If 2020 will be remembered by many as the year of the Virus, 2020 has also been synonymous with working from home, online shopping or Skype or Zoom meetings between grandparents and grandchildren. Cybercriminals, on the other hand, quickly realized that this was the perfect opportunity to take action: people are more vulnerable if they use Internet applications they are not familiar with, if their private devices are less secure than their work devices, or if the whole family uses the same computer.
And the year 2021 does not look much better; scammers are still on the lookout.
What types of cyber threats loom large in the new year?
Phishing: cybercriminals can't get enough of it!
In 2020, Internet users sent some 3,200,000 suspicious messages to firstname.lastname@example.org.These numbers are mind-boggling! In 2021, phishing messages are still the preferred way for cybercriminals to access your computer. This type of message can take many forms: not only the traditional e-mails, but also, and increasingly, text messages or messages on social networks. Scammers refer to the latest news events to send messages that may arouse people's curiosity.
In 2020, the police have sounded the alarm on several occasions and have revealed that victims lost several thousand euros. Victims testify in the media every week. Companies can also fall victim to phishing. In those cases, phishing is often used to launch a ransomware attack. All it takes is for a distracted employee to click on a link in a fake message and all the organization's data is encrypted.
Ransomware is a virus that takes your data hostage and encrypts it, so that cybercriminals can demand a ransom from you. Ransomware can affect anyone. Cybercriminals choose their victims without caring about the consequences: even hospitals are targeted and recently it was even a corona test laboratory.
In recent years, we have seen a steady increase in the number of attempted ransomware scams. In 2020, CCB received 82 reports of ransomware, but that number is certainly just the tip of the iceberg. Companies are not inclined to disclose that they have been victims. Indeed, in addition to the financial losses, such attacks can also tarnish their image. Ransomware attacks make a lot of money for cybercriminals, so the trend is unlikely to reverse in 2021.
A new form of online scams
In 2020, it was again the police and the banking industry that reported all kinds of online scamming methods. In many cases, these are old techniques brought up to date. Police figures show that in 2019 cybercrime increased by 30% compared to 2018. And Febelfin regularly warns about new forms of Internet fraud.
One example is the Microsoft scam, in which so-called Microsoft employees who speak poor English contacted victims about an alleged problem with their computer. The fraudster would then take control of the computer and loot the person's bank account. This year, new types appeared: callers speaking in French or Dutch, claimed to work for Proximus or another company, etc. Other forms of fraud also appeared, such as fraud via an invoice, a request for help, a friend proposal, a fake password manager or CEO fraud. What all these types of scams have in common is that the scammer doesn't have to be a hacker; all it takes is a little bit of daring to send a misleading message or make a deceptive phone call. The scammers manage to deceive their victims and convince them to pay into their accounts.
DDoS attacks, an ideal cover!
In a DDoS attack, or Distributed Denial Of Service attack, cybercriminals try to break into an Internet server by overloading it with a large number of page requests. While a DDOS attack in itself is not a danger, it is often used to hide an actual attack or as additional leverage, such as in a ransomware attack. And 2021 will be no exception.
Stop the Internet?
If many incidents and abuses continue, Internet users risk losing their trust in the digital environment. People who surf the Internet every day hear about everything that can go wrong: you have to be careful when opening a message and making purchases online. The innocent things we do every day suddenly become dangerous. Companies and organizations that do not have sufficient resources to have experts manage their systems, also live in fear of being a victim. The fear is that Internet users will seek alternative solutions, which would be a step backwards in the digitization of society.
Miguel De Bruycker, Director of the Center for Cybersecurity Belgium