Finland is targeted by many different scam attempts, even as we speak. In particular, SMS and phone scams have become more common. Still, at the same time, operators are constantly working actively to keep their networks secure.
DNA is part of Nordic Telenor, one of the world's leading operators. In 2023, the conglomerate blocked as many as 250 million spoofed calls globally. In Finland, DNA blocks more than 700,000 scam calls per month on its network. However, the number of scam calls varies; for example, more than 2.6 million were blocked last October. Active prevention is needed as criminals are becoming more and more sophisticated in their scams. During last year, DNA succesfully blocked more than 10 million scam calls and over one million scam SMS messages.
"One of the most important roles of an operator is to provide security for their customers and prevent threats. Together with other operators and Traficom, we seek ways to filter out new scams. In addition, Traficom's regulations will guide and harmonise operators' activities," says Ilkka Tuominen, Fraud Manager at DNA.
Telenor has solutions that help DNA to identify and stop unwanted traffic on our networks in near real-time. Once a sequence of numbers is identified as a scam, it is blocked in seconds.
Our own networks and monitored services bring security to DNA's consumer and business customers globally, as Telenor controls the connections and roaming partners with its own agreements and technologies. Telenor's hundreds of own roaming contracts also bring volume and scalability benefits to DNA's customers.
In addition to the current filtering rules, based on Traficom’s recent regulations, SMS traffic will be filtered more effectively from the beginning of 2024.
"As a responsible operator, DNA wants to help its customers stay safe. Not all scam attempts can be prevented yet, so everyone should remain vigilant and take care of their own cyber security," Tuominen continues.
Businesses are also targeted – how to ensure safety
Criminals are constantly inventing new scams with which they try to collect, for example, passwords, payment card details or online banking credentials, for example. Also, snooping of disposable codes used in two-factor authentication has become more common. In addition to individuals, businesses and their employees are often targeted.
Corporate scams often impersonate the CEO, a colleague, or IT support. The aim is to gain access to the company's systems, for example, by tricking an individual employee. Both the scam messages and the fake web pages they contain often look almost real at first glance, and the scammers try to create a sense of urgency so that the target does not think to check the details.
Phone scammers may, for example, pose as a representative of your bank with worrying news about the state of your bank account. The scammer may want to send you additional written instructions or a login link, which allows the scammer to progress towards their goal: stealing your bank details. The scammer is always one step ahead: when you think you are authenticating yourself to the service with your banking credentials, the scammer uses them simultaneously to access your bank account.
The current situation has led to frequent alerts about scam messages in the name of various organissations. Scammers also send targeted fake scam warnings to make the recipient react before thinking twice. In these situations, the scammer tries to appeal to the recipient's emotions in order to provoke an impulsive, emotional response, often successfully. The recipient of the message will click on the link before they have looked at the message in more detail. Even in these situations, one should remain calm. If something unauthorised happens in banking, always contact your bank first.
A basic security measure is to be aware that your operator, bank, and other service providers are not contacting you to ask for your IDs or passwords.
In addition, a good rule of thumb is to check the sender’s origin before clicking any links. If a colleague makes a strange request or bypasses an agreed process, be suspicious and call them to confirm.
Companies should train their employees to protect themselves from cyber threats and actively inform them about current scams. In the era of remote work, establishing rules on which devices and connections can access the company network is also a good idea. A separate guest network should be created for visitors. Especially during the summer season, scam invoices are sent to companies in the hope that they will pass through the screen of fill-in employees. It is a good practice to inform employees regularly about these scams as well.
Discuss security also with your family
Family members are also being exploited more often these days. The scams include text messages pretending to be the caller's child, telling them their phone has broken and they have a new number.
For example, if a loved one informs you of a change of number, you should put your phone down for a moment and take a breath before initiating action. A good next step is to call the close relative's "old" number – the one you already have in your contacts. If the number rings, the connection hasn't changed, and the sender is an imposter.
Easy and simple passwords should be replaced by harder-to-guess ones, and the same password should not be used for more than one service. Two-factor authentication helps prevent criminals from accessing your accounts. Do not give a one-time authentication code to anyone unless you have ordered one yourself to log in to the service you are using.
Improve your business security and avoid phishing – See our comprehensive data security services!
