Interview with a SET University Student: Protecting Yourself from Cyber Threats

At SET University, we often engage with our students to discuss their studies, hobbies, and perspectives on current issues. This time, we spoke with Lotkhar Starikov, a student in the Cyber Defense program, about new forms of fraud in messaging apps and ways to secure accounts and devices. This article highlights today’s most common data collection schemes and provides actionable tips to help you stay safe from cybercriminals.

Voice Message Scams: How Do They Work?

Recently, there has been increasing buzz about a new type of scam involving voice messages. How exactly do these scams operate, and what can you do to protect yourself from falling victim?

According to Lotkhar, “A new form of fraud is rapidly gaining traction in messaging apps, particularly in Telegram. Attackers are leveraging artificial intelligence (AI) to clone voices and impersonate individuals. They send messages that appear to come from someone the victim knows, typically asking to borrow money. This isn’t just phishing anymore—it’s a sophisticated attack using deepfake technology.”

He also pointed out an earlier case of this technology in action: “In 2019, one of the first significant examples emerged in Europe, where criminals used deepfake technology to mimic the voice of a company director. This led to the theft of over $35 million.”

How the Scam Unfolds

Lotkhar broke down the process step by step:

1. Account Compromise: Fraudsters first gain unauthorized access to a user’s account. This is often achieved through phishing techniques or by guessing weak passwords.
2. Data Collection: Once inside the account, attackers analyze the user’s message history, including voice messages. This helps them gather voice samples for the next stage.
3. Voice Cloning: Using AI tools, the criminals create a synthetic voice that closely mimics the victim’s. These tools are so advanced that the fake voice can sound nearly indistinguishable from the real one.
4. Targeting Victims: Finally, the attackers use the cloned voice to send messages to the victim’s friends or family. These messages typically ask for urgent financial assistance, leveraging the voice’s authenticity to build trust and increase the likelihood of receiving funds.

How to Protect Yourself

Protecting yourself from cyber threats doesn’t have to be complicated. Here are some simple yet effective steps you can take:

1. Enable Two-Factor Authentication (2FA):
   Activate 2FA in all your messengers and accounts. This adds an extra layer of security, making it harder for attackers to gain unauthorized access.
2. Use Strong, Unique Passwords:
   • Create passwords with at least 12 characters, combining uppercase and lowercase letters, numbers, and symbols.
   • Consider using mnemonic phrases to make complex passwords easier to remember. For example:
     MyF@voriteFirstV@c@tion1nZhytomyr_2021.
   • Avoid reusing passwords across different platforms.
3. Avoid Storing Passwords in Plain Text:
   • Don’t save passwords in unencrypted files or program memory.
   • Change your passwords periodically to minimize risks.
4. Verify Financial Requests:
   If you receive a message asking for money, even from someone you know, take these extra steps:
   • Call the person back or contact them through a different communication channel.
   • Ask a question that only the real person would know the answer to.
5. Be Cautious with Links and Files:
   • Don’t click on suspicious links or download attachments from unknown or unverified sources.

Following these steps can significantly reduce your vulnerability to cyber threats and scams.

How Do I Know if My Device is Hacked?

Pay attention to any unusual or abnormal behavior from your device. If your device starts acting unpredictably, it could indicate a potential hack.

Signs of Hacking on a Smartphone:

• The battery drains unusually fast, or the device overheats without heavy usage.
• Strange calls or text messages appear that you didn’t make or send.
• The camera or microphone activates without your input.
• The phone malfunctions—freezes, reboots unexpectedly, or experiences sound distortion during calls.

Signs of Hacking on a Computer:

• The system slows down significantly without a clear reason.
• New, unexpected programs or accounts appear (check Task Manager on Windows or Activity Monitor on macOS).
• The browser opens unknown tabs or redirects you to unfamiliar websites.
• Passwords are changed, or accounts are locked without your action.
• The antivirus or firewall is disabled or blocked.
• New users are created on the system that you didn’t authorize.
• The webcam activates without your permission.

How to Detect Phone Eavesdropping

Eavesdropping on phone conversations is another common form of hacking. Watch out for:

• Unusual noises, static, or echoes during calls.
• The phone takes longer than usual to turn off or freezes while shutting down.
• The microphone or camera indicator light blinks randomly.
• Strange text messages with random characters—these could be commands sent by spyware.
• The phone turns on by itself or launches apps unexpectedly.

What Should You Do if You Suspect a Hack?

If you suspect your device is compromised, take immediate action:

1. Check Your Account Activity:
   • Disconnect suspicious devices linked to your accounts.
   • Change all passwords and enable two-factor authentication (2FA). Time is critical!
2. Run a Security Scan:
   • Perform a deep scan of your device using a trusted antivirus solution (e.g., Microsoft Defender, ESET).
3. Reset or Reinstall if Necessary:
   • If the intrusion persists, perform a factory reset on your device or reinstall the operating system to eliminate any hidden malware.

By staying vigilant and acting quickly, you can minimize the damage caused by a hacked device.

Cyber Hygiene: Simple Rules for Everyone

Even regular users can significantly reduce the risk of unauthorized data collection by following basic cyber hygiene practices:

• Review App Permissions: Regularly check which applications have access to your camera, microphone, geolocation, and other sensitive features.
• Use VPNs and Secure Messengers: Opt for reliable tools that prioritize privacy and data security.
• Avoid Unprotected Public Wi-Fi: Never connect to public Wi-Fi networks without proper protection, such as a VPN.
• Install Apps from Official Sources Only: To reduce the risk of malware, avoid downloading applications from unverified or unofficial sources.

While it’s impossible to completely prevent data collection, a proactive and comprehensive approach to security can minimize risks and make it significantly harder for attackers to succeed.

How to Protect Your Home Wi-Fi

Proper configuration of your home Wi-Fi network is essential for security:

• Use a Strong Password: Avoid default administrator usernames and passwords. Regularly monitor connected devices to identify unauthorized access.
• Enable WPA3 (or WPA2) Encryption: Ensure your network uses the latest encryption standards for optimal protection.
• Update Your Router’s Software: Keep the firmware up-to-date and avoid using outdated router models.
• Set Up a Guest Network: Create a separate guest network for visitors. This isolates your main network and reduces the risk of hacking.
• Disable WPS (Wi-Fi Protected Setup): WPS can make connecting devices without entering a password easier, which increases security vulnerabilities.

Cybersecurity: A Daily Habit

Cybersecurity isn’t a one-time action—it’s an ongoing practice. Following these simple rules can make life much harder for attackers and keep your data safe.

We hope these tips help you stay protected from fraudsters! Stay vigilant and secure!