“In 2015, (the FBI) received over 8,000 complaints related to these threats with a combined reported loss of nearly $275 million.”
— FBI 2015 Internet Crime Report
Cybercrime is on the rise again. In the three-year span from 2013 to 2015, complaints rose 10 percent. It could be far worse than that, because, according to one Department of Justice estimate, only about 15 percent of fraud victims (Internet or otherwise) report crimes to law enforcement.
Ransomware: Pay Up or Lose Your Data
However, some high-visibility ransomware attacks have occurred, and according to the FBI, the threat is increasing. Ransomware typically infects the victim’s network through email. Once it gains entry, it encrypts everything on the network, and the criminals demand a ransom in return for the data decryption key. The FBI reports nearly 2,500 ransomware complaints, with losses of more than $1.6 million in 2015.
Phishing Season: Year-round on the Web
Two additional threats that will not go away soon are phishing and its offshoot, spear phishing. Regular phishing can be easier to spot because the email just looks strange. Unusual return email addresses, misspelled words, etc., are sure giveaways.
Spear phishers, on the other hand, know the victims’ names and their email addresses. They leverage personal information gleaned from social media platforms such as Facebook and LinkedIn. They are after credit cards, bank account numbers, passwords and financial information stored on the target’s PC.
Small Businesses Attacks: More Than Doubled Since 2011
Symantec reports that more than half of the spear phishing attacks on fake emails targeted small businesses. Quoted in an onlineGuardian piece, one cybersecurity expert, Sarah Green, observes that small business owners tend to become complacent. Says Green, “(They) may feel that they aren’t likely to be a target due to their size.” Hackers, Green continues, “couldn’t possibly be interested in what they (small businesses) do.”
The opposite, unfortunately, is the case, because small businesses:
As a percentage of all cyberattacks against businesses, in 2011, small businesses enjoyed a low profile — only 18 percent. During 2015, however, according to Small Business Trends, that percentage more than doubled, rising to 43 percent.
Shoring Up the Defenses: A Triad of Options
Hackers will undoubtedly continue to probe weak spots through phishing attacks. The PCI Security Standards Council recommends a three-pronged approach to protect against phishing attacks in 2016:
Promoting email Awareness Through:
Enforcing Website and Software Security Through:
Instituting Password Best Practices by:
Need Some Help?
CITOC is the trusted choice when it comes to staying ahead of the latest cybersecurity and information technology tips, tricks and news. Contact us at (713) 490-5000 or send us an email at firstname.lastname@example.org for more information.