Today, it’s more common than ever to complete transactions and access information online, from payments to general inquiries. Unfortunately, this increase in digital activity also brings a rise in cyber fraud attempts.

With this guide, we aim to help you identify the most common types of cyber fraud, enabling you to navigate the digital world with confidence and safety. Knowing them is the first step toward avoiding them.

1. Phishing

One of the most common types of fraud. It involves fake emails, messages, or websites that appear to come from legitimate institutions to steal sensitive information such as passwords, bank details, or credit card numbers.

Warning signs:

• Urgent or alarming messages, e.g., “Your account will be suspended if you don’t respond.”
• Suspicious or misspelled links.
• Requests for confidential information that you’re not usually asked for.

How to protect yourself:

Avoid clicking on suspicious links and never share passwords via email or messaging apps. Always verify through official websites or trusted channels.

2. Smishing (SMS + Phishing)

A variation of phishing that occurs via text messages (SMS or WhatsApp). Scammers try to get you to click a link or reply with personal information.

Warning signs:

You receive a message like: “You’ve received a refund for your membership. Enter your details here to claim it.”

How to protect yourself:

Be skeptical of messages that contain links, even if they appear to come from a trusted source. Always double-check by contacting the official channels directly.

3. Vishing (Voice + Phishing)

This type of fraud is carried out over the phone. The scammer pretends to be a representative of a legitimate institution, such as a bank, travel agency, or hotel, and tries to get your personal or financial information.

Warning signs:

• They offer exclusive promotions or immediate refunds.
• They pressure you to make quick decisions.
• They ask you to “verify” card numbers or passwords.

How to protect yourself:

Never provide sensitive data over the phone unless you made the call yourself using an official number.

4. Spoofing

This refers to digital identity impersonation. It may involve a fake email that appears to be coming from a known address or a call that seems to be from a legitimate number.

Warning signs:

• The sender’s address has slight variations, e.g., “velasresortss.com.”
• The message has an overly alarming or promising tone.

How to protect yourself:

If something feels off, pause and verify. It’s better to spend a few minutes confirming than to risk compromising your information.

5. Fake websites

Scammers create websites that closely resemble official ones (including similar design, colors, and logos), designed to steal your information when you log in or make a payment.

How to protect yourself:

• Ensure the web address begins with “https://” and that the domain is accurate.
• Don’t access websites through links from unknown sources or questionable social media posts.
• Always type the URL yourself or save official sites to your bookmarks.

6. Social Engineering

This type of fraud doesn’t always involve technology. It’s based on manipulating emotions to gain your trust and convince you to disclose sensitive information voluntarily.

Example:

A supposed “agent” calls, saying they need your help to verify suspicious account activity, causing worry, so that you act without thinking.

How to protect yourself:

Don’t let fear or urgency guide your actions. Take a moment to think and verify the situation through official channels. It’s more likely that you would notice suspicious activity before any external agent.

7. Identity theft

Fraudsters collect enough information about you (name, address, phone number, banking details) to impersonate you and carry out unauthorized transactions.

How to protect yourself:

• Use strong, unique passwords for every account.
• Enable two-factor authentication whenever possible.
• Don’t share seemingly harmless personal details publicly.

General Recommendations for Velas Resorts Club Members

• Always ensure you’re using an official website or channel. All official email addresses end in @velasresorts.com
• Avoid making payments over public Wi-Fi networks.
• Check your account statements regularly.
• Report any suspicious activity to our Club Member Services team.
• When in doubt, don’t click.