Security Newsletter

Security Newsletter

Can you Name Three Types of Cybercrime?

Did you know that the global cost of cybercrime is expected to reach $2 Trillion by the year 2019?[1] It is no secret that criminals are infatuated by cash. In the year 2018, cyber fraud alone eclipsed $1.4 Billion.[2] Not only is cyber fraud growing, but the types of cyber fraud are as well. In August’s Sulzer Security Newsletter, I will be shedding some light on the types of cyber fraud, specifically identity theft (cyber related), job scams, and greeting card scams. There will also be some useful tips on how to prevent and protect yourself, your business, and loved ones from a terrible experience.

Cyber fraud defined: cyber fraud is the use of internet services or software with internet access to defraud victims or to otherwise take advantage of them.[3]

  1. Identity theft

Identity theft related to cybercrime is extremely broad. Think of the information you share online….. now think about who can see it…now think about a malicious administrator who can also see the information. This information is all over, but also sensitive. If you have put two and two together by now, you understand why identity theft is so common. And if you have not: email, first name, last name, social security number, credit card information, bank account number, messages containing sensitive data, just to name a few. Cyber identity theft can occur for several reasons. Some of these might be out of your control, for example a business getting breached, sketchy administrators, lack of user awareness by an employee leading to a compromise of sensitive data. There may also be some aspects that you can control – ask yourself: “Do I know how to spot, and stop phishing emails?”, “Are my passwords strong?”, “Am I getting credit cards that I don’t qualify for sent to me in the mail?”

Preventing Identity Theft:

Strong security software like Webroot, or Norton, and other services of that nature are a great hands-free preventive measure. As mentioned above, learning to spot phishing emails can be an immense help. Did you know that 95% of all cyber-attacks on enterprise networks occur from spear phishing in some capacity? [4] Training yourself to spot phishing emails can be done simply by watching a short YouTube video. [5]

 

  1. Job scams

Job scams are when an alleged, “headhunter” (cybercriminal in disguise) reaches out with a dream “opportunity”…because it is. Often, the “recruiter” will ask you to make a pre-payment to get the on-boarding process started. Some “headhunters” will even ask for a resume in a word document (which is not secure for those of you in Human Resources) to use the template for personal gain, such as to sell “personalized resumes.”

Preventing Job Scams:

Job scams are avoidable by asking yourself a few key questions. Some of these questions could be “Is the recruiter’s profile legitimate looking?”, “Is this too good to be true?”, “why would I pay an employer before I start?” Most legitimate companies will ask you to send your resume as a PDF, which is usually an instruction from the company’s information security team.

 

  1. Greeting Card Scams

Greeting card scams typically come in the from a spoofed email, injected with a trojan horse (type of malware). The trojan horse is typically embedded within a card that celebrates a milestone. These attacks often come from someone who would typically send you something like this (ex. Human Resources, Grandma, Dad, etc.). Attackers can achieve this by using social engineering. Defined below:

“(in the context of information security) the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes” [6]

Preventing Greeting Card Scams:

Greeting card scams are a type of identity theft. That YouTube video we recommended earlier, in conjunction with a security software could help you. For example, say it is the holiday season and you receive a card from your Grandma, who just got a new computer and is excited to test it out (so you think) and you open an electronic card infested with a trojan horse, an anti-virus software could help protect you from things you cannot anticipate.  

Cyber fraud will evolve as technology does, like most information security trends. The best way to prevent yourself from a tough situation is by staying aware and questioning the information you receive. As articulated by Abraham Lincoln “You can fool some of the people all the time, and all the people some of the time, but you cannot fool all of the people all of the time.” Don’t be fooled.

 

By: Matthew McCaffrey

 

[1] https://securityintelligence.com/20-eye-opening-cybercrime-statistics/
[2] https://threatpost.com/fbi-cyber-fraud-losses-rise-to-reach-1-4b/131783/ (1.4 billion)
[3] https://www.fbi.gov/scams-and-safety/common-fraud-schemes/internet-fraud
[4] https://blog.dashlane.com/phishing-statistics/
[6] https://www.dictionary.com/browse/social-engineering?s=t

About the Author

Rachael Janz administrator