As cybercrime expands and evolves, a new study categorizes and describes the top five threats: data breaches, malware, DDoS, mobile threats and the industrialization of fraud – and they’re all interrelated.
-Industrialisation of Fraud
Security firm 41st Parameter describes each threat in turn. The data breach threat is illustrated by the LivingSocial breach earlier this year. 50 million records were compromised in April. Although no financial records were stolen, they probably weren’t the direct target: “consumers don’t realize that the real concern behind the theft of personal data (such as email addresses, birthdates and encrypted passwords) is potential exposure to various forms of identity theft.”
The real problem with large data heists comes in the following months when the attackers use the data they have stolen to engineer compelling phishing attacks “to dupe unsuspecting victims into revealing sensitive data that can be used to open new accounts or take over existing ones.” In this instance there were two difficulties – firstly consumers still tend to reuse passwords over multiple accounts, and secondly LivingSocial’s business model sends out ‘daily deals’ emails to its subscribers. A forged email could look like a genuine LivingSocial mail but actually contain a disguised link to a malicious site.