DNSC warns: online fraud is increasing on well-known platforms and through deepfakes

The National Directorate of Cyber Security (DNSC) is sounding the alarm: cyber attackers are diversifying their methods and exploiting the image of platforms and public figures to deceive users.

• Well-known platforms, preferred targets for attacks

According to DNSC, cyber attackers are creating fake pages, links and messages that appear legitimate, using the names of established brands such as OLX or ePantofi. Their goal is to convince users to enter personal and financial data or make payments outside of official channels. "Their goal is the same: to collect card data and obtain fraudulent payments from victims who believe they are shopping safely,” DNSC specialists said.

• How online traps work

The most common methods used by attackers include: websites that imitate official domains (e.g. "epantofi.online" instead of the original domain); fake forms distributed on social networks or through direct messages; spectacular offers that seem too good to be true; deepfakes with public figures, used to promote "miraculous investments".

• Specialists' recommendations

DNSC sends users some simple protection measures: do not fill out forms received through suspicious links; carefully check the website address before entering card details; use updated antivirus and two-factor authentication (2FA);

report fraud to 1911 or on the pnrisc.dnsc.ro platform

• Increasingly complex attacks against organizations

DNSC also warned of attacks directed against CECCAR (the Romanian Body of Certified Accountants and Certified Public Accountants). These targeted compromising social media accounts, sending fraudulent messages and cloning legitimate websites.

• Deepfake fraud: manipulating emotions

A worrying element is the use of deepfake videos with public figures in Romania. These are built to exploit the trust and emotions of users, convincing them to provide personal data or transfer money.

"We remind you: such deepfake videos represent a method of online fraud, built to manipulate emotions and convince potential victims to provide personal data or transfer money to attackers,” the DNSC specialists emphasized.