"Fraudsters send fake e-mails under the name of Smart-ID in order to spoof Internet banking access data on a fake website. Be attentive, pay attention to the address of the e-mail sender, and check the website address before entering any data!" said CERT.lv on social media.
‼️ Krāpnieki izsūta viltus e-pastus it kā Smart-ID vārdā, lai viltus vietnē izkrāptu internetbankas piekļuves datus. Esam vērīgi, pievēršam uzmanību e-pasta sūtītāja adresei, un pirms datu ievades pārbaudām vietnes adresi! pic.twitter.com/D3kDpFx3zK
— CERT (@certlv) July 2, 2024
The latest warning comes a couple of weeks after CERT.lv published its Activity Report for Q1 2024, which contains publicly available information about what it has been up to.
"Since Russia’s full-scale invasion of Ukraine, Latvia continues to experience a high level of cyber threats. In Q1 2024, the number of threats and incidents reduced only by 3% compared to the same period in 2023. In addition, it was 5% higher than in the last three quarters of previous year. Latvia has demonstrated a convincing cyber-resilience, and cyber-attacks recorded so far have not had a significant or lasting impact on society," it said in summary.
Significant threats with a broad impact on the commercial sector, state and local authorities represent only 0.03% of all categorized threats, but the number of unique IP addresses registered as compromised in this category is 218% higher than in Q1 2023; the upward trend continues compared to Q4 last year, with an increase of 26%.
Intrusion attempts, malicious code, and harmful content are the top threat types with the highest increase in activity in Q1 2024. Intrusion attempts in particular are on the rise, with an increase of 118% compared to the same period in 2023.
"In the current geopolitical situation, this can be attributed to politically motivated Russian hacking attempts, in particular to compromise the critical infrastructure of NATO and EU member states. Such trends highlight the need to strengthen security measures and educate the public about potential threats," said CERT.lv.
"Politically motivated denial of service (DDoS) attacks by Russian hacktivist groups continue in waves, targeting public administrations and companies in specific sectors. The proportion of successful attacks is decreasing, reflecting the readiness of Latvia's infrastructure, the effectiveness of the centralized DDoS protection service funded by the Ministry of Defense, and the ability of communications operators to provide services in the event of a sustained external attack," it added.
According to the report, financially motivated attacks most often involve emails and text messages from a seemingly trustworthy source. During the reporting period, scammers most often posed as representatives of the tax authorities, state police, courts, or banks. Phishing in the name of various courier services continued to be active, as did fraudsters with fake job offers. Telephone scammers have begun to actively use artificial intelligence tools to create imitation versions of real people's voices. 21% of victims fall into scam traps due to haste and carelessness, CERT,lv believes.
The full report can be read here and is also attached to this story in PDF format (in English).
