What is cybercrime social engineering – and why is it a risk to your firm?
Cybercrime is a continuing threat faced by companies big and small around the world. in 2021, the costs associated with online criminality are expected to top around $6 trillion (up from $3 trillion in 2015) – and are forecast to grow year-on-year by around 15%, reaching a total value of approximately $10.5 trillion by 2025.
Data surrounds us these days – so much so that it’s becoming harder and harder to differentiate between where the real world ends and the virtual world begins. Indeed, it’s almost impossible to think of any aspect of modern life (or, indeed, commerce) that doesn’t, to some degree, involve the web and technology.
Data – the world’s most valuable commodity
Industry experts now suggest data is the world’s most valuable commodity – greater in value even than the traditional heavyweights of gold and oil. As is always the case, where there’s value, criminals will naturally follow and most business owners state that data breaches and data loss are now their primary concern running their firms.
Cybercrime is now a real and present danger for all companies, no matter of size or turnover. In 2019 alone, a staggering 75% of US firms reported they had been the victim of a cyberattack. As is so often the case in life, the best defense is prevention and, if you want to keep your company safe, you should partner with a respected IT service provider to look after all your IT requirements.
With increased reliance comes increased risk
As more and more of our personal and business lives move increasingly online, so the dangers posed by cybercriminals will continue to grow. However, perhaps yet more worrying is the fact that hackers are constantly inventing new and sophisticated ploys and tactics to gain access to our sensitive, private information.
The growing trend of social engineering attacks
Social engineering attacks are perhaps the hardest to detect as, no matter how strong your security, a hacker can still gain access to your files by playing on human emotions. One of the most common social engineering attacks is by a method called phishing.
In a phishing attack, a hacker masquerades as a known and trusted entity – typically appearing as a genuine company or service. The attacks most commonly happen over email, with the hacker aping an official company by copying their branding, logo, etc. These emails will then either request private user details or often redirect the user to a bogus website (again branded to look official), where the victim unwittingly inputs their username/password combination. Another common tactic is to use the bogus site to automatically infect the user’s machine with malware.
It’s a natural human trait to trust recognized or known entities – which is why phishing is so successful. By appearing as a trustworthy body or individual, the hacker can elicit personal details that we normally wouldn’t share.
Phishing emails normally come from respected organizations like banks or other financial institutions – although mimicking charity organizations is now becoming an increasingly widespread way to gain trust. Often hackers will try to take advantage of naturally occurring disasters, such as the recent COVID-19 outbreak. Indeed, recent research found there was an incredible 30,000% increase in phishing attacks relating to coronavirus scams, often redirecting users to a bogus website purporting to show COVID-19 stats but actually downloading malware onto the user’s machine.
Category: Sci Tech