Since the outbreak of the Covid-19 pandemic in 2020, cybercrimes have spiked drastically. At some point, the USA registered an increase of 75% for daily cybercrimes, the UK reported £34.5 million lost due to cyber scams and more than 530,000 zoom accounts were compromised globally.
Those figures shows that cyber threats are real and that the zero risk does not exist. However, this does not mean that we should not take any precautionary measures to mitigate those risks. We all know that there are security software that will assist us and alert if ever there is a risk. No doubt about their effectiveness but all the best software in the world would be useless if the user does not understand the concepts and consequences of cyber threats.
Here below, we have listed of cyber threats that you should know:
1. Covid-Themed Phishing Attacks
The name is quite self-explanatory. During the peak of the Covid-19 outbreak, scammers sent fake emails to potential victims. Those emails were infected with malicious links. Interacting with these links initiates a credential theft process.
2. Ransomware Attacks
Ransomware attacks are one of the most unexpected cyber threats. Victims are generally stunned when they discover that their systems are blocked, and terrified when they see the ransom message of attackers. This type of attack will paralyse a system by encrypting sensitive data and will only decrypt them if a ransom price is paid.
3. Polyglot Files
This type of threat is a nightmare for security systems. This is one of the most innovative attack method to bypass security systems.
Usually security systems will disallow users to download a type of file that might contain viruses, for example PHP. However some systems will allow users to download a type of file, for example a picture in JPEG or a short animation in the form of GIF.
Hackers have developed hybrid files such as Phar-JPEG that will trick the system, thus allowing attack on the system.
Those files are now known as Polyglot files.
4. Social Engineering
Social engineering, has become a relatively common practice by scammers. The goal of using this method is to obtain credential to access your personal accounts and eventually rob you or use the information to obtain further information.
The most common practice is that a scammer will contact a potential victim and ask the person to provide evidence of his identity to benefit of a promotion or win a fake prize.
The scammer will then use the information to gain access to the person’s other accounts, until they gather enough information to facsimile the person’s identity and use them to gain access to their bank account or use them as phishing mail.
Malvertising is a portmanteau word meaning malicious advertising. As you might have already guessed, it is the use of fake advertising to attract potential victims.
The goal of this method is to redirect potential victims to infected website that will automatically inject malware such as Trojan in the user’s system. The Trojan will then gather information and provide them to the hacker.
Malvertising is relatively common nowadays and are present on social medias.
The 5 examples mentioned above are only a few among all the cyber threats that exist. If you would like to know more about cyber therats or you would like to train your staffs, we can help you. Ascentrix has a training program that will develop your cybersecurity culture. Maximise your awareness for a minimum investment.
If you would like to know more about cyber threats, especially phishing methods, click on the link below. https://www.ascentrixconsulting.com/post/how-to-recognise-and-avoid-phishing