Change is inevitable, as they say, and the cyber threat landscape is no exception. With the advent of new platforms, software, and other technology, the cybersecurity landscape is forever morphing. The digital threats businesses face are constantly evolving as bad actors work to keep up with security advancements while making bank. Here are five threats everyone should be preparing for in the year to come.
Business Email Compromises
Business email compromise (BEC) is one of the most financially damaging of all online crimes, according to the Federal Bureau of Investigation (FBI). A total of 35 percent of all cybercrime losses in 2021 were due to business email compromises, according to the FBI’s 2021 Internet Crime Report. In 2021, the Internet Crime Complaint Center (IC3) received 19, 954 BEC and email account compromise (EAC) complaints with losses totaling nearly $2.4 billion.
In a BEC scam, cybercriminals send an email to an unsuspecting victim that appears to originate with a known source. The email will make what seems to be a legitimate request for funds. Some of the examples of BEC scam requests from the FBI include the following:
- A “vendor” your company regularly conducts business with sends an invoice with an updated mailing address.
- A “company CEO” asks her assistant to purchase dozens of gift cards to send out as employee rewards. She asks for the serial numbers so she can email them out right away.
- A homebuyer receives a message from their “title company” with instructions on how to wire their down payment.
These are all real scenarios reported to the FBI’s IC3 in 2021. In each case, it cost the victims thousands or even hundreds of thousands of dollars. The money went to criminals rather than the intended party.
“In 2021, IC3 continued to receive a record number of complaints from the American public: 847, 376 reported complaints, which was a seven percent increase over 2020, with potential losses exceeding $6.9 billion,” wrote FBI Deputy Director Paul Abbate. “Among the 2021 complaints received, ransomware, business email compromise schemes, and the criminal use of cryptocurrency are among the top incidents reported. In 2021, BEC schemes resulted in 19,954 complaints with an adjusted loss of nearly $2.4 billion.”
Cybercriminals spoof email accounts and websites with the slightest variation on a legitimate address. For example, instead of email@example.com they may use firstname.lastname@example.org to trick victims into thinking they are a legitimate source emailing them.
They may also use spear phishing emails (see the section on Phishing & Spear Phishing below). These messages look like they are from a legitimate source, but are actually criminals looking to get victims to reveal confidential information they can use to make a profit. This may be information to access company accounts, calendars, and data needed to conduct a BEC scheme at a later date.
Malicious malware can also mine valuable data. Malware is software that can infiltrate a company network to gain access to company data including legitimate email threads regarding invoices and billing. It can also mine for passwords and financial account information.
This is a common method of attack that you may have read about in headlines. Big ransomware attacks like those against the Colonial Pipeline Company in 2021 often make national news. While you may think only big companies are the prime targets of hackers, think again.
According to AAG, there were around 236.1 million ransomware attacks globally. During 2021, at least 15.45 percent of internet users worldwide experienced at least one malware attack, including ransomware. Furthermore, AAG reported around 20 percent of cyber breaches in 2022 were the result of ransomware.
Cybereason’s Ransomware: The True Cost to Business 2022 report found that in 2022, ransomware attacks on companies are 33 percent higher than they were in 2021 and the year isn’t even over yet. Companies are quick to pay ransoms to get their data back but are often left without their data despite paying. Some organizations have even been hit more than once by the same bad actors after having already paid one ransom.
When it comes to malware, employees with infected machines are spreading viruses more broadly, according to Comparitech.
“In 2020, 61 percent of organizations experienced malware activity spread from one employee to another. In 2021, that number rose to 74 percent, and in 2022, it hit 75 percent- the highest rate of infections since the SOES (State of Email Security by Mimecast) survey began in 2016.”
Additionally, there were 270,228 “never-before-seen” malware variants identified in just the first half of 2022 according to the Mid-Year Update 2022 SonicWall Cyber Threat Report.
Business leaders should expect new malware variants and ransomware attacks to continue to increase in 2023. This is especially true with international political conflicts continuing into next year as nation-sponsored actors become even more active.
Phishing & Spear Phishing
Nearly everyone has received a suspicious email at one time or another. Whether from a seemingly known source or not, phishing is using an email to trick someone into giving up valuable information.
Phishing emails are typically vast campaigns of emails sent to large volumes of people. Phishing casts a wide net to capture as many victims as possible with an email that tricks them into giving up valuable information, sending money, downloading malicious malware, or clicking on a bad link. Spear phishing is similar but rather than targeting a large group, spear phishing targets a specific person or organization.
Phishing and spear phishing account for the most common method of entry for ransomware at 41 percent, according to AAG. Phishing is a major threat to businesses because it’s easy for a new or unsuspecting employee to open a bad email. This can lead to viruses, malware, and worse. Watch for an uptick in phishing and spear phishing attacks moving into 2023.
The Dark Web
There is an underground marketplace known as the Dark Web. In this online marketplace, cybercriminals can shop for stolen credentials, credit card numbers, phone numbers, malware, phishing kits, and other unsavory items to commit crimes. This includes bank fraud, ransomware attacks, phishing campaigns, and more. Expect to see an increase in Dark Web sales of these services going into 2023 as people become more desperate with the economic downturn and look to crime to make a quick buck.
Protect Yourself and Your Business
There are steps you can take to protect yourself and your business. Below are a few ways to best secure your personal and business data in the year ahead.
- Avoid sharing personal information online or on social media. Sharing personal information from your address, birth date, pet names, schools you’ve attended, and the like opens you up to attack by cybercriminals. Why? Because this is often information used for passwords and/or answers to security questions.
- Never click on links or open attachments in unsolicited emails or text messages, especially those requesting you to verify account information. If you’re concerned about your accounts, look up the company phone number online and call them directly so you can ask if the request is legitimate or not.
- Examine email addresses and URLs carefully to ensure they are legitimate before responding or buying anything from a site. Watch for spelling errors in correspondence as this is a way to spot a scam email, letter, or text. Bad actors often use small differences in the spelling of addresses to trick victims.
- Be careful when downloading anything. Never open an email attachment from someone you don’t know. Even if you know the source, if the email is unexpected, don’t open it without calling them directly to verify that it’s legitimate. They may have had their email hacked (broken into) or spoofed (copied with a slight variation in spelling).
- Employ multifactor and password managers. Use two-factor authentication on every platform and account where it is offered. Yes, it’s an extra step to logging in, but it offers an extra layer of security to protect you. Also, use password managers to help keep track of credentials for logging in to different accounts and platforms.
- Before honoring any payment or purchase requests, verify the request in person with the requestor or call them directly to ensure they sent the request. This will verify the legitimacy of any invoices or purchase requests. Be sure to also verify any changes in account numbers or payment procedures with vendors or service companies.
- If someone is pressing you to act quickly to make a payment, be very wary. It may not be a legitimate payment request.
- Beef up cybersecurity for your business. If you can’t afford an in-house IT and cybersecurity team or the team needs more assistance, contact a third-party provider such as ORAM Cybersecurity Advisors for help.
- Provide regular, ongoing cybersecurity training for every employee. Your staff is your first line of security and they need to know what threats they are facing, how to recognize them, and how to defeat them to secure your business.
- Invest in Dark Web monitoring for your business, yourself, and your employees. This will help alert you when your credentials have been compromised so you can quickly change logins and passwords before a breach can occur.
- Invest in multi-layered security. Anti-virus and firewall simply aren’t enough in today’s digital threat landscape.
Where to Report Attacks
If you or your business has been victimized by an online attack or hack, you need to report it immediately. First, contact your financial institution immediately and request that they contact the financial institution where your transfer was sent. Next, contact your local FBI field office to report the crime. Also, file a complaint with the FBI’s Internet Crime Complaint Center. Finally, reach out to your IT department or third-party cybersecurity provider to alert them to what has happened to see if they need to take further steps to secure your business.
To learn more about cyber threats to your business in real-time, contact ORAM Cybersecurity Advisors at (617) 933-5060. ORAM is happy to assist your business with identifying threats, securing your business, and IT services.