The landscape in which cybercrime thrives on is ever-changing. As society shifts on to e-commerce, e-banking, automation and so on, the criminals are also upgrading their strategies and tools to keep on taking advantage of individuals. Cybersecurity is constantly improving, but cybercrime still continues to wreak havoc on a daily basis.
Here, we will discover the top 5 cybercrime trends of 2019.
1.- Mobile Fraud:
The use of mobile phones for financial transactions and in data-storage has been on the rise for the past years. The downside being that sensitive data is being handled outside the security of a person’s home network. In consequent, this has become a prominent security threat especially if the device gets lost or stolen.
Downloading apps from unknown or unverified developers poses the most risk for mobile devices. According to RSA, a security and integrated risk management solutions provider, 80% of mobile fraud has been conducted through various mobile applications, and not on mobile web browsers.
2.- Use of Artificial Intelligence (AI):
AI seems to be a double-edged sword, on one end, AI-driven algorithms are being used as cybersecurity measures to prevent attacks and threats while on the other end, cyber criminals use this to craft effective and powerful AI tools to conduct business.
The 3 major instances where AI is used for malicious intent are:
1.- Cybersecurity evasion via process doppelganging, where attackers write malicious code appearing to be legitimate.
2.- Phishing as attackers utilize AI code for sending emails to victims in order to entice them to click on links.
3.- Social Engineering attacks, as attackers use the capabilities of AI’s voice recognition and natural text-to-speech to gain access into corporate or personal resources.
The use of AI in cybercrime is a really dangerous trend.
Extortion continues to be a cybercrime trend this year, in fact, its popularity enabled a new underground market called Sextortion to flourish. According to TIO Square, a Private Investigator firm in NY Sextortion is becoming an ever-growing concern. Sextortionists have evolved several classic social engineering methods to hook their prey, including catfishing, hacking and relationship abuse.
Sextortion campaigns are most commonly executed on social media. An attacker befriends the victim on social media, eventually convincing the victim to send revealing photos after the trust is developed, and at the same time befriending the victim’s family members found on the friend list. The sextortionist then threatens to reveal the victim’s photos to the family and friends unless a payment is sent over.
4.- Non-malicious Insiders
ISACA, one of the world’s oldest cybersecurity organizations, releases an annual “State of Cybersecurity” report that tracks cyber-related trends and emerging threats.
In the said report, non-malicious insiders have been pinpointed as one of the leading causes of breach incidents in businesses. Simply put, John who works as a finance assistant clicks on a phishing email link and in doing so, opens the entire network to potential attackers.
Although non-malicious in context, this trend has caught the eyes of business owners and the report indicates that “…33% of CEOs surveyed are willing to fire an employee who causes a data breach”.
5.- Emergence of Sodinokibi
Trend Micro, a hybrid cloud, endpoint, and network security solutions provider, has detected a relatively new ransomware called Sodinokibi or RANSOM.WIN32.SODINOKIBI.A.
Since April 2019, various delivery vectors have been identified: vulnerable servers, spams, and managed server providers (MSPs). Since then, there have been various incidents in relating to this ransomware. Typically, it involves tricking or pressuring an unknowing victim into clicking a link that enables a malicious macros.
To protect yourself against attacks follow these 5 tips:
- Never open or click a suspicious email.
- When banking or conducting personal transactions online, be sure to check the address bar for an https location, and assure the spelling of the website is exact.
- Be careful in downloading apps from unknown publishers, primarily from any source outside of the App Store or Google Play.
- Keep your antivirus software up to date.
- Be sure to always upgrade to the latest operating system and patches on your mobile devices and your personal computers.