Trends in Cybercrime
Written by Kevin Mabry | BSN
0
Brand Impersonation
Brand identification is the goal of nearly every business. You see a logo and know what it is before you even read a word. The element of trust is built into these brands. Scammers know how to take that trust and manipulate with that by impersonating these brands so that users act without hesitation because they trust them. Microsoft is one of the top three brands that are used in these phishing emails, along with WeTransfer and DHL. This has stayed consistent since 2019. Since nearly 80% of businesses use a Microsoft product, it doesn’t seem likely that their brand will be safe from impersonators anytime soon. Currently, 43% of the phishing impersonation attacks are impersonating Microsoft, as most of those products are tied to logins, gaining access to a user’s account is a doorway into other files and folders within a business. Once they are in, ransomware and other malicious activity is just a click away. WeTransfer allows users to share larger files, and DHL serves in the transportation industry, so combined they hit across the board on a variety of verticals.Spear Phishing
Anyone in IT should be aware of phishing emails, but spear-phishing is a more targeted attack method. Research on the audience or intended victim(s), their workplace, and even their social sites creates a curated email inquiry or request that is harder to decipher from a more common spam message or attack. Ensure that you are creating awareness about this specific type of attack in addition to the general awareness of phishing. Combined, this builds up that multi-layered approach that we recommend.Business Email Compromise
A business email compromise scam, or BEC scam, essentially combines the trust built from within a business or organization with a fraudulent request and puts it into an email to the targeted recipient. This usually will include a request to send or transfer funds, to purchase gift cards, or to send donation money to a bogus charity. These are often sent as an impersonation of an executive or high-level individual at the company so that they would be less likely to question the request. BEC’s make up about 10% of the social engineering attacks that were found in the report and of that 10%, one in five were targeted to people in sales roles. Next week we’ll look at the other strategies and then dive into more ways that you can counterattack their methodologies with solutions that target all of them in a combined effort. Above all, training and strengthening the human workforce is the best way to mitigate the risk of cybercrime.
Leave a Comment