to access Internet banking, e-mail and other resources where you indicate your personal, financial and business information;
• Use licensed antivirus software on the devices from which you connect Internet banking services.

And remember that alertness is the best protection against scammers!