“2015 will see an increase in the sophistication and evolution of cybercrime attacks”, predicts Trent Youl, FraudWatch International founder and CEO.
Attacks in general will continue to become highly targeted as criminals seek to bypass spam and virus detection. The average consumer will find the ability to identify fraudulent email increasingly difficult, as emails will be more personally crafted for an attack on the specific individual, using information gained from theft from another source, in a separate attack.
This article will explore the trends FraudWatch International is predicting for 2015.
Phishing and Malware:
Basic phishing techniques that have been around for the past 13 years will continue to increase, especially in developing countries experiencing growth in consumer digital take up. This is a relatively simple, anonymous crime that provides an easy entry for keen young cyber-criminals, targeting companies that have little or no protection.
FraudWatch International also expects more sophisticated phishing attacks against large online brands to continue to rise. Criminals will gain trust of the consumer by impersonating a large brand, resulting in a higher email and attachment opening ratio.
Malware will also continue to become more sophisticated as criminals seek to bypass detection by Anti-Virus and Malware detection systems. This will result in more large scale attacks on companies and data breaches.
Healthcare and Financial Institutions at risk:
Recent large scale attacks shows the intention of cyber-criminals – hit the large healthcare companies with a wealth of personal data. We expect to see an increase in these attacks. Criminals will use targeted spear phishing campaigns against specific individuals within these organisations, using information freely available on social media profiles to ensure emails and attachments are opened, resulting in immediate infection and control of devices used by these key personnel to access database systems containing personal information of their clients. This information is extremely valuable in the criminal underground selling comprehensive packets of information on individuals.
Financial institutions will receive the same treatment – the criminals will always target the easy money. The same methods will be used with spear phishing attacks.
Mobile Threats:
The world is going mobile, and so are the criminals. Consumers now using mobile for payments provides an incentive for the criminals to take control of mobile devices. Mobile malware, fake mobile apps, and attacks on security flaws of mobile payment systems will become common news in 2015.
Criminals will target all types of devices, not just the perceived less secure.
Social Media:
Social media has had a profound impact on human behavior. Prior to social media, people never let all their friends know where they were, what they were eating, or listed all their interests for acquaintances to see. We, as a global community, are placing an immense amount of personal information online – and the criminals are accessing this. Regardless of the security settings, criminals will find a way: set up a fake corporate profile for consumers to follow, fake “friends” (“That pretty girl wants to be friends with me!”), and malware infected links in posts and video’s.
FraudWatch International expects to see an explosion of social media fraud, using all the above methods. Again, this will allow highly targeted spear phishing campaigns based on an individual’s interests and affiliations.
Ransomware:
Criminals will increasingly use ransomware to extort money from both companies and individuals in 2015. This is not a new crime, but the methods for receiving payment are becoming easier to access for the criminals, with more anonymous online money and currency transfer methods becoming available.
Ransomware will encrypt data on a device, PC, or network and the criminals will then request payment of ransom to unencrypt data. Many companies will find it easier to make payment to the criminals rather than have this type of breach in the media.
In conclusion, FraudWatch International expects to see cyber-crime a constant this year in the media as criminals continue to penetrate organisations and compromise individuals through a variety of methods. Most will be initiated from a spear phishing campaign, with the unfortunate result of reduced trust in email.