The National Cyber Security Centre Finland’s weekly review – 06/2024

Topics covered in this week’s review

• Bank credential phishing under the names of the MyKanta service and Suomi.fi
• Guest writer from the Love Scam Support project
• Cyber Weather report for January 2024 published
• Denial-of-service attacks continuing in 2024 as well

Bank credential phishing under the names of the MyKanta service and Suomi.fi

Over the past week, the NCSC-FI has received numerous reports of phishing messages sent under the names of the MyKanta service and Suomi.fi, with which criminals are attempting to phish for bank credentials.

The scam messages urge the recipient to update their personal information, claiming that doing so is necessary to ensure continued and the best possible service. The messages also include a date by which the update needs to be carried out. In both cases, the link included in the message leads to a convincing-looking phishing website that asks for the victim’s bank credentials. Any information entered on the phishing site ends up in the hands of criminals.

There are also scam messages going around under the name of Suomi.fi that claim that there is a technical issue in the Suomi.fi mobile app, due to which messages received through the service should be accessed via the link included in the message for now. The included link leads to a phishing site asking for bank credentials.

The Digital and Population Data Services Agency is also warning people of several other types of scam messages currently being circulated under the name of Suomi.fi. (External link)

What to do if you become the target of a scam attempt

You should never share sensitive information, such as personal data or your bank credentials, via text message or email. If you receive a message asking you to share such information, follow these instructions:

• Do not respond to the message or enter your information in the presented fields.
• Do not click on the links included in the message.

If you suspect that your bank credentials have fallen in the wrong hands

• Immediately contact your bank and tell them what happened. Taking swift action can still prevent misuse at this point. 
• File a police report.
• You can also report the incident to the NCSC-FI.

Read more about how to use online services safely.

Instructions for safe use of MyKanta (External link)

Loved ones can play an important role in stopping romance scams

A romance scam is a white-collar crime in which the victim is contacted on a social media platform by an unfamiliar person, who then starts building a relationship with the victim. The scammer may devote a substantial amount of time to gaining the victim’s trust, with their ultimate goal being to exploit the victim financially.

In addition to major financial losses, romance scams cause shame and anxiety for victims and their loved ones. The persons close to romance scam victims often report feeling guilty for not noticing that their loved one had become a target in a romance scam. Such feelings are only human, but there is no use blaming yourself. However, it is good to be aware of what to do if you suspect that one of your loved ones is being scammed.

You can find plenty of stories of romance scam victims on the internet, and the cases often follow a similar pattern. By learning about other people’s experiences, a person being scammed can start recognising similar aspects in their own situation. The most important thing is to take an interest in your loved one’s situation and broach the subject in order to get them to stop sending money to the scammer.

Read the full article by a guest writer from the Love Scam Support project (in Finnish). (External link)

Cyber Weather report for January 2024 published

In terms of cyber weather, 2024 got off to a rainy start. The first month of the year included both a spike in reports of Microsoft 365 account compromise and several critical vulnerabilities. Denial-of-service attacks carried out by hacktivists also continued at the start of the year.

However, the new year also brought with it some glimpses of the sun. The start of the year saw the launch of an application round for financial assistance intended for SMEs for the deployment of modern cyber security solutions and innovations. Furthermore, the ‘Kyberala murroksessa’ seminar was attended by over a thousand people.

The January Cyber Weather report also includes an updated list of the top five threats. Meanwhile, the long-term trends section of the report takes a look at participation in digital environments.

Read the full Cyber Weather report here (in Finnish). (External link)

Denial-of-service attacks continuing in 2024 as well

February kicked off with denial-of-service attacks in Finland, with dozens of Finnish organisations being listed as targets by pro-Russian hactivist groups. The lists have also included entirely new targets from the municipal and education sectors, for example. Last year, these hactivist groups carried out attacks on financial, logistics and transport and government operators in particular. Many frequently targeted organisations have since learned to protect themselves from denial-of-service attacks orchestrated by hactivist groups.

The new targets now added to the lists may not have experienced these types of application-level denial-of-service attacks before, so it is likely that the attacks will knock some of the targeted websites temporarily offline. The NCSC-FI is monitoring the situation and engaging in active cooperation with Finnish organisations in regard to this phenomenon as well.

Read more .