Cybercriminals are becoming more efficient in monetizing their activities. A report released by the Internet Society on Tuesday (9) estimates that more than two million incidents in 2018 resulted in losses of over $ 45 billion, the equivalent of about $ 170 billion.
READ: Porn site used in scam to steal money from users
The value is a record, but the total amount of violations and leaks fell last year. That is, cyber criminals are improving the profitability of the attacks. Cryptocurrency hijacking, ransomware and credential stuffing were some of the criminal methods highlighted in the report.
What ransomware: five tips to protect yourself
Want to buy a cell phone, TV and other discounted products? Meet the Compare dnetc
Among the key trends identified by the Internet Society study are the growth of cryptocurrency-related crimes, which are difficult to detect and provide a direct route from infiltration to income. They have tripled the cases of cryptojacking, a practice in which bandits hijack devices to mine cryptocurrencies without permission from the owner.
Another upward practice is corporate email fraud, which diverted $ 1.3 billion (more than $ 4.8 billion in direct conversion) in 2018. Employees are deceived by people impersonating salespeople or executives and end up sending money or gift cards, which results in loss to institutions. Last year recorded double the number of these cases than in 2017.
Ransomware cases are scarce but still lucrative scam Photo: Divulgao / Kaspersky
The financial impact of ransomware rose by 60% in 2018, despite the general reduction in attacks by this technique. The main target was computers from state and local governments in the United States, as public agencies are often vulnerable to using obsolete machines and operating systems.
The report also demonstrates the proliferation and transformation of supply chain attacks. Attackers infiltrate e-commerce sites and other businesses through third party content and credentials or vendor software. The hijacking of user login data is used in credential stuffing cases, when criminals use stolen information to make attempts to log in to other services after all, it is common for users to repeat passwords, even though it is not advisable.
According to the Online Trust Alliance (OTA), the Internet Society's Web Security Initiative, the actual numbers may be even higher, as many online crimes are not even reported. In addition, the institution stresses that most violations could easily have been prevented. It is estimated that 95% of 2018 cases could have been prevented with simple digital security measures.
WhatsApp scam: what to do? See tips on the dnetc forum.