10 CYBERSECURITY PRACTICES

Watch a video describing the most common cybercrimes:

PRACTICAL ADVICE

1. Realise that you are an attractive target for hackers. Never say “It won’t happen to me”.
2. Practise good password management. Use a strong mix of characters and do not use the same password for multiple websites. Do not share your password with others, do not write it on slips of paper, and certainly do not write it on a sticky note attached to your screen.
3. Do not leave your devices unattended. If you need to leave your computer, phone or tablet for any length of time, no matter how brief, lock it so that no one can use it while you are away. If you store sensitive information on a USB drive or external hard disk, make sure to lock it as well.
4. Always be cautious when clicking on attachments or links in email. If it is unexpected or suspicious for any reason, do not click on it. Double-check the URL of the website the link directs you to: bad actors will often take advantage of misspellings to lead you to a harmful domain.
5. Careful browsing, especially for online purchases and shopping, should only be carried out on a device that belongs to you, on a network you trust. Whether it is a friend’s phone, a public computer, or free WiFi at a café or other public space, your data could be copied or stolen.
6. Back up your data regularly and ensure that your antivirus software is always up to date.
7. Be particularly careful with anything you connect to your computer. Malicious software can spread through infected USB flash drives, external hard disks and even smartphones.
8. Watch what you share on social networks. Criminals can reach out to you and easily gain access to a vast amount of information, e.g. where you go to school, where you work, when you are on holiday, etc., which could help them gain access to more valuable data.
9. Be very cautious when someone is trying to obtain information from you through manipulation. If someone calls or sends you electronic messages requesting sensitive information, say no. You can always call the company that the person claims to represent directly, in order to verify their credentials before providing any information.
10. Make sure to monitor your accounts for any suspicious activity. If you see something unfamiliar, it could be a sign that you have been compromised.

• See also article Online Fraud
• See also article Hacking
• See also Methods of Attack on the Internet
• See also article Malicious Software
• See also article Internet Attacks
• See also article Internet Piracy
• See also article Software Piracy
• See also article Pharmaceutical Trafficking
• See also article 10 Cybersecurity Practices

FREQUENTLY ASKED QUESTIONS ON 10 CYBERSECURITY PRACTICES

1. What risks do I face if I neglect digital security measures?

Negligence regarding digital security exposes the user to online fraud, interception of banking credentials, breach of social media accounts, extortion through personal data and identity theft. Financial losses can be severe, and moral damages from the leakage of personal information often follow.

Victims often discover the breach when it is too late: unknown charges on their card, messages from third parties, lockout from their own accounts. Prevention through strong passwords, updated software and caution towards suspicious messages dramatically reduces the risk and facilitates subsequent legal protection if, ultimately, something does occur.

2. What can I do if I have fallen victim to online fraud?

The first step is immediate contact with the bank to reverse the transaction and freeze the amount in the perpetrator’s account. This is followed by filing a criminal complaint with the Prosecutor’s Office of the Court of First Instance, which is forwarded to the Cybercrime Prosecution Directorate. At the same time, you should change all passwords and activate two-factor authentication.

In many cases, liability is also established on the part of the bank, where it has failed to apply the strong customer authentication measures required by the PSD2 Directive. Through a well-documented lawsuit, the return of the amount and compensation for moral damages are sought. The combination of criminal and civil proceedings increases the chances of recovery.

3. How quickly must I react to suspicious activity?

Reaction time is critical. In the case of a suspicious card charge or wire transfer, the bank must be notified within a few hours, in order for there to be a realistic chance of freezing the amount before it is transferred to a foreign account. In phishing cases, password changes must be made immediately.

For criminal prosecution, complaint deadlines apply: in offences prosecuted upon formal complaint, the victim has three months from becoming aware of the act and the perpetrator. Delay hinders the collection of digital evidence, since providers retain traffic data for a limited period of time.

4. What documents and evidence should I retain if my data is breached?

You should retain screenshots of every suspicious message or website, the full URL, the sender details of the email together with its headers, the times of transactions and copies of bank account statements. Also useful are the device’s logs and any communication with the alleged company.

To initiate court proceedings, certified copies of transactions stamped by the bank, a detailed chronological account of events, contact details of the perpetrator where available, as well as any technical certification from the service provider, are required. This data substantiates both the criminal complaint and the civil claim against the bank or the platform.

5. What are my chances of recovering money from online fraud?

The chances of recovery depend on the speed of reaction, the destination country of the wire transfer and the method of fraud. Where the bank is informed within a few hours and the amount has not yet been withdrawn, freezing is feasible. With cryptocurrencies or non-EU countries, recovery becomes more difficult.

An important factor is the bank’s liability: if it failed to perform strong customer authentication or ignored unusual transactions, case law recognises an obligation to refund. With proper documentation and sufficient evidence, success rates before the courts are significant, although no advance guarantee of a specific outcome can be given.

6. What is the role of the lawyer in cybercrime cases?

The lawyer evaluates the digital evidence, drafts a well-documented criminal complaint to the Prosecutor’s Office of the Court of First Instance, monitors its forwarding to the Cybercrime Prosecution Directorate and coordinates communication with the bank or the platform on which the fraud took place. In parallel, they examine civil compensation claims against responsible persons or entities.

The Law Firm ZIAMPARAS D. & ASSOCIATES has many years of expertise in cybercrime and handles cases of phishing, sexual extortion (sextortion), account breaches and banking fraud. It provides support from the first stage of recording evidence through to full court representation, with the aim of maximum possible recovery and the prevention of further attacks.