Cybersecurity is a category of crime that continue to inflict taxpayers and companies with damages amounting to billions of dollars annually. Staying updated on the latest attack types and prevention techniques is the only way to future-proof your organization. Here are five (5) fraud trends for leading experts that you want to be aware of.
Synthetic identify fraud is initiated when a hacker procures a social security number by theft or purchase on the Dark Web, and then fabricates an associated name, DOB, email account, or phone number. From there, the fake identity is legitimized and nurtured in order to exploit lines of credit. Once a fraudster is able to become an authorized user, a process tha typically takes 5 months, the "bust-out" is ready to be executed. When the dust settles, creditors and businesses are left with dummy accounts filled to the bring with credit card maximums, loans, and cell phone/utility plans.
The "R" word can send chills down the spine of any business owner or MSP, and for good reason. Two Cities in Florida were forced to pay over a million in aggregate bitcoin ransom, only after losing access to phone and email systems for multiple weeks. Municipalities are not alone, and a quick glance at data breach news headlines on any given week will reveal SMB attacks as well. Ultimately, ransomware boils down to the economic concept of incentives, and it will require a concerted effort by organizations to shift this paradigm.
Account Takeover (ATO)
Understanding how criminals are targeting your business or vertical is a fundamental component to any sound cybersecurity strategy. Nevertheless, The Nature of Work for a CISO is Often Reactive , tasked with establishing a Security Operations Center filled with analysts who are looking to spot a needle in a haystack. On the otherhand, the commoditization of crimeware and "spray-and-pray" techniques have led to a higher frequency in breaches, many of which are executed by a non-sophisticated hacker. Solving ATO fraud at the small business and medium enterprise level in today's world requires purpose-driven teams and technologies that can protect your business smarter and more efficiently.
Just this past summer, three US universities disclosed data breach incidents within a two-day span. However, this pales in comparison to 2018's highlight. In March 2018, nine (9) hackers breached 144 US Universities, charged with stealing 31 terabytes of data worth roughly $3.4 billion in intellectual property. Such breaches have a ripple effect across all verticals and companies, driving consumer awareness and raising the standard for cybersecurity for everyone.
Security researchers estimate that in the first six months of 2019, 23M+ credit and debit card details were being sold in underground forums. What's worse, nearly 2 out of every 3 originated in the United States (64%), followed by the UK (7%) and India (4%). Once such data dumps hit the Dark Web, cybercriminals will exchange stolen information and credentials in order to orchestrate damaging fraud schemes.
Our Top 10 Cybersecurity Tips:
- Create unique passwords and enforce multi-factor authentication for all network users.
- Install spam-filtering solutions with anti-phishing capabilities across your network
- Leverage web-filtering programs that block phishy websites
- Prepare for Cryptojacking attacks.
- Purchase SMB security suites that include Dark Web Monitoring
- Involve all stakeholders in raising cybersecurity awareness across your organization
- Assess your organization's information, protection, and access regularly
- Ensure that all third-parties have cybersecurity protocols and policies in place
- Build a cybersecurity incident response plan (CIRP) and democratize key information.
- Partner up with an IT Managed Services Provider (like Conquest Solutions) to train your employees on a regular basis (bi-monthly).