Cyber threats aren't always invisible -- sometimes they're right beside you.
Key points
- Cyber threats now include physical spying like shoulder surfing in public places such as ATMs and public transport.
- Smishing and vishing scams trick users into sharing OTPs, passwords and banking details through fake messages and calls.
- Fake QR codes and malicious links can redirect users to harmful websites designed to steal sensitive information.
- Public Wi-Fi and fake apps allow hackers to intercept data, monitor activity and access personal accounts.
- Simple precautions like verifying sources, avoiding suspicious links and staying alert can prevent most cyber scams.
Online threats are real but dangers also exist in the physical world around you, often when you least expect them.
Scammers and cybercriminals don't always rely on complex hacking. Sometimes, they just take advantage of small, everyday moments when you're distracted.
The good news? A little awareness can go a long way in protecting yourself.
Here are some common cyber and privacy threats, how to spot them and simple ways to stay safe.
Physical privacy threats
1. Shoulder surfing
What is it?
This happens when someone nearby secretly watches you enter sensitive information like your ATM PIN or phone passcode.
How to recognise it:
- There may be a situation if someone stands or sits unusually close while you're typing.
- They may pretend to be distracted but position themselves so that they can read your screen.
How to protect yourself:
- Cover the keypad when entering PINs.
- Tilt your phone or laptop away from public view.
- Use fingerprint or face unlock in public places.
- Consider using a privacy screen protector which you can buy at any store that sells mobile phone accessories or laptop accessories.
SMS and call scams
2. Smishing (SMS scams)
What is it?
Fraudulent text messages claiming to have come from banks, delivery companies or government agencies.
How to recognise it:
- Messages asking you to 'verify immediately'.
- Suspicious links that don't match official websites.
- Requests for OTPs or personal details.
How to protect yourself:
- Never click links in unknown messages.
- Remember, banks never ask for OTPs via SMS.
- Enable spam filters on your phone.
3. Vishing (fraud calls)
What is it?
When a scammer calls pretending to be from a bank, the police, a courier service or tech support.
How to recognise it:
- The caller creates panic, saying your account will be blocked.
- They ask for OTPs, passwords or card details.
How to protect yourself:
- Hang up and call the official number yourself if required.
- Never share OTPs or passwords on calls.
- Block suspicious numbers.
QR code and click scams
4. Quishing (QR code scams)
What is it?
Fake QR codes that redirect you to harmful or fake websites.
How to recognise it:
- A sticker placed over another QR code.
- A QR code asking for login or payment details unexpectedly.
How to protect yourself:
- Check carefully before scanning.
- Preview links before opening.
- Avoid installing apps through QR codes.
5. Clickjacking
What is it?
When a website tricks you into clicking something different and not on what you intended.
How to recognise it:
- You click one button but something else happens.
- Unexpected pop-ups or downloads appear.
How to protect yourself:
- Keep your browser updated.
- Avoid suspicious ads and websites.
- Stick to trusted websites.
Public Wi-Fi and app risks
6. Man-in-the-middle attacks
What is it?
Hackers intercept your data when you use unsecured public Wi-Fi.
How to recognise it:
- Your browser shows 'not secure'.
- You see unusual login requests.
- Strange redirects occur.
How to protect yourself:
- Avoid banking on public Wi-Fi.
- Use a VPN if necessary.
- Always check for the lock symbol (HTTPS) on your browsers address bar.
7. App jacking
What it is?
Fake or modified apps designed to steal your data.
How to recognise it:
- Apps asking for unnecessary permissions.
- Sudden battery drain.
- Unknown apps appearing.
How to protect yourself:
- Download apps only from official app stores (example Google's Play Store or Apple's app store).
- Check reviews and developer details.
- Delete unused apps.
Email privacy and tracking
8. Spy pixels
What is it?
Invisible trackers in emails that monitor when you open them.
How to recognise it:
- Email apps blocking images automatically.
- Emails from unknown senders tracking activity.
How to protect yourself:
- Keep image blocking enabled.
- Use email privacy protection features.
- Avoid clicking unknown links.
Golden rule: Pause → Think → Verify → Act
If something feels suspicious, don't rush. Take a moment to check. That pause could save you from a scam.
© 2026