Cybercrime can take many forms but they all have the digital environment in common. In general terms a good cybercrime definition would be: Offences committed to harm the reputation or cause physical or mental harm to the victim, using computers and/or networks such as the Internet or mobile networks.
Cybercrime has garnered much more attention lately due to the current circumstances, as pointed out by our market research on how companies are adapting to COVID-19 which was answered by 150 leading ecommerce businesses:
In simple words, cybercrime can be divided into two big categories: Computer as a target and computer as a tool.
Computer as a target crimes require a much higher expertise from the perpetrators and are usually committed as a group of individuals rather than loners. Given the technical expertise required to execute and the novelty of these types of crimes, these are the ones that society is more unprepared to face. Fortunately, this type of cybercrime is the least common, due to the expertise and coordination that they require. These crimes usually depend on computer viruses, malware and denial of service attacks.
Computer as a tool are much less technically unrefined crimes, thus making them way more common; on these the attacker relies on human weaknesses to exploit. These include thefts, scams and harassment, that have been existing for centuries, way before computer science started to develop. Since these are the most common cybercrimes we will be focusing on these ones for this article.
Phishing is one of the main forms of social engineering attacks, and as any social engineering attack it tries to trick unsuspecting users into giving away personal information.
Usually, these cybercrimes are committed by impersonating trusted and popular brands creating fake social media profiles and rogue websites to lure users into them. These sites copy the appearance of the real website to create a sense of security and usually ask to fill forms with personal information to receive some kind of benefit, such as discounts. The most refined of these sites might include malicious scripts that scrap this information out of your browser, without the need of forms.
This information is later monetized, in the worst case scenario, bank information was stolen. Even if no bank information was given, there are plenty of ways to gain profit from personal information as the Cambridge Analytica scandal proved.
From a business perspective these scams are usually trying to impersonate potential providers.
You should be checking every domain that you get links to and do not provide any kind of information on websites that are not secure, secure websites always display a little padlock at the start of the URL.
Pay attention to social media profile names and domains too, big brands will usually have their social media profiles verified and domain typosquatting is a very common tactic.
Of course, applying common sense is very important too against these scams. If it’s too good to be true, it usually isn’t.
From a business standpoint, instruct and educate your employees, since ultimately it comes to individuals to stay safe from this type of cybercrimes.
This type of scam usually asks people to send money promising a much larger sum in the short term. The most famous one is the “Nigerian” scam, also known as the “419” scam which is the number of the nigerian law it violates.
These scams were already widespread through fax, telephone and traditional mail, but the Internet made them much easier to pull off and more widespread.
Usually the victim receives communication from someone in need of help to move a large sum of money from a foreign country. There are plenty of variations of this scam and more are developed each day.
The victim will be asked to cover a small portion of the cost of moving the money or asset, and will be promised a bigger cut of the benefits when the process is over.
If the victim falls for it and transfers money, he or she will be told that complications have arisen and that more money will be required. Of course, the victim will not recover anything and this will go on until the scammer feels like there’s nothing to gain from this victim and jump to another one.
Another common fraud is related to fake job listings, where the victim is asked to pay some money to cover the cost of paperwork or pre onboarding formation.
Common sense is our best defense against this type of cybercrime, as with fishing scams, if an offer is too good to be true, it usually isn’t true.
Distrust unsolicited communications from strangers offering very attractive deals, and never pay in advance any of these.
Intellectual property infringements vary from the sale of counterfeit or replica goods, content piracy, patent infringement and more. In the following article you can find a full list of every intellectual property infringement type.
As a summary we will briefly explain them in this post:
There are two main ways to protect your intellectual property online.
You can have in-house detection and lawyer teams to search the internet and enforce against infringers. This is a method that requires a lot of time and effort, more suited for small companies that do not have a big problem.
There’s also software, such as our Brand Protection software and Anti Piracy software that allow you to cost-effectively scale these efforts, if your problem is more than your in-house team can handle.
To help you decide what’s the best approach to these cybercrimes for your company we recently wrote a blog on how to choose the right brand protection solution for your business.
Identity theft is closely related to the phishing scams that were discussed earlier. As other computer as a tool cybercrimes, they existed much earlier than the Internet did, but it has certainly improved their reach and ease of execution.
Identity theft exists in two main forms, depending on the information that was stolen. These forms are impersonation as the lesser evil if only personal information or accounts without payment methods saved were stolen. However it can be much worse if credit card information or accounts containing it were stolen, since the cyber criminal can make purchases charged to your account.
This also applies to companies, but on top of it, you should be aware that former employees might be disgruntled and retain access to your accounts.
The easiest and least expensive method of protecting your identity online is to share as little information about yourself as possible.
You should also keep an eye on your online accounts activity, and proactively report any suspicious activity as soon as it happens.
Harassment is sadly very widespread in today’s world, even more so when people feel protected by the anonymity that the internet grants us. One of the fastest growing and most known online harassment in the last years has been revenge porn.
Online harassment and cyberbullying is usually contained within social media in the form of posts, comments or direct messages; but it could also be sent through email. These messages’ main form is mostly defamatory or threatening either against one individual or group.
Cyberstalking is another type of harassment that focuses on a single person, which the criminal monitors closely. It is likely that employers, colleagues and familiars of the victim also get contacted both to slander the victim and to try and extract more personal information to deepen the stalking activity.
The cyberstalkers will usually resort to doxxing if they want to push the victim harder, which implies releasing the victims personal information for malicious intent, usually in toxic online communities where they hope to find others willing to join the stalking.
These cybercrimes are extremely damaging to the victim’s mental health, and there have been multiple reports of victims that developed mental illnesses and even ended up committing suicide.
It is pretty simple to protect against, these cases should be reported to the social media platform if the harassment or stalking is taking place in there and to the competent authorities.
The problem usually is that the victim might be scared to report these cybercrimes in case the criminal steps up their efforts and the harassment becomes worse, especially in the case of the victim knowing the attacker. That’s why it’s so important that the victim’s environment identifies and reacts to this problem.
As we have seen, cybercrime takes many forms, and not all of them are something new, it just got easier and more widespread with new technologies.
It is very important that we, both in our personal life and in our professional one are mindful of these and other cybercrimes and keep an eye open, especially in a time of crisis when wrongdoers proliferate.