Growing risks online

Education and awareness of risks are probably the most effective self-defense strategy against the dangers of the online environment

Corina Cristea, 13.06.2025, 14:00

Education and awareness of risks are probably the most effective self-defense strategy against the dangers of the online environment – a space where computer fraud is increasingly sophisticated, and attackers are increasingly better prepared and convincing in their interactions with potential victims. The picture is completed by artificial intelligence, increasingly used as support by those who target personal data and information of those they want to defraud. Data and information that are available on the personal email, on their own phone or on various communication applications and social networks. What does the picture of digital risks in Romania look like today and how can we protect ourselves?

Liviu Arsene, director of cyberthreat research: “I don’t think there is a big difference between the Romanian and global IT landscape. In general, home users, ordinary users, are targeted by the same types of threats. Whether it’s online fraud, via SMS, email or instant texting applications, or phone calls. In general, when something seems too good to be true, it usually is. And then, it would be advisable not to always believe everything you see, hear or read. Moreover, if you are unsure about the information you see, read or receive, always try to validate it from an official source. That would be the best recommendation. And last but not least, whether it’s your phone, tablet or laptop, desktop, whatever you may be using, you should always have a security solution, because it can protect you from most of these types of scams in the online environment.”

The National Cyber ​​Security Directorate warns that recently, aggressive campaigns promoting fake investment programs have returned to social media platforms, for example. The online environment is full of very realistic videos made using deep-fake techniques and usually they feature famous people endorsing so-called unique investment opportunities. They promise quick profits, but this is just another way in which artificial intelligence is used for evil purposes, Dan Cîmpean, director of National Cyber ​​Security Directorate (DNSC) warns: “All these clips and these fake images or videos are extremely well made. Their quality is getting better and better, and criminal groups manage to present us with a very credible image, a video recording. Unfortunately, artificial intelligence is put to use for evil purposes in such cases and it is very, very important to be very cautious and to pay great attention to the type of media we consume in the online environment. First of all, as other authorities have said, any offer that is too enticing, too interesting, already raises some question marks. What is most important in the case of such messages is to be very careful about what type of websites or what type of interaction with those presenting the message we are going to have. In some of these cases we are sent to websites where there is basically only a form in which we are invited to include our phone number, email address, name, first name or other personal or user data. These sites have minimal contact details, so we basically don’t know who is behind them, there is no company name, no contact address, no email address or phone number. And that is a big red flag.” said Dan Cîmpean, director of National Cyber ​​Security Directorate.

We must admit that attackers are becoming better and better and more credible in sending deceptive messages to users, to citizens, says Dan Cîmpean. Regarding the identity of the attackers, they are mainly multinational criminal groups, which are very difficult to document, very difficult to identify, especially since they change their infrastructure very quickly, says the Dan Cîmpean, DNSC director: “For example, the sites we are discussing now, which are up to date with these incredibly good offers, are sites that in just a few days were moved from infrastructures first in European Union countries, then went through Russia, through Malaysia and probably in the coming days will be hosted in various countries around the world.”

Any means of communication that the attackers have at their disposal can be a tool for collecting personal data, whether we are talking about social media networks, applications, texting, said Liviu Arsene director of cyber threat research: “In general, the goal of attackers is to convince the victim, whether through a phone call, an SMS, an email, to disclose personal data, whether we are talking about passwords, about first and last names, personal identification number (CNP), about bank data, in general such messages do not discriminate, they are not distributed only on a single platform, they come on as many messages as possible. The goal of the attackers: think of a net-type attack – they cast a net as wide as possible, to catch as many victims as possible.” said Liviu Arsene

And all this is very simple, because everything is just one click away. To be protected, one needs to pay attention, one needs simple verification measures, and in order to support users, the National Cyber ​​Security Directorate provides guides for detecting fakes created with the help of artificial intelligence or for exercising the most robust judgment possible when browsing the online environment. (LS)