PHISHING TRENDS in 2020
There is no doubt that 2020 was a challenging year for everyone. The COVID-19 pandemic impacted both our professional and personal lives in many ways. We have shifted to working remote and distance learning. Businesses have been forced to make budget cuts, and some even furloughed staff – or worse, closed their doors altogether.
Cybercriminals will always exploit a crisis and have leveraged the COVID-19 pandemic to stage many cyberattacks and take advantage of organizations and individuals when they were the most vulnerable, leveraging what can often be the biggest vulnerability – human emotion.
Since the beginning of the COVID-19 pandemic, hackers have taken advantage of the crisis by impersonating major health organizations or video meeting platforms like Skype, Zoom, and Google Meet with an increase in remote work.
The average cost of a corporate breach was $2.8 million in 2020, and most small businesses won’t recover.
PHISHING ATTACKS ARE NOTHING NEW – BUT CONTINUE TO EVOLVE
During a phishing scam, hackers will try to get an individual to click a malicious link or give away personal information, typically through email. Often, cybercriminals pose as a trusted colleague, government official, or a well-known business.
In recent years, that has expanded to SMS/iMessage, social networks, collaboration platforms, videoconferencing, and gaming services. Mobile users are particularly vulnerable because of the small screen, user error, and invisible URL strings.
WHAT TO LOOK FOR IN 2021
Moving into 2021, we face similar issues at the start of the year as we did in 2020. The COVID-19 situation persists; the cybercriminals are not going to stop. They will continue to capitalize on whatever the latest COVID-19 developments are.
Not only that but with the increase in fraud fueled by the growth in digital work that took place in 2020, Experian released its 2021 Future of Fraud Forecast that shows five threats businesses should look out for and prepare for
- Putting a Face to Frankenstein IDs: Synthetic identity fraud – when a fraudster uses a combination of real and fake information to create an entirely new identity – is currently the fastest-growing type of financial crime. The progressive uptick in synthetic identity fraud is likely due to multiple factors, including data breaches, dark web data access, and the competitive lending landscape. As fraud detection methods continue to mature, Experian expects fraudsters to use fake faces for biometric verification. This “Frankenstein faces” will use AI to combine facial characteristics from different people to form a new identity, creating a challenge for businesses relying on facial recognition technology as a significant part of their fraud prevention strategy.
- “Too Good to Be True” COVID Solutions: With the distribution of vaccines underway and the broader availability of rapid COVID-19 testing, Experian expects that fraudsters will continue to find opportunities to capitalize on anxious and vulnerable consumers and businesses. Everyone needs to be vigilant against fraudsters using the promise of at-home test kits, vaccines, and treatments as a means for sophisticated phishing attacks, telemarketing fraud, and social engineering schemes.
- Stimulus Fraud Activity, Round Two: For Americans suddenly out of work or struggling with the financial fallout from the pandemic, 2020’s government-issued stimulus funds were a welcome relief but also an easy target for fraudsters to commit scams. Experian predicts fraudsters will take advantage of additional stimulus funding by using stolen data from consumers to intercept stimulus or unemployment payments.
- Say ‘Hello’ to Constant Automated Attacks: Once the stimulus fraud attacks run their course, Experian predicts hackers will increasingly turn to automated methods, including script creation (using fraudulent information to automate account creation) and credential stuffing (using stolen data from a breach to take over a user’s other accounts) to make cyberattacks and account takeovers easier and more scalable than ever before. With billions of records exposed in the U.S. due to data breaches annually, this type of fraud will prosper in 2021 and beyond until the industry moves away from its reliance on usernames and passwords.
- Survival of the Fittest for Small Businesses: As a result of COVID-19, businesses were left with no choice but to shift to digital to meet the needs of consumers quickly, and some were more prepared than others. In 2020, consumers may have been willing to give businesses time to adjust to the new normal, but in 2021 their expectations will be higher. Experian predicts businesses with lackluster fraud prevention tools and insufficient online security technology will suffer large financial losses in 2021 and beyond.
NOT SURE WHERE TO START? WE CAN HELP
Don’t fall victim to one of these scams. Our suite of security services helps to put the right solutions in place to train your end-users and protect your business.