Cybercrime is on the rise.
According to Cybersecurity Ventures, it expects the costs associated with cybercrimes to “grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025”.
The organization says that the rise in damages that we’re seeing today and will continue to see over the next few years is due in part to “a dramatic increase in hostile nation-state sponsored and organized crime gang hacking activities.”
There are dozens of different types of cybercrimes that could impact you, your spouse, or your aging parents.
In this article, we’re focusing on five emerging or growing cyber crimes that you need to know about:
1. Pandemic-Related Phishing
The COVID-19 pandemic brought a new form of phishing into existence.
In their 2019 Report on Internet Crime, the FBI defines phishing as “unsolicited email, text messages, and telephone calls purportedly from a legitimate company requesting personal, financial, and/or login credentials.”
Phishing criminals attempt to make emails, text, and phone calls look or sound like they are from reputable companies that you will recognize. For example, they might attempt to make you believe you’re receiving legitimate communication from your bank, the social security administration, the IRS, your utility company, your credit card company, your mortgage company, or even your local city government.
The purpose of all phishing attempts is to get sensitive information that can be used to steal your identity, gain access to your accounts, or trick you into giving them money.
With pandemic-related phishing, criminals began using two new tactics:
Tactic 1: Promising vaccinations to elderly people in exchange for personal information about themselves.
Tactic 2: Emailing phony health policies to employee email addresses in an attempt to gain access to personal information.
According to one blog post about growing cybercrimes, “Google’s Threat Analysis Group shared that they blocked 18 million Covid-19 themed emails that contained phishing links and malware downloads per day (Security Magazine, 2020).”
The best way to protect yourself against pandemic-related phishing attacks is to never respond to a message from a sender who you don’t recognize. You should also inspect emails closely to ensure that they are coming from the organization you believe is sending them.
2. Mobile Malware
Another cybercrime to watch out for is malware made for mobile devices.
McAfee defines malware as “ a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network.”
As smartphone usage continues to increase, new forms of malware are being developed that can exploit the information and data people store and access on their phones.
The most common types of mobile malware are Remote Access Tools (RATs), Bank Trojans, Ransomware, Advertising Click Fraud, and malware built specifically for cryptomining or cryptojacking.
To protect yourself from mobile malware, make sure to always install recommended updates from your phone provider. You should also avoid using jail-broken devices as they can create more vulnerabilities for you than you may realize.
Cryptojacking is when a cyber criminal secretly uses a person’s computing power to generate cryptocurrency.
Here’s how cryptojacking happens according to Interpol:
Here are signs to watch out for that may mean your device is being used by someone else to mine cryptocurrencies:
- Slower device performance
- Device powering down unexpectedly
- Increases in electricity costs
- Overheating of your device battery
To protect yourself from cryptojacking events, pay attention to the performance of your computer and mobile devices. You can also install browser plugins that can help block mining attempts. Finally, make sure to always download and install any recommended or required software and security updates sent by the makers of your operating system.
4. Romance & Catfishing Scams
Romance and catfishing scams are also growing threats. In these scams, cybercriminals leverage social engineering tactics to get personal information or money from unsuspecting victims.
Here’s how romantic catfishing scams work:
A criminal pretends to be romantically interested in the victim and communicates with them using Facebook Messenger, Instagram, or a dating app like Tinder. After a virtual relationship has been established, the criminal attempts to ask the victim for money or for information about themselves that they can use to gain access to financial accounts.
Here’s how non-romantic catfishing scams work:
A criminal pretends to have a business or financial opportunity that the victim can take advantage of if they provide some level of financial investment. After money has been exchanged, the criminal becomes unreachable and no longer has contact with the victim.
To protect yourself from this type of cyber crime, make sure you always have a good idea of who you are communicating with.
Ask questions to help verify the identity of the person you are forming a relationship with.
Beware if an individual promises to meet up with you but always cancels at the last minute.
Beware if the person you are talking to tries to isolate you from friends and family.
Finally, avoid sending money to people you’ve only just met.
5. Business Email Compromise (BEC) Attacks
A final cybercrime worth noting is called the Business Email Compromise Attack. According to one source “the combined total lost to BEC attacks is $43 billion and counting, with attacks reported in at least 177 countries.”
Here’s how these scams work:
A criminal finds the name of the CEO or founder of a company, then they create a fake email address that uses the first and last name of the individual. Once they have created the email address, they send emails to real employees at the company pretending to be the CEO or founder. They ask for urgent last minute requests, like buying an odd number of gift cards, or transferring money to unfamiliar accounts.
This scam requires social engineering and ends up being fairly effective because unsuspecting victims are eager to do a favor for the CEO of their company, not realizing that the email and the ask are both phony.
To protect yourself from this crime, be wary of emails you get from your CEO, President, or founder, especially if you don’t normally receive emails from them on a regular basis.
Pay close attention to the email address being used—is it a company email address or a non-company email address?
If you get an urgent request that seems legitimate, try to verify with the person through a different method of communication. Call them, text them, or send them a message on Slack.
The more we rely on the internet to live, work, and be entertained, the harder cybercriminals will work to target and attack us.