Phishing messages remain a growing problem

According to a survey of Finns commissioned by Elisa, 91% of respondents have been victims of scam attempts on the internet* – you have also probably been the target of attempted fraud. Do you know how to recognise scam attempts? Do you know the five rules for avoiding phishing scams?

As an operator, Elisa has a comprehensive view of scams taking place in the network that are reported by customers, such as scam emails and text messages.

Anatomy of a phishing scam

Phishing can be complicated, but it is possible to roughly break it down as follows:

  1. A scammer obtains a list of email addresses / scam message template
  2. The scammer sends a phishing message to a large number of recipients.
  3. Some of the recipients send the scammer the information they were asking for.
  4. The scammer uses the information to obtain money:
    • Bank transfers using the victim’s online banking IDs
    • Subscription traps
    • Extortion
    • Ordering goods in another person’s name
    • Spreading malware / phishing emails to more victims
  5. The scammer covers their tracks.

Scams seen through Elisa’s eyes

Among other examples, messages are often sent purporting to be from banks so that scammers can try and get the victim’s online banking IDs.

“Dear customer,

Our systems have detected that you have not yet activated the new Nordea Secure Key protection service, which allows you to manage your account easily online: the system for sending one-time codes by text message was terminated at the end of 2021. You should now be using the new, free protection service to manage your online purchases.Activez le service :

Click here”

“At Elisa, we actively report scam and phishing messages sent in Elisa’s name, which scammers use to try and obtain Elisa customers’ email password details.”

Using these details, scammers can use the account to send spam or to spread malware. And of course, they gain access to the victim’s message history, even though that wasn’t the reason for obtaining them.

“Dear customer,

As part of our continuous improvement of our services, Elisa is here to help you. We are performing a scheduled software update.

We urge you to visit the following link to begin verifying your login details.

Start by following this link:

Click here

If you would like to contact us, get in touch in the section ‘Guidelines and contact details’.”

In the worst cases, login details can be used to cause a lot of harm in a short space of time. Scammers can use email login details to change the victim’s passwords, lock them out of a variety of services and demand a ransom from the victim.

An extreme example of the consequences of phishing is identity theft. If they gain control of your banking IDs, scammers can try to pretend to be you in online services and change your details, place orders in your name, steal money from your accounts, and more. Even though it is possible to invalidate unjustified invoices resulting from fraud, what is the cost in terms of all the time, effort and distress?

Is it possible to filter out scam emails?

When they receive a phishing message, many people wonder why they can’t be blocked. Phishing messages are usually just a specially crafted kind of junk mail, hoping to spread malware or obtain login details or other personal information. This means that these scam messages have the same issues as other junk mail: it is technically difficult for people to identify obvious junk mail. Of course, there are a number of technical means of doing this (e.g. ensuring that the sender is genuine, blocklists, content analysis or malware filters).

“Filtering out messages also always carries the risk of false positives. The stricter the filtering, the more false positives there will be. This is often the case, although efforts are made to minimize the number of affected messages.”

Different kinds of phishing scams

These days, it is possible to approach people through a variety of different channels, so there are also many different ways to try and scam people. Here are a few examples:

  • Phishing messages: text messages and email
  • Google search scams: search results that take you to phishing pages
  • Targeted phishing messages: messages that seem to be from a known, credible person or organisation
  • Contacting people on social media: scammers tell fake stories to try and obtain money (e.g. “Nigerian prince” email scams)
  • Competition scams on social media: a social media account created in the name of another person or organisation piggybacks on a real competition to get participants to register at a fake webpage
  • Hijacking social media accounts: the scammer sends a message from a recognised name, such as, “Sign in here and win” or, “There is a problem with your account. Check here to see if it has been hijacked.”

These are the five rules for recognising phishing scams:

  1. Who really sent the message?
  2. Who is the message for?
  3. Is the language good?
  4. Be careful what you click
  5. Don’t panic

Who really sent the message?

The sender’s name could be fake, so carefully check the sender’s email address (watch out for things like “company@company.li” compared to “company@company.fi”). For example, sender details in previous scam messages claiming to be from Nordea bank or Elisa have looked like this:

  • Sender: “Nordea”; sender’s email address: “management@racksters.com”
  • Sender: “Elisa”; sender’s email address: “email91093@xs4all.nl”

Delete messages like this straight away.

Who is the message for?

Did you get an email about Osuuspankki code cards even though you are a Danske Bank customer?

Delete it.

Is the language good?

The way the message is written can clue you in that it is fake – or maybe not.

In addition to looking out for spelling mistakes or grammatical errors, pay special attention to the overall message and content. Does the name of the “sender” match the content? For example, did you receive a message from Posti in Finland that talks about a DHL delivery? Delete it. Does the message seem like it is machine-translated? Delete it.

Be careful what you click

Scam messages sometimes try to get the recipient to open an attachment, which could contain malware or links that take the victim to a malicious website or phishing page. Only sign up for services by entering the address in a web browser yourself. Save websites you regularly visit in your favourites/bookmarks.

Don’t panic

Scammers try to get you to panic so that you will act recklessly.

Got an email from your email provider about an update that requires urgent actions from you or your account will be closed? Delete it. Your computer will be locked in 24 hours and your porn viewing habits will be shared with the whole world? Delete it.

What should I do if I’ve been scammed?

If you’ve entered your banking details in the wrong place, contact your bank immediately! Things can happen quickly, and your money could be gone soon. Your bank can at least prevent further fraud or other crimes. Then file a police report: https://poliisi.fi/en/report-a-crime

Victim Support can help: https://www.riku.fi/

Also report the incident to the National Cyber Security Centre: https://www.kyberturvallisuuskeskus.fi/en/report

Change your password as soon as possible! This applies to both login detail scams and banking credential scams. If you’ve used the same password in other services, change the password for those services as well – and use a different password for each service. This will prevent it from recurring. We recommend using a password app to manage your passwords, such as Elisa Identiteettisuoja or similar.

Tell someone else about what has happened – don’t deal with it alone. When you let other people know about it, they can be prepared for similar scams. When you share your story, other people will share theirs as well. You’re not alone.

You can find more information and guidelines on this page: https://elisa.fi/asiakaspalvelu/aihe/english/ohje/scam_messages_en/

* The survey was conducted by IROResearch Oy in their national consumer panel as part of Elisa’s Tuhat suomalaista (“1,000 Finns”) study. The results of the survey were weighted according to age, gender, residence and province to comprise a representative national sample of Finns. Altogether, the survey comprised 1,000 interviews, conducted between 24 September and 4 October 2021. The statistical margin of error for the survey is a maximum of +3.2%. The survey was commissioned by Elisa Corporation.

Read more:

Scam calls damage trust in Finnish phone numbers

Denial-of-Service attacks have become more common during the Covid-19 pandemic