Cases of online fraud and scams are on the rise. The many ‘Trojan Horses’ that populate the net with the aim of hacking into the operating systems of unsuspecting citizens, stealing passwords, breaking into bank accounts and committing thefts and personal data breaches, are often represented by fake e-mails, phishing, smishing, spoofing, vishing and, in general, fraudulent actions often hidden by apparent security.

Among the activities that Italians perceive as higher risk are surfing the web and consulting websites (57.8%), using social accounts (54.6%), buying products online (53.7%) and home banking.

 

CYBER SECURITY KNOWN PHENOMENON

In order to understand the phenomenon of online scams and the risks associated with the web, it is interesting to look at the recent Censis-DeepCyber report in which it clearly emerges that 61.6% of Italians are concerned about computer security and take precautions to defend themselves on their devices. Of these, 82% resort to protective software and apps while 18% turn to an expert. Another statistic, which should ring alarm bells because it moves in the opposite direction, is the underestimation of the problem by 28.1% of respondents who, although they say they are concerned, do nothing concrete to defend themselves, while 10.3% have no concerns about computer security. In general, therefore, almost 4 out of 10 Italians are indifferent or do not protect themselves against cyber attacks.

What emerges as an overall figure is a lack of awareness of how important culture, technologies, skills and IT protection systems are to safeguarding our well-being. To date, more than a third of Italians do nothing to secure their IT devices and only 1 in 4 has a clear idea of what cybersecurity is.

 

THE MOST COMMON ONLINE SCAMS

The range of online frauds is wide, but experts identify three of the most common: shopping fraud, ‘heart’ fraud and fraud announcing sudden winnings. The former are perhaps the most common and the ones that claim the most victims. We are talking about the classic online ad that offers a product for sale and which, as sadly happens, is never delivered or, if it arrives at its destination, is not what was purchased. The second ones, on the other hand, are those that affect the sentimental sphere by exploiting the relationship. A typical example is the request for financial help for a relative or for health problems or, exploiting the love for animals, spreading false fundraising or requests for support to fictitious associations and structures. The last case, which analysts believe is also the least frequent, is the unexpected win. The scam e-mail will report the winning of a large sum, won in a little-known lottery and for which a small amount of money is requested to ‘unlock’ the supposed prize.

 

 VADEMECUM FOR AVOIDING TRAPS

The Postal Police recently drew up a vademecum aimed at warning users of the traps hidden on the web and explaining how to behave to minimise the risks of online scams. First of all, the Police invites users to use complete and up-to-date software, browsers and antivirus software, always prefer online purchases on certified and official sites that give guarantees on purchases and sellers, always read the feedback of previous purchasers and make sure that the ‘online shop’ has the same references as the physical shop or company data. Another important point is to always use rechargeable credit cards and official apps of online stores and be wary of ‘bargain’ prices and inaccurate ads, always check if the product is well described, if there are clear photos and if details or any imperfections are evident.

Remember to contact the seller through the official systems on e-commerce sites and be wary of those who propose transactions or purchases outside the site’s policy. Never provide your personal or sensitive data, and choose shipping services that are tracked, official and integrated with the sales service. The last piece of good advice is to let your instincts guide you. If something is too good to be true, it almost certainly hides a scam.

 

HOW PROTECT THEMSELVES

Certainly, the advice from law enforcement agencies and those who deal with online scams and cyber security is to always inform yourself, be attentive to all details in the purchasing stages, and always rely on reliable and recognised sites and online stores.

For companies as well as for people and perhaps more, experts point out, it is crucial to increase cyber security levels. Improving protection levels with targeted and periodic investments will make web ports and web interactions more secure, increasing the security of the company as a whole and will certainly, analysts point out, increase the security perception of users who, for 80 per cent, fear falling victim to theft and breaches of their personal data on the web.

 

THE VALUE OF THE CYBER MARKET

The ‘new work normality’, characterised by smart and hybrid working, and the increase in cyber attacks recorded in the last year, have prompted companies and businesses to increase their investments in cybersecurity. In 2021, the cybersecurity market reached a value of EUR 1.55 billion, +13% compared to 2020, showing an unprecedented rate of growth, with 60% of large organisations planning to increase their budgets for cybersecurity activities.
In the face of a constant growth in threats (1053 serious incidents in the first half of 2021, +15% compared to the first half of 2020, according to Clusit data), 31% of large Italian companies note a further increase in cyber attacks in the last year. A real ‘cyber war’ in which IT security has become a priority investment, not only in large companies but also in small businesses. Organisations, the Cybersecurity & Data Protection Observatory points out, have as their primary goal to increase employee awareness of cyber threats. Given the constant development of remote working, 54 per cent of organisations consider it necessary to strengthen initiatives to raise staff awareness of the behaviour to adopt. That the growth in risk awareness levels is evident is shown by the data published by the Observatory, which, in the face of a static 2020, found that the formal presence of the person responsible for IT security had increased by 5 points by 2021. 46% of Italian companies have the figure of the Chief Information Security Officer, who in the majority of cases reports to the IT Department (34%) and, in 78% of cases, has a dedicated team to support him. 58% of companies have defined a structured training plan on cybersecurity and data protection issues aimed at all employees, while 11% have focused on training specific functions most at risk. In 30 per cent of cases, less structured and sporadic awareness-raising actions have been implemented, and only 1 per cent have no training activities planned.

 

PNRR AND CYBER SECURITY

While the interest of businesses in cybersecurity is at an all-time high, the attention of institutions, which have introduced important measures in this area, is also growing. The NRP envisages investments of EUR 623 million in cybersecurity garrisons and skills in the PA. The Agency for National Cybersecurity (ACN) has been introduced, towards which companies are showing themselves to be open and willing: 17% have already established a willingness to collaborate with the Agency, more than half (53%) are waiting for guidelines and indications, and a further 22% want to learn more about the role of the body with a view to identifying future opportunities.