Poles over the age of 45 more prone to phishing of personal data
Over 43% of Poles are worried about falling victim to phishing scammers during a pandemic. Nearly 30% have already encountered such an attempt. At the same time more than 84% of us declare that they know how to take care of their safety. However, the boundaries between generations are clearly drawn. Young people are the best prepared to deal with criminals and much better than the elderly, deal with the verification of received messages. Such conclusions can be drawn from a study conducted by ChronPESEL.pl and the KRD Economic Information Bureau under the auspices of the Personal Data Protection Office.
2/3 of the public believe that criminals phishing for personal data are more active during the pandemic than before. In a survey conducted in March 2021 on behalf of ChronPESEL.pl and the KRD Economic Information Bureau under the auspices of the Personal Data Protection Office, women (over 70%) and respondents at the aged of 25-34 – nearly 73%– noted greater activity of fraudsters.
- Certainly, the fact that the topic is present in the media has a positive impact on the awareness of Poles. This is important, because the first step to take care of your safety is to be aware of the risk. Currently, there may seem to be more important threats, but we should recognize that the consequences of frauds we are currently seeing could affect us long after the pandemic is contained. Certainly, a greater awareness of security and how to verify frauds among the youngest respondents is a positive phenomenon. This gives us hope that over time we will be able to take better care of the security of our personal data, says Bartłomiej Drozd, an expert at ChronPESEL.pl, a partner of the KRD Economic Information Bureau.
Older people, on the other hand, have the most doubts about the fact that during a pandemic we are more often exposed to the activities of criminals than before. Among respondents between the age of 55 and 74, the percentage of those clearly convinced was just under 18%, and in the 45-54 group just over 16%.
Senior do not always identify a threat
Nearly 30% of respondents said that they received a suspicious message during the pandemic prompting data-sharing activities. Young adults, at the age of 25-35 (nearly 38%), were most likely to point this out. This confirms of that age group’s belief about the higher intensity of fake messages sent during a pandemic. In the messages received, respondents were most often asked to click on a sent link (over 49%), download an attachment (over 44%), make a bank transfer or payment (over 28%), or transfer of personal data (nearly 26%).
Despite increased activity by criminals and a high number of fraud attempts, 83% of respondents say that they knew how to spot a fake message. Young persons at the ages of 18-24 (over 91%) and 25-34 (89%) are the most confident in doing so. On the other hand, persons between 45 and 54 years old have the most doubts. More than 1/5 of them have problems with spotting fake messages. When asked how they check received messages, respondents most often verify the sender’s email address (over 66%), check on the Internet the phone number from which they received a call (almost 55%), and carefully read the sent message and look at the graphic design and style of the received message (over 53%).
Young people most often check the sender number online. Almost 3/4 of them do it. On the other hand, seniors at the age of 55-74 are much less comfortable with all verification methods. Only about 40% of them scrupulously check the sent links. They are also much worse at using the Internet to verify received messages.
- We can clearly see that in the group of over 45 the awareness of risks is slightly lower than among the youngest respondents. In addition, it was largely younger persons who noticed a higher frequency of fake messages. And this could mean that the oldest group of respondents does not always identify certain messages as potentially dangerous. This shows that we should not stop constantly educating the society about the risks and principles of personal data protection – points out Monika Krasińska, Director of Case Law and Legislation Department at the Personal Data Protection Office.
On the census, the Sanitary and Epidemiological Station, a phone call from a bank or a text message from a courier
Unfortunately, despite the warnings and educational campaigns, still not everyone is aware that the COVID-19 virus is not the only threat we have to face in recent months. This attitude is used by the criminals who try to take advantage of it. Their methods have changed over time, but the most popular has been phishing, where criminals impersonate another person or institution in order to phish for data.
At the beginning of the pandemic, we were flooded with online offers to buy products that were supposed to protect us from COVID-19 infection. The most popular were special "antiviral" masks, vaccines and supplements supposedly inhibiting the development of the disease. Already then, the mass sending of SMS messages from numbers pretending to be ministries, banks, courier companies or gas companies began. The content included information about the mandatory vaccination or transferring funds to the National Bank of Poland and a link to the fake payment sites.
What if someone is fooled? In all these cases, the scenario is easy to predict. After clicking on the link or downloading the attached file, malware would be installed on the victim's computer, thanks to which the criminals would gain access to the owner's data and passwords.
However, scammers catch their victims not only online. They also try to extort data by calling people and claiming to be representatives of the Sanitary and Epidemiological Station, who allegedly verify the caller's eligibility for quarantine. They also impersonate employees of the Ministry of Health taking registrations for vaccinations. Experts also warn against scammers who will want to take advantage of the National Census of Population and Housing which began on 1st of April 2021.
- The best way to protect your personal data is to be careful. We should keep an eye on our documents, we should provide information about ourselves only if we are sure who will receive it and how it will be used. We should be wary of "home visits" and phone calls, especially now, during the ongoing National Census of Population and Housing. Due to the current pandemic situation, we should not expect any visitors, and we can always ask the caller for the ID number to check on the Internet and make an appointment to talk at another time when we are sure who we are talking to. Let us also make our relatives aware of this and make sure that the elderly members of our family know how to act - says Bartłomiej Drozd, ChronPESEL.pl expert.
Seniors need young people’s assistance
The vast majority of respondents (84%) declared that they knew how to keep their data safe. However, this statistic looks a bit different if we take into account only those who answered "definitely yes" to the survey question. The youngest respondents (18–24 years old) have the greatest confidence in themselves, of which nearly 26% is absolutely sure that they know how to take care of themselves. Similarly, for the respondents at the aged of 25–34 this percentage was over 24%. Elders are less confident in their abilities. Among the oldest respondents (65–74 years old), the percentage of strongly affirmative answers was just over 12%. The study clearly shows that without the support and assistance of young people, the elderly will find it much more difficult to assimilate safety rules. So, what is there to remember?
- First of all, do not rashly disclose personal data to unknown persons and entities. Do not be afraid to ask who they are, what entitles them to obtain our data and why they collect it. Do not reply to suspicious e-mails, click on the contained links or open the attachments. It is better to go to the website to which they refer to by typing the address in the browser and check whether the information in the e-mail is reliable. In case of doubts, find the contact details of the institution or company on the website and verify the information received by phone. Download applications only from reliable sources. When sending personal data using electronic communication tools, encrypt the files you send and provide the code to open them via another communication channel. The same applies to data transferred on media such as USB flash drivers or external hard drives. We shall use software that protects computers and mobile devices from, for example, malware - explains Monika Krasińska, director of the Case Law and Legislation at the Personal Data Protection Office.
Experts point out that even if we follow all the security rules, it may not be enough to prevent the use of our personal data. We do not know how secure the databases of online stores or social networks we use are. Therefore, in order to minimise the adverse effects of identity theft, the Personal Data Protection Office recommends, inter alia, setting up an account in the business information system to monitor your credit activity.
The survey "Personal data protection during a pandemic" was conducted in March 2021 using the CAWI method on a representative group of 1,007 respondents by IMAS International.