In the first six months of 2022 in Italy there were 780,000 data thefts on the web

In the first six months of 2022 in Italy there were 780,000 data thefts on the web

The growth is clear. Compared to the last half of 2022, reports of data theft increased by 44.1%

Italy is the 14th country in the world for stolen data and spread on the dark web. This is revealed by the latest research byCyber ​​Observatory of Crif. Weak passwords, naive users, there is still little awareness of the risks associated with scams data online. The experts of Crif, a company that deals with credit information and business information, highlighted over 780 thousand reports of thefts in the first half of 2022. There is a growth of 44.1% compared to the previous half year.

The most affected regions are Lazio (21.5%), Lombardy (13.4%) and Campania (7.8%). The province of Rome alone covers 18.8% of total cases, followed by Milan (5.8%), Naples (5.0%) and Turin (4.1%). Most of the violated profiles they relate to e-mail accounts (27.0%) and entertainment sites (21.0%).

“The data of the cyber Observatory make us reflect on the risks related to the circulation of our data online” says Beatrice Rubini, Executive Director of Crif. “In particular, contact details are becoming increasingly attractive to fraudsters, making fraud and identity theft possible.” Passwords remain among the most at-risk information.

160 years of Poste Italiane through its most beautiful historic buildings

How to recognize a weak password

The trivial access keys make it easier for hackers to work. The vulnerability level of accounts mainly depends on common passwords. Crif’s research shows how often users use combinations of numbers and letters not very articulated, “123456”, followed by “123456789” and “password”, are at the top of the ranking. Then there are the football teams “Juventus”, “Napoli”, and the most common names such as “andrea”, “francesco” and “alessandro”.

Another risk factor is the phone number associated with the password (33.7% of cases). A combination that attracts fraudsters for Smishing or SIM Swapping attempts. According to the survey, the groups of the population most affected are those of 41-50 year olds (26.2%), followed by 51-60 year olds (25.5%) and over 60 (25.5%).

Why the data is stolen

Stolen credentials can be used for enter victim accounts and use services in an abusive manner. But also to send e-mails with requests for money or phishing links, send malware or ransomware to extort or steal money. “The data of the cyber Observatory make us reflect on the risks related to the circulation of our data online”, explained Rubini. “In particular, contact details become more and more attractive for fraudsters, making fraud and identity theft possible. If the criminals are able to get hold of multiple personal data that help complete the victim’s profile, they can better design the attacks, also taking advantage of social engineering techniques. In fact, we know that attacks are often perpetrated through increasingly targeted and personalized phishing emails or sms ”.

It would be necessary to create greater awareness. “We must pay particular attention to the e-mails and messages we receive every day, training to recognize scam and phishing attempts”, said Rubini “It is important not to click on the links contained in suspicious emails or SMS, and above all not to reply providing personal data to messages apparently sent by our bank or another company, always checking the phone number or email address of the sender. Furthermore, it is necessary to learn how to properly manage our accounts, in particular the e-mail services, which hold information and documents that are precious for criminals ”.

How to recognize a phishing attempt

Phishing emails or messages usually have an alarming tone. For example: “If you don’t answer, your account will be closed in 48 hours”. In the case of e-mail, they are sent in bulk, so no e-mail address appears in the bar reserved for recipients. Furthermore, you must not share your sensitive data with a third party. Official companies never ask for such information via email. This is another wake-up call to recognize an online scam attempt.

Leave a Comment