Most identity theft attempts are made by fraudsters disguising themselves as a trustworthy person. With just a little bit of common sense and caution, you can make sure that you don’t become a victim of identity theft.

PHISHING is an email in which you are urged to provide personal information of any kind by clicking on a fake link. The fake link will take you to a company website that looks genuine but is not.

Watch out for emails that:

  • Ask you to leave your card or bank account number.
  • Ask you to provide your password.
  • Asking you to click on unknown links
  • Asking you to verify your account information
  • Threatening to close your account immediately if you don’t take action
  • Tempts you with unlikely offers
  • Contains poor grammar, spelling or words in the wrong order
  • Contains strange headlines or a non-personal address in the email

How to avoid:

  • Never click on links in emails from people you don’t know
  • Never give out your personal information or click on links that read “click here to confirm your information.”

Remember: serious companies never ask for personal information by sending an email.

SMISHING is when someone tries to trick you into giving them your private information via a social messenger app or SMS message. It mimics a regular text message and may even be sent from someone you trust. When that happens, their accounts may have been hacked.

The information a smisher is looking for can be anything from online passwords to your social security number, your bank account information, or credit card information.

How to avoid:

  • Don’t reply to text messages from people you don’t know.
  • Don’t reply to a number that looks odd
  • NEVER give out your bank account number, online passwords or credit card information to an unknown caller — even if they say that they are calling from a company that you know of.
  • Don’t click on links in a text message unless you know the person it’s coming from.

VISHING (also called scam calls) is when someone is calling you to your home phone number, to your smartphone or via online services like Skype, FaceTime, or Zoom. Once again, the aim is to get credit card details, birthdates, account sign-ins, or sometimes to harvest phone numbers from your contact lists.

In a vishing attempt, the caller pretends to be from the government, a reputable company or organization, a personal banker, and many other things.

How to avoid (the advice is almost always to hang up the phone):

  • Don’t answer your phone when you receive phone calls from unknown numbers.
  • Never call phone numbers that are provided in emails or text messages
  • Never give any information to a caller unless you’re sure of who they are. Hang up.
  • Hang up the phone if you are not sure why the person is calling
  • Beware if someone is calling you to sell or promote something. Hang up.
  • Beware of telemarketers. Hang up.

As the COVID-19 pandemic keeps spreading, it rapidly changes how we work and play. And — in the wake of the devastation, cybercriminals are heartlessly taking advantage of our digital weaknesses and fear of contracting the disease.

As the pandemic drags out, and we continue to stay isolated, we tend to interact with online services more than ever before. We order take-out from services like Foodora or Uber Eats, log in to our bank accounts or governmental services more often, search for information about the disease, and sign up for more streaming services. We also do online searches on popular topics like Corona and COVID-19. This behavior introduces golden opportunities for scammers to deploy social-engineering attacks.

Social-engineering attacks target individuals. Attack types are, among others, bogus emails (phishing) with malicious links to hospitals or text messages (smishing) with fake links to a donation campaign. It can also be luring people into clicking on suspicious links in the search for information, and even deceitful phone calls (vishing).

Remote work has its challenges.

The sudden uprise in remote work over the past months also means increasing security risks to companies. People are no longer behind firewalls or protected by the company’s security systems. One example of significant risk is that employees are ignoring basic security protocols to get things done when, for instance, handling sensitive company information from home without the protection of a VPN software. This leads to dangerous behavior due to a lack of understanding of digital threats.

To take precautions as a company and as a user is paramount, and the time for new approaches to digital security is imminent, not just under these extraordinary circumstances, but for the foreseeable future.

Patrik Malmberg, CEO at Covr Security

Patrik Malmberg, CEO at Covr Security

About us.

We are a team of experts in cybersecurity that would be delighted to help you find solutions to your security challenges. Get in touch with us, and we’ll make sure you’re safe!

Digital payment and online banking are all about striking the right balance between customer convenience and security. People expect it to be easy, so a complicated authentication process will turn them away. Luckily, onboarding users with COVR’s Multi-Factor Authentication API is not a problem. With this API, they can authenticate their payment directly from their smartphone without interrupting their flow.

COVR’s Multi-Factor Authentication API enables fast and convenient user authentication on smartphones. It keeps you and your users protected from all types of fraud and impostor activity, like identity theft, credit card hijacking, skimming and phishing. Even in risky settings like public wifi and unknown, unprotected networks. The API facilitates compliance, user retention and growth by providing stable and secure authentication and supporting user-friendly onboarding.

The Multi-Factor Authentication API is designed to help you to:

1. Comply with laws against money laundering, financial crime and enhanced privacy for individuals.

2. Defend and protect from online fraud and identity theft.

3. Facilitate people’s expectations on convenient, fast, secure signup and account login experiences.

Upgrade security with user-powered control and push notifications

Enable your end-users to actively protect their digital identity. With the Multi-Factor Authentication API, they control what information they share and with whom.

Thanks to push notifications instead of passwords, the onboarding and login process are a piece of cake. Once the user has logged in, the in-app verification alerts give the user the option to accept or deny authorization with a single tap. 

One solution for every authentication scenario

COVR’s API is developed for any industry in need of strong end-user authentication and can be applied throughout all user groups – employees, end-users and third-parties. It works seamlessly across all platforms, applications and use cases. It also lets you authenticate end-users and authorize access throughout all of your business applications quickly.

The unique benefits

1. Benefit from passwordless authentication to access to sensitive information and money transactions.

2. Activate two or more authentication methods to protect your users from every threat.

3. Authenticate and onboard users with QR codes for a smooth end-user experience.

4. Allow users to authenticate themselves to sign contracts, loans and other legal documents.

Fast implementation, scalable and cost-efficient

COVR needs a minimum of infrastructure to scale for unlimited users simultaneously and plugs into existing systems with minimal modification. There’s no need for additional, expensive hardware.

Credit card security

Does your company issue credit cards? Then you know it’s a complicated process for both customer and issuer to re-approve a transaction that has been denied. It involves phone calls, security questions, identity document verifications or other payment methods.

With the Multi-Factor Authentication API, you can allow the credit cardholders to authorize the transaction themselves. This eliminates the problem with payment rejection and false-positive denials. Every smartphone can be reached by the bank in seconds, anywhere in the world. It is also registered to send authorization request push notifications with a response time of a couple of seconds. The result: seamless card transactions, and fully trusted, accepted purchases – both by the bank and its customers.

Reusable identity validation and account recovery

Dealing with stolen credit cards, lost smartphones or hacked accounts? Recovering all the lost data from each online service could be a lengthy and costly task.

With this API, recovery processes run fast, easy and secure. After a new identity verification is done, COVR can reconnect the user with their existing digital identity. Including all their history, transactions and various accounts. As nothing is ever lost, the user can continue to build their online reputation.