ABANC - Angolan Banking Association

Term used to refer to the handling and collecting of personal data on the face or on the magnetic strip of a credit, debit or telecommunication card. The theft of the card or the cloning of the original card by capturing the magnetic stripe information and its PIN occurs in a very sly way, and there are several techniques, such as:

• Lebanese Tie - applying a false slot in the ATM (Automatic Teller Machines) to capture the card;
• Camera copies code - applying a hidden mini-camera on the top of the ATM that records the user dialing the PIN;
• ATM Replication - application of an ATM placed over the legitimate equipment;
• "Chip" saves data - installation of a "chip" on the legitimate automatic payment terminals (TPAs) that store the card data and the code for subsequent cloning of cards;
• Adulterated reader, or Skimmer - equipment used to copy the data of debt cards for later cloning.

How to protect yourself:

• Give preference to ATMs within the perimeter of a bank or less isolated areas;
• Never move away from the cash machine before finishing the operation. If in doubt, press "cancel" and do not start any operation;
• Avoid using payment equipment in suspect areas;
• When entering your password, avoid making finger movements on the keyboard at eyesight;
• Never accept or ask for help from strangers. If you need, ask for the help of a properly identified member of your bank;
• Before using the ATM, make sure that it is in good condition, and has no signs of having been changed or vandalized, particularly in the card entrance slot or in the notes exit slot. If you notice any abnormalities, you should immediately contact the police;
• Be careful with strangers in the surroundings of electronic boxes - your card can be exchanged or stolen without you even realizing it;
• In shops, always accompany the operator to the machine where the card will be used to check the purchase amount on the screen of the equipment;
• Check regularly that the movements made with your card have been properly registered and that the values ​​are correct. If you find any abnormality, you should immediately contact the issuing bank.

The act by which a person tries to impersonate another, by assigning a false identity for the purpose of obtaining an undue advantage, particularly for financial commitments on behalf of a third person. It may involve techniques such as:

• Creating false documents (own production);
• Tampering with original documents;
• Forgery of signatures;
• Social engineering;
• Use of access credentials.

How to protect yourself:
Here are some preventive measures against identity steeling:

• Protect all your personal information;
• Immediately report to your bank the loss, theft, forgery or misappropriation of checks as soon as you acknowledge it;
• Immediately report to the police in case of loss, theft, forgery or misappropriation of your identification documents as soon as you acknowledge it;
• Be careful with e-mail messages containing links or images;Confirm that the site uses secure connections before entering personal or financial information. You can do this by verifying that:
• There is a padlock icon, usually next to the browser's address bar;
• The website address is preceded by https://, where the letter “s” after the usual “http” means “secure”;
  The site has a digital certificate validation, which can be checked by clicking on the closed padlock icon.

Technique used in bad faith to exploit greed, vanity, good faith or ingenuity and confidence of others, in order to scamming, deceive or get sensitive and important information.
These schemes may involve the following topics:

• Messages and alarmist account closure threats;
• Promises of easy money with little or no effort;
• False billing and fraudulent banking transactions by e-mail;
• Business that seems too attractive to be true;
• Order donations to charities after a disaster that is reported in the media;
• Offers from a nonregistered contest.

How to protect yourself:
The best way to avoid fraud is:

• Saying "No" will always be your first line of defense. Refuse any offer that makes you uncomfortable, or places you under pressure. Refuse any offer that seems too good to be true, too convenient or too easy;
• Never respond to suspicious contacts or unknown sources;
• Be cautious in the use of your personal data, your bank account and payment means.

Being a type of online identity theft, phishing is a technique which uses e-mail and fraudulent websites designed to obtain personal and financial data of a user, through the combined use of technical means and social engineering.
E-mail phishing messages can take several forms:

• They appear to come from your bank, a company that you regularly read or a social networking site that you use frequently;
• They appear to come from a contact from your list of e-mail addresses;
• They may ask you to make a phone call. These schemes lead you to make a phone call to a number in which the individual or automatic response unit waits to receive your account number, personal identification number, password and other personal data;
• They can include links (hyperlinks) to fake websites with legitimate appearance, where you will be asked for your personal information;
• The body of the e-mail message is an image, to avoid detection by spam filters. Normally, this is a link that redirects to a fraudulent site;
• They may contain errors in Portuguese, especially in spelling and grammar;
• They may have generic greeting expressions and use impersonal terms like "Dear Customer";
• Keep your computer software updated with the latest security release;
• They may use an urgent tone so that you respond immediately without thinking.

There are more modern methods of phishing, which use malware to capture their credentials or tamper with operations in real time. Spear phishing (attacks on a group of more restrict users), phone phishing, vishing and smishing are some ramifications of such attacks.

How to protect yourself:
Here are some steps to take to protect you from phishing scams, according to the common rules for the safe use of the Internet:

• If you suspect that you received an e-mail with a phishing scam, delete this message from the inbox;
• Do not click on images or e-mail links;
• Never respond to emails that ask for personal information;
• Enter addresses directly in your browser;
• If in doubt, contact the entity referred to in the e-mail, but never use the contacts listed in it;
• Confirm that the site uses secure connections before entering personal or financial information. You can do this by verifying that:

• there is a padlock icon, usually next to the browser's address bar;
• the website address is preceded by https://, where the letter “s” after the usual “http” means “secure”;
• It comes with a digital certificate validation, which can be viewed by clicking on the closed lock icon.

• Do not enter personal or financial information into pop-up windows;
• Keep the software in your computer updated with the latest security versions;
• Install an antivirus program, keep it active and update it periodically;
• Make sure your computer is scanned regularly for viruses and other malware, and make total automatic cleaning when a problem is detected.

If you have responded to a phishing scam, try to minimize the damage by:

• Changing the passwords or PINs on all your accounts that you consider may have been compromised;
• Contact your bank or commercial entities directly. Do not follow the link in the fraudulent e-mail message;
• If you get to know of any account that was opened fraudulently, close that account;
• Review your bank and your payment card statements regularly to check for unexplained charges or inquiries not initiated by you.

Being very similar to the phishing technique, pharming involves redirecting users' navigation to fake websites, through manipulation of DNS service (Domain Name Server).
This technique exploits vulnerabilities in browsers, operating systems and DNS servers to drive users to fake sites. A pharming attack is more difficult to detect, because rather than relying on users to click on links contained in fraudulent e-mail messages, pharming attacks redirect their victims to fake websites, even if users type in the correct web address in the browser.

How to protect yourself:
Very similar to the steps to prevent phishing attacks, preventive measures to pharming attacks resemble the basic rules for safe use of the Internet:

• Install an antivirus program, keep it active and update it periodically;
• Keep your computer software updated with the latest security release;
• Make sure your computer is scanned regularly for viruses and malware, and make a total automatic cleaning as soon as any problems are detected;
• If you suspect that you received an e-mail with a pharming scam, delete this message from the inbox;
• Do not click on images or e-mail links;
• Never respond to e-mails that ask for personal information;
• Enter addresses directly in your browser;
• If in doubt, contact the entity referred to in the e-mail, but never use the contacts listed in it;
• Confirm that the site uses secure connections before entering personal or financial information. You can do this by verifying that:

• there is a padlock icon, usually next to the browser's address bar;
• the website address is preceded by https://, where the letter “s” after the usual “http” means “secure”;
• It comes with a digital certificate validation, which can be viewed by clicking on the closed lock icon.

• Do not enter personal or financial information into pop-up windows.

Translation of the spyware English term, a spy program is a program planned to monitor surreptitiously activities of a system and send the collected information to third parties. The types of spyware that are more common are key logger, mouse logger, screen logger and adware.
The most common file extensions of spyware are: exe, com, zip, scr, cmd, bat, pif, cpl, vbs and lnk.
The spyware can be installed on a computer in several ways, by:

• Suspicious sites who may attempt to install spyware when they are accessed;
• Keep your computer software updated with the latest security release;
• E-mail messages;
• Instant messaging;
• Simultaneous installation with voluntarily downloaded software;
• Direct connections to share files;
• Spyware can be inadvertently installed along with a file that the user voluntarily transfers.

How to protect yourself:
Here are some measures to prevent the installation of spyware:

• Install an antivirus program, keep it active and update it periodically;
• Keep your computer software online with the latest security updates;
• Make sure your computer is scanned regularly for viruses and malware, and make total automatic cleaning as soon as any problems are detected;
• If you suspect that an e-mail message is spam, delete this message from the inbox;
• Do not click on images or e-mail links;
• When receiving messages with attachments, do not open the attached file or run a program without first going through them with an antivirus program.

Term used to refer to unsolicited e-mail, which is usually sent to a large number of people. These messages can be used to transmit viruses, spyware and phishing directed attacks, among others.

How to protect yourself:

• Install an antivirus program, keep it active and update it periodically;
• Keep your computer software updated with the latest security release;
• Make sure your computer is scanned regularly for viruses and malware, and make a total automatic cleaning as soon as any problems are detected;
• Configure your firewall to block unwanted requests from output communication;
• Do not accept free gifts, because spyware can be installed when accepting them;
• Do not click on images or e-mail links;
• Confirm that the site uses secure connections before entering personal or financial information. You can do this by verifying that:

• there is a padlock icon, usually next to the browser's address bar;
• the website address is preceded by https://, where the letter “s” after the usual “http” means “secure”;
• It comes with a digital certificate validation, which can be viewed by clicking on the closed lock icon.

• Do not accept or open suspicious error dialogs in the browser;
• Read the End User License Contract upon software installation, and cancel it if other programs are installed as part of the desired software.