Cybersecurity in the modern world: what everyone should know

Modern life is increasingly becoming digital. We study and work online, communicate on social media, order food through apps, store important documents in our smartphones, pay bills via mobile banking... The list goes on and on. This way of life has long since ceased to amaze us and has become commonplace.

🔐 Introduction. Why is cybersecurity so important?

At first glance, digitalization is a very positive trend. It makes it possible to speed up routine tasks and expands the horizons of our capabilities (for example, remote work in a foreign company). However, on the other hand, such rapid digitalization opens up a limitless field of opportunities for cybercriminals. We are used to thinking that we do not have any valuable information and that we will not be affected by cyberattacks. In fact, our information is a very valuable and desirable resource.

Cyber fraudsters do not target only the rich or famous. Anyone with a smartphone, email, or Instagram page is at risk. And, unfortunately, it's ordinary users who become the most frequent victims.

This article is highly recommended for everyone who uses the Internet, regardless of age or experience. We will tell you about the most popular types of fraud, how our data can be useful to attackers, and how to protect yourself from hacker attacks.

 

Photo by KATRIN BOLOVTSOVA: https://www.pexels.com/photo/young-woman-surfing-laptop-in-kitchen-4049990/ 

What is cybercrime and how dangerous is it?

When we hear the term cybercrime, our minds often conjure up images of hackers breaking into the servers of large corporations or government agencies. However, it's important to understand that cybercrime is not just about high-profile attacks on big businesses. In fact, a significant portion of cybercrime is aimed at ordinary people like you. These are everyday fraudulent activities that can cause serious damage to your financial situation and personal life.

What is the purpose of cyber attacks?

The main motive of cybercriminals is money. They are constantly looking for ways to get rich illegally using digital technologies. This can be through direct theft of funds from your bank accounts, ransom demands for locked files, or deception to get you to voluntarily transfer money to them.

However, money is not the only goal of cybercriminals. Personal data is also of great value in their hands. Your name, address, phone number, date of birth, passport details, passwords to various accounts, email address, information about your social connections and preferences - all of this can be used for fraud, identity theft or to sell on the black market to other criminals.

You should realise that in today's digital world, every gadget is a potential target for cybercriminals. Whether you use the internet for work, school, socialising with friends, online shopping or banking, you are creating a digital footprint that can attract the attention of criminals.

What cybercriminals are looking for - and how it could affect you

There is a common myth: "Who needs me? I have nothing of value." This is a very dangerous belief that leads to a cavalier attitude towards cybersecurity. In fact, your personal information is of significant value to criminals, and here are some examples of how they can use it:

• Passport details. Most often, to take out quick online loans or open bank accounts in your name.
• Passwords. To find passwords to other services (people often use the same password everywhere 😬). Further, there are many scenarios of use: stealing money, luring money from your friends, stealing sensitive data for the purpose of further blackmail, etc.
• Access to email. You can update passwords to other services via email. As in the previous case, there can be many scenarios for using your data, depending on the service hacked by the fraudster.
• Social media accounts. Usually, criminals pretend to be you and write to your friends asking them to send money (most often under the pretext of a loved one's illness).
• Bank cards and payment details. The motivation here is quite obvious - to withdraw money or make purchases.
• Documents, photos, videos, backups. Hackers can encrypt your files and demand money to unlock them. Alternatively, attackers may use sensitive photos or videos to further blackmail you.
• Personal information. Criminals can sell your data on the darknet or use it to create deepfake content.

These are just the most common motivations that drive cybercriminals to launch attacks on ordinary people. The list of their goals is much wider, including identity theft, image compromise, influencing the opinions of the general public, and more.

🤔 Are you sure you can identify a cyber fraudster?

Sometimes even experienced users fall into traps. Take this short cybersecurity awareness quiz to find out how well you are protected:Are you sure you can recognise a cyber fraudster?

Pass the test

Common types of cyber threats

Cyberspace is full of dangers that can lurk at every turn. Understanding how cybercriminals operate will help you better recognise threats. Let's take a closer look at the most common types of cyber threats that ordinary users are most likely to be exposed to.

🎣 Phishing 

This is one of the most popular and, unfortunately, most effective types of attacks. This attack is aimed at obtaining confidential data by deceiving and impersonating official representatives of various organisations. The peculiarity of phishing is that the victim shares his or her personal data voluntarily.

 

Photo by Mikhail Nilov: https://www.pexels.com/photo/a-man-holding-alphabet-keys-of-computer-keyboard-6964166/ 

The attack works as follows.

The attacker creates a fake message. It can be a message in Viber, Telegram or SMS, but according to statistics, 96% of phishing attacks are carried out via email. Such messages imitate the style and design of a trusted organisation (e.g. a bank, payment system, popular service). They are sent in bulk to potential victims or targeted to specific individuals.

The message contains an urgent request (e.g., to confirm data, update information, pay a bill) or an attractive offer (e.g., to win a prize). A characteristic feature of such messages is elements of pressure or urgency.

So, the user, believing the information in the message, clicks on a link that leads to a fake website that visually copies the real website. There, he enters his personal data (login, password, card number, CVV code, PIN code), which is instantly transmitted to the servers of the attackers.

What do fraudsters get?

Depending on the information you enter, the hacker can obtain your credentials, financial information, personal data, etc. The data obtained is used to access the victim's real accounts, make unauthorised transactions or sell the information to other criminals.

Threat to the user

The most obvious loss is money. Attackers can steal funds from your bank accounts or charge your credit cards. An equally valuable loss is access to your social media accounts or email. This allows the attacker to act on your behalf and lure money from your friends. The third, but no less significant loss is your personal information. Once in the hands of criminals, your personal data can be used for identity theft, blackmail, or sale to other criminals.

🛒🚫 Buying non-existent goods

This is a type of fraud where attackers offer for sale goods that do not actually exist, usually at a very attractive price, to induce the victim to make a quick payment.

How the attack works

Attackers create ads for the sale of goods on popular online platforms, social networks, or create fake online stores. The price of the goods is usually significantly lower than the market price.

After the victim contacts the ‘seller’, the fraudster insists on full or partial prepayment, often refusing to pay by cash on delivery or meet in person. After receiving the money, the ‘seller’ disappears and the goods are never sent. Sometimes, fraudsters may also extort payment details by redirecting the victim to a phishing page for payment.

Risks to the victim

Of course, in the case of such an attack, the victim loses the money paid without receiving the goods. There is also a risk of compromising payment data.

Financial assistance and benefits

This type of fraud offers non-existent government, social, international or charitable benefits and compensation to lure personal and payment information or funds.

Fraudulent scheme

Attackers disseminate information (usually in bulk) about allegedly available financial assistance or compensation via SMS, messengers, social media posts, etc. These messages contain links to fake websites that imitate official portals.

On these sites, the victim is asked to enter personal data, including bank details (card number, expiration date, CVV code) or an internet banking login and password, allegedly to ‘process’ or ‘receive’ a payment. Instead of receiving the funds, the victim's account is debited, or they subscribe to third-party services with periodic debits.

🤝 Fraud through charitable organisations

In this case, the attackers pose as representatives of charities or volunteers to collect funds that are not actually used to help, but are misappropriated by the fraudsters.

Fraudsters create fake charities, social media pages or ads that mimic real fundraising to help the army, victims or others in need. They may use emotional stories, photos and videos to inspire trust and encourage donations.

Very often, in this type of fraud, criminals offer to transfer funds to personal bank cards rather than to official fund accounts. They may also organise fake call centres or send letters on behalf of military units asking for help.

👾 Malicious software (Malware)

Malware is software designed to cause harm to computer systems or their users.