The growth of virtuality that came hand in hand with the pandemic expanded potential attack surfaces for criminals. Various reports show a significant increase in cybercrime that impact both companies and end users.
According to a recent Fortinet report, 87% of Latin American companies suffered cybersecurity breaches in the last year. The economic damages from these attacks were equal to or greater than USD 1 million for 63% of the affected entities.
How do these attacks occur?
Attacks can occur through different malicious programs (malware)how is he ransomware. But they can also occur through attacks of phishing either social engineering which does not involve the installation of harmful software but is caused by the theft of confidential data through various tricks.
Ransomware
Ransomware is a malicious program that is characterized by hijacking files or data and encrypting them to make them inaccessible to the victim. To make that information accessible again, criminals ask for a ransom payment. This is a modality that is increasing in the region.
“The percentage of organizations that were victims of ransomware and paid ransoms increased from 45% to 57.5% in 2021″, stand out from BTR Consulting. For its part, Accenture published a report in which it is concluded that attacks of this type increased by 107% worldwide during the past year.
Malware combos
When the types of cybercrimes are analyzed through malicious programs, various reports conclude that ransomware is one of the most common. Although it should be noted that there are also other types of malware that have also grown a lot like Trojans, which appear to the user as a supposedly legitimate program but when it is executed, it opens a back door that gives the attacker remote access to the infected computer.
And above all, it is important to underline that many times users are affected by a combo of harmful programs. “In the past, malware was often designed to perform a single malicious action. Nowadays, malware is like Swiss Army knives, capable of more than one malicious action and are often designed to deliver more malware, which can cause even more damage,” said Jakub Kroustek, Director of Malware Research at Avast, in a recent report.
Social engineering or phishing
As mentioned above, not all cybercrime occurs through the use of malware, it can also occur through social engineering techniques. This alludes to the methods of deception used by criminals to get the users themselves to provide them with their access credentials (username and password) to bank accounts, emails, profiles on social networks and even WhatsApp.
According to the recent IBM report, 29% of cyberattacks in the region in 2021 arose from stolen credentials. And this is closely linked to phishing attacks which, according to the same report, experienced a significant increase in the region.
The two main factors that occur in phishing cases:
“It was found that phishing is presented as a stable infection route over time, with an average of around 10,000 daily detections”, stressed Sol Gonzáles, a cybersecurity specialist at Eset, when asked about this issue.
1. The hooks: fashion themes, gifts and investment promises. When orchestrating such a deception, cybercriminals seek to generate an attractive hook. Thus, they will send an email, message or even make a phone call (this type of technique is known as vishing) to their potential victims, telling them that they are from a supposedly recognized entity and that they are going to offer them a benefit.
They can say, for example, that they are representatives of any government agency and that they contact them to give them access to a social benefit; either they are from a bank Y that the person was selected to receive a credit, for example. In these times when there is a lot of talk about NFT and cryptocurrencies, many scammers use these topics as an excuse to carry out cyber scams, as warned from Eset; or even to make pyramid schemes.
2. Get the user to give their passwords. Once the cybercriminals have gained the attention and trust of the potential victim, they will ask for their access codes. Sometimes they can be ordered directly, but in others they use a little more elaborate gadgets. For hijack whatsapp account for example, they can tell the victim that they have been sent a promotional code by SMS and that they have to share it to obtain the supposed benefit. If the victim shares this information, they run the risk of losing access to their profile since the information requested is the validation code for the account.
In other cases, the user is sent, by means of an email or message, a link to a fake page that pretends to be a genuine site (such as a bank, company, social network, etc.) and you are asked to enter your username and password there to update information or finish a supposed process to obtain the promised benefit. That way the criminal gets this data.
Recommendations to protect yourself from cyber attacks:
1. It is important to be informed about how phishing campaigns work to avoid being victims of scams and identity theft.
2. Do not download attachments that arrive by mail or message with supposed benefits. Nor offer confidential data over the phone.
3. Avoid clicking on links that arrive through different communication services because it is possible that they are false pages where access credentials are requested that will later be used to access other user accounts.
4. Have strong passwords and do not use the same ones in all accounts. For this it may be useful to have a key manager.
5. Activate the second factor authentication on all accounts that allow it.
6. Avoid publishing sensitive data on social networks or photos that help cybercriminals deduce them.
7. Remember the security codes received via SMS or email should never be shared with anyone.
8. Keep the operating system up to date and have a security solution.
