Five emerging fraud threats facing businesses in 2021

With the growing threat of fraud fueled by the digital acceleration that took place in 2020, Experian revealed five emerging fraud threats facing businesses in 2021. The rapid increase in digital use created a perfect storm for fraudsters to quickly find new ways to steal funds, capitalizing on consumers’ lack of familiarity with digital platforms and the resource constraints faced by many businesses. In fact, from January 2020 to early January 2021, the Federal Trade … More

The post Five emerging fraud threats facing businesses in 2021 appeared first on Help Net Security.

2020 set the stage for cybersecurity priorities in 2021

It’s safe to assume that pretty much everyone is ready to move on from 2020. Between the COVID-19 pandemic, political battles, and social unrest, this has been a stressful year in so many ways. It has also been a very active year for cybercriminals and fraudsters who have preyed on people’s fears and vulnerabilities to push new scams. They’ve spoofed government health sites to trick people into clicking on malware links. They’ve targeted food delivery … More

The post 2020 set the stage for cybersecurity priorities in 2021 appeared first on Help Net Security.

Working together to suppress complex and organized fraud

As the entire world has learned throughout 2020, effective suppression of the COVID-19 pandemic requires concerted responses and coordinated action. Medical professionals must adopt new protocols; local, state, and national governments must implement track-and-trace programs; everyday citizens must adopt risk-minimizing tactics like wearing masks and physical distancing. Unfortunately, fraudsters have taken advantage of the pandemic to rob and steal. And just as beating the virus, beating COVID-19-related fraud will also require a multiparty approach. Organizations … More

The post Working together to suppress complex and organized fraud appeared first on Help Net Security.

Disruption in 2020 paves the way for threat actors in 2021 and beyond

There’s no doubt that 2020 will be remembered for the uncertainty and rapid change it brought. As the global pandemic accelerated trends like remote working and digital transformation, it has also created new cybersecurity challenges. However, although much of 2020 was unpredictable, it’s still possible to step back and look at infosecurity developments that will point the way forward. Sophisticated social engineered attacks on the horizon A recent Verizon report highlighted social engineering as a … More

The post Disruption in 2020 paves the way for threat actors in 2021 and beyond appeared first on Help Net Security.

Unsophisticated fraud attacks increase, first-time fraudsters more prevalent

The risk of identity fraud has increased significantly with attacks occurring more frequently since the start of the pandemic, Onfido reveals. Over the past 12 months, the average identity document (ID) fraud rate increased by 41% over the previous year as first-time fraudsters appear to be more prevalent, likely due to increased economic hardships during the pandemic. The average ID fraud rate reached 5.8% – up from 4.1% the previous year (Oct 2018-2019). The increase … More

The post Unsophisticated fraud attacks increase, first-time fraudsters more prevalent appeared first on Help Net Security.

Holiday shopping season fraud stats revealed

There’s a 1% decrease in suspected online retail fraud worldwide during the start of the 2020 holiday shopping season compared to the same period in 2019, a 59% increase from the same period in 2018 and a 14% increase from all of 2020 so far, TransUnion research reveals. Holiday shopping season fraud stats The findings are based on the same-store sales analysis of e-commerce customers during the traditional start of the global holiday shopping season, … More

The post Holiday shopping season fraud stats revealed appeared first on Help Net Security.

Check Washing

I can’t believe that check washing is still a thing:

“Check washing” is a practice where thieves break into mailboxes (or otherwise steal mail), find envelopes with checks, then use special solvents to remove the information on that check (except for the signature) and then change the payee and the amount to a bank account under their control so that it could be deposited at out-state-banks and oftentimes by a mobile phone.

The article suggests a solution: stop using paper checks.

The AI in cybersecurity market to generate $101.8 billion in 2030

The AI in cybersecurity market is projected to generate a revenue of $101.8 billion in 2030, increasing from $8.6 billion in 2019, progressing at a 25.7% CAGR during 2020-2030, ResearchAndMarkets reveals.

AI in cybersecurity market

The market is categorized into threat intelligence, fraud detection/anti-fraud, security and vulnerability management, data loss prevention (DLP), identity and access management, intrusion detection/prevention system, antivirus/antimalware, unified threat management, and risk & compliance management, on the basis of application. The DLP category is expected to advance at the fastest pace during the forecast period.

Malicious attacks and cyber frauds growing rapidly

The number of malicious attacks and cyber frauds have risen considerably across the globe, which can be attributed to the surging penetration on internet and increasing utilization of cloud solutions.

Cyber fraud, including payment and identity card theft, account for more than 55% of all cybercrime and lead to major losses for organizations, if they are not mitigated. Owing to this, businesses these days are adopting advanced solutions for dealing with cybercrime in an efficient way.

This is further resulting in the growth of the global AI in cybersecurity market. AI-based solutions are capable of combating cyber frauds by reducing response time, identifying threats, refining techniques for distinguishing attacks that need immediate attention.

The number of cyber-attacks has also been growing because of the surging adoption of the BYOD policy all over the world. It has been observed that the policy aids in increasing productivity and further enhances employee satisfaction.

That being said, it also makes important company information and data vulnerable to cyber-attacks. Devices of employees have wide-ranging capabilities and IT departments are often not able to fully quality, evaluate, and approve each and every devices, which can pose high security threat to confidential data.

DLP systems utilized for enforcing data security policies

AI provides advanced protection via the machine learning technology, and hence offers complete endpoint security. The utilization of AI can efficiently aid in mitigating security threats and preventing attacks.

DLP plays a significant role in monitoring, identifying, and protecting the data in storage and in motion over the network. Certain specific data security policies are formulated in each organization and it is mandatory for the IT personnel to strictly follow them.

DLP systems are majorly utilized for enforcing data security policies in order to prevent unauthorized usage or access to confidential data. The fraud detection/anti-fraud category accounted for the major share of the market in 2019 and is predicted to dominate the market during the forecast period as well.

The AI in cybersecurity market by region

Geographically, the AI in cybersecurity market was led by North America in 2019, as stated by a the publisher report. A large number of companies are deploying cybersecurity solutions in the region, owing to the surging number of cyber-attacks.

Moreover, the presence of established players and high digitization rate are also leading to the growth of regional domain. The Asia-Pacific region is expected to progress at the fastest pace during the forecast period.

In conclusion, the market is growing due to increasing cybercrime across the globe and rising adoption of the BYOD policy.

Around 18,000 fraudulent sites are created daily

The internet is full of fraud and theft and cybercriminals are operating in the open with impunity, misrepresenting brands and advocating deceit overtly.

fraudulent sites

Bolster found these criminals are using mainstream ISPs, hosting companies and free internet services – the same that are used by legitimate businesses every day.

Phishing and online fraud scams accelerate

In Q2, there was an alarming, rapid increase of new phishing and fraudulent sites being created, detecting 1.7 million phishing and scam websites – a 13.3% increase from Q1 2020.

Phishing and scam websites continued to increase in Q2 and peaked in June 2020 with a total of 745,000 sites detected. On average, there were more than 18,000 fraudulent sites created each day.

Cybercriminals use common, free email services to execute phishing attacks

The most active phishing scammers are using free emails accounts from trusted providers including Google and Yahoo!. Gmail was the most popular with over 45% of email addresses.

Russian Yandex was the second most popular email service with 7.3%, followed by Yahoo! with 4.0%.

Brand impersonation continues to escalate

Data reveals that the top 10 brands are responsible for nearly 44,000 new phishing and fraudulent websites from January to September 2020. Each month there are approximately 4,000 new phishing and fraudulent websites created from these 10 brands alone.

September saw a near tripling in volume with more than 15,000 new phishing and fraudulent websites being created for these top brands, with Microsoft, Apple and PayPal topping the list.

COVID-19 is still a target, but less so

Approximately 30% of confirmed phishing and counterfeit pagers were related to COVID-19, equaling over a quarter of a million malicious websites.

Compared to Q1, these scams increased by 22%, following dynamic news headlines – N95 masks, face coronavirus drugs and government stimulus checks. However, the good news is that these scams are declining month-over-month.

Cybercriminals will continue to utilize natural news drivers

Though phishing and fraudulent campaigns outside of extraordinary events are on the rise, cybercriminals continue to demonstrate their agility from major events. In Q3, Bolster discovered scams connected to Amazon Prime Day and the presidential election.

There was a 2.5X increase of fraudulent websites using the Amazon brand logo in September, focusing on payment confirmation, returns and cancellations and surveys for free merchandise. Where the presidential campaigns were fraught with counterfeiting and internet trolling.

“With the holiday shopping season kicking off, the results of the presidential election and the New Year approaching, we anticipate the number of phishing and fraudulent activity to continue to rise,” said Shashi Prakash, CTO of Bolster.

“In anticipation of these events, criminals are sharpening their knives of deception, planning new and creative ways to take advantage of businesses and consumers. Companies must be vigilant, arming their teams with the technology needed to continuously discover and take down these fraudulent sites before an attack takes place.”

Explosion in digital commerce pushed fraud incentive levels sky-high

A rise in consumer digital traffic has corresponded with a rise in fraud attacks, Arkose Labs reveals. As the year progresses and more people than ever are online, historically ‘normal’ online behavioral patterns are no longer applicable and holiday levels of digital traffic continue to occur on a near daily basis.

fraud attacks 2020

Fraudsters are exploiting old fraud modeling frameworks that fail to take today’s realities into account, attempting to blend in with trusted traffic and carry out attacks undetected.

“As the world becomes increasingly digital as a result of COVID-19, fraudsters are deploying an alarming volume of attacks, and continually devising new and more sophisticated ways of carrying out their attacks,” said Vanita Pandey, VP of Marketing and Strategy at Arkose Labs.

“The high fraud levels that accompany high traffic volumes are likely here to stay, even after the pandemic ends. It’s crucial that businesses are aware of the top attack trends so that they can be more vigilant than ever to successfully identify and stop fraud over the long-term.”

Bot attacks and credential stuffing skyrocket

Q3 of 2020 saw its highest ever levels of bot attacks. 1.3 billion attacks were detected in total, with 64% occurring on logins and 85% emanating from desktop computers.

Due to the widespread availability of usernames, email addresses and passwords from years of data breaches, as well as easy access to automated tools to carry out attacks at scale, credential stuffing emerged as a main driver of attack traffic. 770 million automated credential stuffing attacks were detected and stopped by Arkose Labs in Q3.

For ecommerce, every day is Black Friday

The rise in digital traffic for most of 2020 means businesses have been dealing with holiday season levels of traffic since March. With every day now resembling Black Friday, some retailers are better equipped to handle the onslaught of holiday season traffic and fraud.

However, it remains to be seen if a holiday sales bump will occur this year, given already record high traffic levels for many ecommerce businesses.

While much of 2019 saw a marked shift from automated attacks to human sweatshop-driven attacks, automated attacks dominated much of 2020, with Q3 seeing a particularly high spike. This trend is likely to revert back to more targeted attacks in Q4, as during the holiday shopping season fraudsters typically employ low-cost attackers to commit attacks that require human nuance and intelligence.

Europe emerges as the top attacking region

Nearly half of all attacks in Q3 of 2020 originated from Europe, with over 10 million sweatshop attacks coming from Russia and 7 million coming from the United Kingdom.

Many European countries, such as the United Kingdom, France, Italy and Germany, are among those whose GDP shrunk the most since the global pandemic began. A surge in attacks from nations suffering the biggest dips in economic output highlights the economic drivers that spur fraud.

Pandey said, “COVID-19 has sent the world into turmoil, upending digital traffic patterns and introducing long-lasting consequences. Habits formed during 2020 – namely conducting commerce, school, work and even socializing entirely online – will be difficult to let go of, so fraud teams must be capable of quickly cutting through digital traffic noise and spotting even the most subtle signs of attacks. In particular, using targeted friction to deter malicious activity will be key in the months and years ahead.”

Fraudsters increasingly creative with names and addresses for phishing sites

COVID-19 continues to significantly embolden cybercriminals’ phishing and fraud efforts, according to research from F5 Labs.

phishing sites

The report found that phishing incidents rose 220% during the height of the global pandemic compared to the yearly average. The number of phishing incidents in 2020 is now set to increase 15% year-on-year, though this could soon change as second waves of the pandemic spread.

The three primary objectives for COVID-19-related phishing emails were identified as fraudulent donations to fake charities, credential harvesting and malware delivery.

Attackers’ brazen opportunism was in further evidence when certificate transparency logs (a record of all publicly trusted digital certificates) were examined.

The number of certificates using the terms “covid” and “corona” peaked at 14,940 in March, which represents a massive 1102% increase on the month before.

“The risk of being phished is higher than ever and fraudsters are increasingly using digital certificates to make their sites appear genuine,” said David Warburton, Senior Threat Evangelist at F5 Labs.

“Attackers are also quick to jump onto emotive trends and COVID-19 will continue to fuel an already significant threat. Unfortunately, our research indicates that security controls, user training and overall awareness still appear to be falling short across the world.”

Names and addresses of phishing sites

As per previous years’ research, fraudsters are becoming ever more creative with the names and addresses of their phishing sites.

In 2020 to date, 52% of phishing sites have used target brand names and identities in their website addresses. By far the most common brand to be targeted in the second half of 2020 was Amazon.

Additionally, Paypal, Apple, WhatsApp, Microsoft Office, Netflix and Instagram were all in the top 10 most frequently impersonated brands.

By tracking the theft of credentials through to use in active attacks, criminals were attempting to use stolen passwords within four hours of phishing a victim. Some attacks even occurred in real time to enable the capture of multi-factor authentication (MFA) security codes.

Meanwhile, cybercriminals were also got more ruthless in their bid to hijack reputable, albeit vulnerable URLs – often for free. WordPress sites alone accounted for 20% of generic phishing URLs in 2020. The figure was as low as 4,7% in 2017.

Furthermore, cybercriminals are increasingly cutting costs by using free registrars such as Freenom for certain country code top-level domains (ccTLDs), including .tk, .ml, .ga, .cf, and .gq. As a case in point, .tk is now the fifth most popular registered domain in the world.

Hiding in plain sight

2020 also saw phishers ramp up their bid to make fraudulent sites appear as genuine as possible. Most phishing sites leveraged encryption, with a full 72% using valid HTTPS certificates to seem more credible to victims. This year, 100% of drop zones – the destinations of stolen data sent by malware – used TLS encryption (up from 89% in 2019).

Combining incidents from 2019 and 2020, 55.3% of drop zones used a non-standard SSL/TLS port were additionally reported. Port 446 was used in all instances bar one. An analysis of phishing sites found 98.2% using standard ports: 80 for cleartext HTTP traffic and 443 for encrypted SSL/TLS traffic.

The future of phishing

According to recent research from Shape Security, which was integrated with the Phishing and Fraud report for the first time, there are two major phishing trends on the horizon.

As a result of improved bot traffic (botnet) security controls and solutions, attackers are starting to embrace click farms.

This entails dozens of remote “workers” systematically attempting to log onto a target website using recently harvested credentials. The connection comes from a human using a standard web browser, which makes fraudulent activity harder to detect.

Even a relatively low volume of attacks has an impact. As an example, Shape Security analysed 14 million monthly logins at a financial services organisation and recorded a manual fraud rate of 0,4%. That is the equivalent of 56,000 fraudulent logon attempts, and the numbers associated with this type of activity are only set to rise.

Researchers also recorded an increase in the volume of real-time phishing proxies (RTPP) that can capture and use MFA codes. The RTPP acts as a person-in-the-middle and intercepts a victim’s transactions with a real website.

Since the attack occurs in real time, the malicious website can automate the process of capturing and replaying time-based authentication such as MFA codes. It can even steal and reuse session cookies.

Recent real-time phishing proxies in active use include Modlishka2 and Evilginx23.

Phishing attacks will continue to be successful as long as there is a human that can be psychologically manipulated in some way. Security controls and web browsers alike must become more proficient at highlighting fraudulent sites to users,” Warburton concluded.

“Individuals and organisations also need to be continuously trained on the latest techniques used by fraudsters. Crucially, there needs to be a big emphasis on the way attackers are hijacking emerging trends such as COVID-19.”

What is ad fraud and how can advertisers fight against it?

According to HP Enterprise’s Business of Hacking report, ad fraud is the easiest and most lucrative form of cybercrime, above activities such as credit card fraud, payment fraud and bank fraud. Luke Taylor, COO and Founder of TrafficGuard, explains why businesses should do what they can to detect and prevent it.

what is ad fraud

What is ad fraud?

Invalid traffic, which encompasses advertising fraud, is any advertising engagement that is not the result of genuine interest in the advertised offering. This could be fake clicks generated by malware, competitors clicking ads in order to drain your ad spend, or users clicking ads by accident. Ad fraud is a subset of invalid traffic, characterized by its malicious intentions, and has been around for as long as digital advertising.

Every time a consumer sees or clicks on an advertisement, the company advertising pays the website for that displayed ad, as well as any number of adtech vendors and traffic brokers that facilitate the process such as ad networks and exchanges. The more advertising engagement, the more money goes to the pockets of these vendors. Some genuinely grow their audiences, while others use trickery to get non-genuine human engagement or fake bot engagements.

Ad fraud and other forms of invalid traffic can cost up to 30% of an advertiser’s budget. Due to a lack of solutions, many advertisers have become complacent with this aggressive attrition to their ad campaigns, considering it an additional cost of online advertising. In 2018, advertisers lost $44 million of advertising spend per day to fraudulent traffic in North America alone. It’s anticipated to reach $100 million a day by 2023.

The reality is the advertising ecosystem is quite complex, making it difficult for businesses to see whether ad fraud is impacting them. As a result, businesses aren’t taking steps to check their risk, let alone seek protection.

How common is this form of cybercrime and does it affect everyone equally?

Wherever there is money in digital advertising, there is invalid traffic. All digital channels, all geographies and all players in the advertising ecosystem. Every advertiser is aware that ad fraud exists, however, most reject the idea that it is happening to them, because it’s difficult to detect without the proper tools. However, just because one chooses not to see the problem, doesn’t mean it’s not there – advertising fraud makes its way into every campaign (CPM, PPC, install campaigns) and every stage of the advertising journey (impressions, clicks, installs, events).

With fraud mitigation and ad quality assurance tools, businesses could achieve big improvements to their advertising performance. The average company now spends 16% of its IT budget on cybersecurity protection measures, yet the issue of ad fraud goes unaddressed, as security decision makers remain oblivious to this challenge. From fake mobile display traffic to bots, ad fraudsters are undercutting businesses’ marketing and customer acquisition efforts.

How do these fraudsters operate, what’s in it for them and how much money are they “collecting” from businesses’ advertising budgets?

Ad fraud is both easier to commit and more costly to businesses than other forms of fraudulent activity. Sophisticated criminal organizations are making billions from ad fraud. The reality is that it’s nearly impossible to pinpoint their exact origins given how complex the digital advertising ecosystem is. Like any successful business, fraudsters are adapting and diversifying in the pursuit profit. The more funds that flow to fraud, the more attractive and formidable this type of cybercrime will become. The more money that flows to fraud perpetrators, the less effective the whole digital advertising ecosystem will be.

What are its consequences on businesses’ bottom line and intelligence?

In addition to drained advertising budgets, there are several other negatives consequences coming from ad fraud that limit businesses’ bottom lines, intelligence and ability to grow.

Ad fraud, and other forms of invalid traffic skew advertising performance data. This is quite detrimental to marketing efforts, affecting everything from future budgeting to campaign optimization. The impact doesn’t just stop at advertising. Product, user experience and website design teams rely on data to improve the customer experience. If their baseline data is skewed, their efforts can be spent in the wrong areas.

Fraudulent advertising activity also reduces the effectiveness of the digital advertising ecosystem for everyone. Advertising intermediaries, the companies who connect advertisements to traffic sources, must spend time and money to address ad fraud. This reduces their ability to scale advertising to the best quality sources of traffic – limiting growth for all advertisers.

How can business protect their digital ad campaigns from this illicit activity?

The cost of ad fraud is much bigger than just the wasted media spend, which is why it is imperative to evade. Preventative, transparent tools which stop fraud at the source are the most effective. This prevents wasted media spend, polluted data and the time-consuming process of manual volume reconciliations.

Optimization is significantly more effective when based on verified traffic data, enabling you to safely and confidently scale your advertising. Some anti-fraud tools occur in a black box, where you’re asked to trust that it works. Businesses should have access to reporting that shows you how fraud prevention is helping your business overall. Transparency is essential to be able to see clear and defendable reasons for each invalidation.

BEC attacks increase in most industries, invoice and payment fraud rise by 155%

BEC attacks increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud, Abnormal Security research reveals.

BEC attacks increase

“As the industry’s only measure of BEC attack volume by industry, our quarterly BEC research is important for CISOs to prepare and stay ahead of attackers,” said Evan Reiser, CEO of Abnormal Security.

“Not only are BEC campaigns continuing to increase overall, they are rising in 75% of industries that we track. Since these attacks are targeted and sophisticated, these increases could indicate an ability for threat actors to scale that may overwhelm some businesses.”

For this research, BEC campaigns across eight major industries were tracked, including retail/consumer goods and manufacturing, technology, energy/infrastructure, services, medical, media/tv, finance and hospitality.

Growth by industry

During Q3, BEC campaign volume increased in six out of eight industries, with energy/infrastructure seeing the highest jump of 93% from Q2 to Q3. Retail/consumer goods and manufacturing, technology and media received the highest volume of attacks during the quarter.

During Q3, attackers continued to focus primarily on invoice and payment fraud, which increased 155% from Q2 to Q3. This trend was particularly notable in retail/consumer goods and manufacturing.

Threat actors continue to target invoice and payment fraud BEC attacks at finance departments, which increased by 54% on average per week from Q2 to Q3. In addition, attackers shifted tactics by increasing email attacks to group mailboxes by 212%.

Additional findings

  • While credential-phishing COVID-19 related attacks decreased by 82%, invoice and payment fraud that continues to leverage the fear, uncertainty and doubt of the pandemic increased by 81%.
  • The most impersonated brands returned to the pre-pandemic “normal,” as Zoom dropped away from the top spot, replaced by DHL and followed by Dropbox and Amazon. Rounding out the top five were iCloud and LinkedIn.

Banks risk losing customers with anti-fraud practices

Many banks across the U.S. and Canada are failing to meet their customers’ online identity fraud and digital banking needs, according to a survey from FICO.

banking fraud

Despite COVID-19 quickly turning online banking into an essential service, the survey found that financial institutions across North America are struggling to establish practices that combat online identity fraud and money laundering, without negatively impacting customer experience.

For example, 51 percent of North American banks are still asking customers to prove their identities by visiting branches or posting documents when opening digital accounts. This also applies to 25 percent of mortgages or home loans and 15 percent of credit cards opened digitally.

“The pandemic has forced industries to fully embrace digital. We now are seeing North American banks that relied on face-to-face interactions to prove customers’ identities rethinking how to adapt to the digital first economy,” said Liz Lasher, vice president of portfolio marketing for Fraud at FICO.

“Today’s consumers expect a seamless and secure online experience, and banks need to be equipped to meet those expectations. Engaging valuable new customers, then having them abandon applications when identity proofing becomes expensive and difficult.”

Identity verification process issues

The study found that only up to 16 percent of U.S. and Canadian banks employ the type of fully integrated, real-time digital capture and validation tools required for consumers to securely open a financial account online.

Even when digital methods are used to verify identity, the experience still raises barriers with customers expected to use email or visit an “identity portal” to verify their identities.

Creating a frictionless process is key to meeting consumers current expectation. For example, according to a recent Consumer Digital Banking study, while 75 percent of consumers said they would open a financial account online, 23 percent of prospective customers would abandon the process due to an inconsistent identity verification process.

Lack of automation is a problem for banks too

The lack of automation when verifying customers’ identity isn’t just a pain point for customers – 53 percent of banks reported it problematic for them too.

Regulation intended to prevent criminal activity such as money laundering typically requires banks to review customer identities in a consistent, robust manner and this is harder to achieve for institutions relying on inconsistent manual resources.

Fortunately, 75 percent of banks in the U.S. and Canada reported plans to invest in an identity management platform within the next three years.

By moving to a more integrated and strategic approach to identity proofing and identity authentication, banks will be able to meet customer expectations and deliver consistently positive digital banking experiences across online channels.

Europol analyzes latest trends, cybercrime impact within the EU and beyond

The global COVID-19 pandemic that hit every corner of the world forced us to reimagine our societies and reinvent the way we work and live. The Europol IOCTA 2020 cybercrime report takes a look at this evolving threat landscape.

europol IOCTA 2020

Although this crisis showed us how criminals actively take advantage of society at its most vulnerable, this opportunistic behavior should not overshadow the overall threat landscape. In many cases, COVID-19 has enhanced existing problems.

Europol IOCTA 2020

Social engineering and phishing remain an effective threat to enable other types of cybercrime. Criminals use innovative methods to increase the volume and sophistication of their attacks, and inexperienced cybercriminals can carry out phishing campaigns more easily through crime as-a-service.

Criminals quickly exploited the pandemic to attack vulnerable people; phishing, online scams and the spread of fake news became an ideal strategy for cybercriminals seeking to sell items they claim will prevent or cure COVID-19.

Encryption continues to be a clear feature of an increasing number of services and tools. One of the principal challenges for law enforcement is how to access and gather relevant data for criminal investigations.

The value of being able to access data of criminal communication on an encrypted network is perhaps the most effective illustration of how encrypted data can provide law enforcement with crucial leads beyond the area of cybercrime.

Malware reigns supreme

Ransomware attacks have become more sophisticated, targeting specific organizations in the public and private sector through victim reconnaissance. While the pandemic has triggered an increase in cybercrime, ransomware attacks were targeting the healthcare industry long before the crisis.

Moreover, criminals have included another layer to their ransomware attacks by threatening to auction off the comprised data, increasing the pressure on the victims to pay the ransom.

Advanced forms of malware are a top threat in the EU: criminals have transformed some traditional banking Trojans into modular malware to cover more PC digital fingerprints, which are later sold for different needs.

Child sexual abuse material continues to increase

The main threats related to online child abuse exploitation have remained stable in recent years, however detection of online child sexual abuse material saw a sharp spike at the peak of the COVID-19 crisis.

Offenders keep using a number of ways to hide this horrifying crime, such as P2P networks, social networking platforms and using encrypted communications applications.

Dark web communities and forums are meeting places where participation is structured with affiliation rules to promote individuals based on their contribution to the community, which they do by recording and posting their abuse of children, encouraging others to do the same.

Livestream of child abuse continues to increase, becoming even more popular than usual during the COVID-19 crisis when travel restrictions prevented offenders from physically abusing children. In some cases, video chat applications in payment systems are used which becomes one of the key challenges for law enforcement as this material is not recorded.

Payment fraud: SIM swapping a new trend

SIM swapping, which allows perpetrators to take over accounts, is one of the new trends. As a type of account takeover, SIM swapping provides criminals access to sensitive user accounts.

Criminals fraudulently swap or port victims’ SIMs to one in the criminals’ possession in order to intercept the one-time password step of the authentication process.

Criminal abuse of the dark web

In 2019 and early 2020 there was a high level of volatility on the dark web. The lifecycle of dark web market places has shortened and there is no clear dominant market that has risen over the past year.

Tor remains the preferred infrastructure, however criminals have started to use other privacy-focused, decentralized marketplace platforms to sell their illegal goods. Although this is not a new phenomenon, these sorts of platforms have started to increase over the last year.

OpenBazaar is noteworthy, as certain threats have emerged on the platform over the past year such as COVID-19-related items during the pandemic.

VP for Promoting our European Way of Life, Margaritis Schinas, who is leading the European Commission’s work on the European Security Union, said: “Cybercrime is a hard reality. While the digital transformation of our societies evolves, so does cybercrime which is becoming more present and sophisticated.

“We will spare no efforts to further enhance our cybersecurity and step up law enforcement capabilities to fight against these evolving threats.”

EU Commissioner for Home Affairs, Ylva Johansson, said: “The Coronavirus Pandemic has slowed many aspects of our normal lives. But it has unfortunately accelerated online criminal activity. Organised Crime exploits the vulnerable, be it the newly unemployed, exposed businesses, or, worst of all, children.

“The Europol IOCTA 2020 cybercrime report shows the urgent need for the EU to step up the fight against organised crime [online] and confirms the essential role of Europol in that fight”.

Rising reports of fraud signal that some COVID-related schemes may just be getting started

As the economic fallout of the COVID-19 crisis continues to unfold, a research from Next Caller, reveals the pervasive impact that COVID-related fraud has had on Americans, as well as emerging trends that threaten the security of contact centers, as we head towards what may be another wave of call activity.

COVID-related fraud

The company’s latest report found that 55% of Americans believe they’ve been a victim of COVID-related fraud, up more than 20% from when the company conducted a similar study in April.

Perhaps even more worrisome is the fact that 59% of Americans claim they haven’t taken any additional precautions to protect themselves from these attacks.

“Even with massive amounts of PII circulating the dark web and so many new opportunities for criminals to exploit because of the pandemic, it’s still alarming that over half of the country thinks they’ve been targeted by COVID-related fraud,” said Ian Roncoroni, CEO, Next Caller.

“Compounding the problem is COVID’s unique ability to distract and disengage people from carefully monitoring their accounts. Criminals who are already well-equipped to bypass security can now operate longer without detection, worsening the impact exponentially.”

Data has shown the clear correlation between the economic fallout of the crisis – specifically stimulus related events – and the meteoric spikes in overall call volumes and the number of high-risk calls taking place inside contact centers across today’s biggest brands.

Fraudsters eager to replicate their initial success

A pending second stimulus package, combined with a clear urgency from Americans around receiving it, indicates that another wave of activity from customers and criminals is on the horizon.

In regards to the latest findings, Roncoroni said, “We have to prepare for a more sophisticated criminal strategy this time around. Rising reports of fraud activity signal not only that fraudsters are eager to replicate their initial success, but that some of those early schemes may just be getting started.

“The phony mailing address unceremoniously added to a bank account in April is likely just the trojan horse for a scheme ready to be set in motion under the cover of the next stimulus package.”

COVID-related fraud

Key findings

  • 55% of Americans believe they’ve been targeted by COVID-related fraud
  • Despite that, 59% of Americans claiming that they have not taken any additional precautions to protect themselves from attacks
  • Almost 1-in-3 Americans are more worried about becoming a victim of fraud than they are about contracting the virus
  • 56% believe brands are equally responsible for providing flexible and accommodating customer service and protecting personal information
  • When asked about their view of the next stimulus checks, 41% of Americans said “I really need another check”
  • 53% of Americans say that they have already sought out information related to the next round of checks

CEO of NS8 Charged with Securities Fraud

CEO of NS8 Charged with Securities Fraud

The founder and CEO of the Internet security company NS8 has been arrested and “charged in a Complaint in Manhattan federal court with securities fraud, fraud in the offer and sale of securities, and wire fraud.”

I admit that I’ve never even heard of the company before.

Sidebar photo of Bruce Schneier by Joe MacInnis.