4.3 Cybercrime Flashcards
Cybercrime
Is committed by criminals on a computer or over a computer network
Either to steal money from accounts or to damage a system
Examples of cybercrime
- the UK had the highest number of cybercrime victims in 2022, 4783 per million internet users π¬π§
- the USA was second at 1492 per million πΊπΈ
- the Netherlands saw the biggest rise in victims (up 50% in 2020) π³π±
- Greece saw the biggest decrease (by 75% in 2020) was the top country in The National Cuber Security Index in January 2023 (NCSI) π¬π·
Main types of cybercrime
- phishing
- investment fraud
- ransomware
- malware
- authorised pay payment (APP) scams
Phishing
Most common form of crime committed online
Criminals try to trick people by email or text into providing sensitive information .
Resulted in the lowest loss to its victims at an average of $136 per individual (AAG 2023)
For example: over a phone call they would tell the victim that they owe money for a product which they never ordered and would help them by asking for their bank details so that they could cancel it on their behalf. Once they have access to the bank account details, they can access their account and withdraw money or sell the details to other criminals.
Investment fraud
Most expensive form of cybercrime in 2022
Average victims losing $70,811
Criminals set up fake businesses and provide legitimate sounding information which is actually false.
This can deceive victims into investing in the scheme
E.g, share investment schemes or purchase of property abroad
Victim never see their money again
Ransomware
A malicious software that disables a victims access to their data until they pay a ransom.
If a bank is affected , it can temporarily lose access to some of its data, especially if its backup systems are efficient.
Around 236.1 million ransomware attacks were reported worldwide in the first half of 2022
Malware
Malicious software placed on a computer or net work that encourages users to click on a link or open an attachment.
When they do this that hacker can take control of the computer and access confidential data.
Example: Spyware
Collect uses personal information without their knowledge or consent
Authorised push payment (APP) scams
When criminals trick the customer into making a payment.
Scammers try to panic their victims into taking action in a hurry and without thinking .
Some cases the criminal pretends to be a bank employee or a police officer
Experian
Has a website which keeps track of the latest types of scams.
Cybercrime conclusions
- criminals have developed increasingly sophisticated forms of cybercrime
- Cost of cybercrime has risen
- Organisations all over the world are spending more money on tightening this cyber security
-Cyber crime increased during the pandemic (due to increased opportunities as there was a lot of remote working practices with employees not using secured control network to access and share data)
Cloud based attacks
Practice of storing systems and data on the cloud.
This creates an opportunity to carry out cloud based attacks.
Banks must configure the cloud infrastructure securely to make criminal attacks last likely.
Staying safe online
Bank could lose public confidence.
Must have systems that can minor and check all transactions
All these methods make logging in or making a payment slower and more complicated .
- use 2 factor authentication (2FA)
- block access
- warning
- block card payments
- inform and help customers
- regular training
Use 2 factor authentication (2FA)
This strengthens the security when customers log on to their accounts.
It requires two separate levels for customers to verify their identity before the account opens.
The first factor is username and passcode and the second is a smart phone number.
The bank website send a code to this number and the customer enter the code.
Fingerprint or facial recognition is a relatively safe method of verification
Block access
To an account after multiple unsuccessful attempts to logon
Warning
Send customer an on screen warning after log or before payments are made
The customer can verify the payment if it is genuine