Cyber Education about Cyber Threats for everyone


You’ve likely heard the term “cyber threat” thrown around in the media. But what exactly are these cyber threats?

A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber-attacks include threats like computer viruses, data breaches, and Denial of Service (DoS) attacks.

A cyber-attack is an attack that is mounted against us (meaning our digital devices) by means of cyberspace. Cyberspace, a virtual space that doesn’t exist, has become the metaphor to help us understand digital weaponry that intends to harm us.

What is real, however, is the intent of the attacker as well as the potential impact. While many cyberattacks are mere nuisances, some are quite serious, even potentially threatening human lives

Cyber threats can originate from a variety of sources, from hostile nation states and terrorist groups, to individual hackers, to trusted individuals like employees or contractors, who abuse their privileges to perform malicious acts.


Common Sources of Cyber Threats

Here are several common sources of cyber threats against organizations:


Nation states—hostile countries can launch cyber attacks against local companies and institutions, aiming to interfere with communications, cause disorder, and inflict damage.


Terrorist organizations—terrorists conduct cyber attacks aimed at destroying or abusing critical infrastructure, threaten national security, disrupt economies, and cause bodily harm to citizens.


Criminal groups—organized groups of hackers aim to break into computing systems for economic benefit. These groups use phishing, spam, spyware and malware for extortion, theft of private information, and online scams.


Hackers—individual hackers target organizations using a variety of attack techniques. They are usually motivated by personal gain, revenge, financial gain, or political activity. Hackers often develop new threats, to advance their criminal ability and improve their personal standing in the hacker community.


Malicious insiders—an employee who has legitimate access to company assets, and abuses their privileges to steal information or damage computing systems for economic or personal gain. Insiders may be employees, contractors, suppliers, or partners of the target organization. They can also be outsiders who have compromised a privileged account and are impersonating its owner.


Types of Cybersecurity Threats

Malware

Software that attempts to cause damage on a computer. This can include the interception of communications, the theft or destruction of data or the manipulation of an e-banking transaction. Attackers use various channels to try to infect third-party computers with malware. The infection often occurs via a file attachment in an email, hidden in a free download or when visiting a website.

Phishing

By means of phishing, the criminals lure victims into providing their passwords and other personal information. Fraudsters try to obtain confidential data from unsuspecting users. This could involve access credentials for email accounts, online auction sites or credit card details. The fraudsters take advantage of their victims' good faith and helpfulness by sending them emails with false sender addresses.

Social media hacking

Theft of access credentials and hacking of a social media account. Social networks such as Facebook, Instagram, Twitter, Snapchat, etc. are a highly attractive target for cybercriminals, as the users are very active and very quick to respond. If fraudsters have stolen your login credentials and gained access to your social media account, they can create entries and view data.

Attack on availability (DDoS)

Attack on the availability of websites or other internet services. These services are overloaded by a large number of requests. A DDoS (distributed denial of service) is a type of attack on computer systems with the aim of making them unavailable. The volume of data often reaches several hundred Gbit/s. Generally, a single organisation cannot cope with volumes of this size without external assistance. Firewalls and IPS (intrusion prevention systems) that have been configured accordingly offer only limited assistance.

Sextortion

Attackers threaten to publish compromising pictures or video material if you do not respond to a ransom demand. Victims were previously contacted via social media and lured into undressing in front of the camera. Sextortion is a blackmailing method in which victims are blackmailed with pictures and video material showing them performing sexual acts (masturbation) and/or naked.

Romance Scam

The digital version of marriage fraud is known as "romance scam" or "love scam”. In this type of fraud, fake profiles are created on social media and online dating sites in order to make other people believe the fraudster is in a romantic relationship with them and ultimately to obtain financial benefits from the "partner".

Advance-fee scam

Fictitious promises such as profits or inheritances, which are usually sent by email. If you reply to such a message, some reason is given to request an advance payment such as fees, legal fees or taxes on profits. The offers and promises made in such emails are fictitious and are merely intended to provide a credible backdrop against which the fraud can be carried out.

Investment Fraud

Offers that promise large profits within a short period of time. The company usually operates solely online and it is difficult to determine its reliability.

Ransomware

Data on the computer is no longer available or is encrypted. Encryption Trojans (also known as blackmail Trojans) are a specific family of malicious software that encrypts files on the victim's computer and on connected network drives, rendering them unusable for the victim. The ransomware scene is continually expanding. The gateways for such encryption Trojans include in particular poorly secured systems and emails with attachments.

Hacking (using leaked data)

A system or account is infiltrated. This is done using passwords that were lost during a previous data leak. The internet is full of lists with login or password combinations that have been leaked from somewhere. In most cases, they are the result of data leaks from online services. The data may also stem from phishing attacks. Attackers collect these lists, reconfigure them and use the passwords to launch automated attacks on other services in the hope that someone has used the same password for several services.

Requests for financial assistance

A person you know asks for financial assistance and claims to be in need. A person you know asks for help, claiming to be abroad and in financial difficulty. The bogus emails ask you to transfer money. In this type of attack, the fraudsters access the victim's email account with stolen login credentials and write directly to selected contacts from the email account in the victim's name.

Web administrator blackmail

Attackers send an email or a message via the company's contact form stating that the server has been hacked. A ransom is to be paid to prevent the case from becoming public. Such emails or contact form messages claiming that the website has been hacked and that data has been leaked all have a similar structure and wording to so-called fake sextortion emails.

Fake Sextortion

Blackmailers threaten to publish compromising pictures. The blackmailing comes unexpectedly. Extortionists and victims never had any previous contact. Fake sextortion emails are currently a widespread method of attack. The perpetrators claim in an email that they have collected photo or video material which is supposed to shows the victim during an alleged visit to pornographic websites. The blackmailers threaten to publish the photo or video material if the ransom demanded is not paid within a certain period of time.

Subscription scam

Online offer that appears to be free at first glance but then turns out to be an expensive subscription. These offers aim to lure Internet users into quickly concluding a contract or purchasing a service. Subscription scams are usually hidden behind supposed surveys or competitions. The contract clauses are hidden at the very bottom in the small print or in the general terms and conditions. By registering or clicking, a long-term and expensive subscription contract is concluded. Sometimes, a credit card number is requested. The entire annual subscription is then immediately charged to the credit card.

Business E-Mail Compromise

Invoices that have already been received are sent again with a changed IBAN number or with the remark to use a different account number for future payments. This type of fraud refers to an existing email containing a payment order or invoice. The IBAN number to which the amount is to be paid is then altered. In order to access the email, attackers must have had access to either the sender's or the recipient's email account.

Cybermobbing

More than one perpetrator insults or threatens people or deliberately humiliates them online or via their mobile phone. Cyberbullying takes place over a sustained period. Cyberbullying is defined as the harassment, intimidation, defamation or humiliation of other people via digital media. Children and young people are particularly affected by cyberbullying.

Data leak

Data has been leaked. You may be blackmailed with the publication of this data. You want to report a data leak. There are many causes of data leaks, ranging from employee theft, forgotten and poorly maintained servers to backups that are not properly protected. In many cases, the company/the authority where the data leak has occurred is blackmailed with the publication of the data.

Classified ad scam

An item on a classified ad platform is not delivered or not paid for. The internet is full of buyers and sellers with dubious intentions who want to cheat you and take your money. Buying from an unknown person always carries a certain risk. Classified ad fraud is one of the cybercrimes most reported to the police.

Defacement

Exploiting a vulnerability to deface or change the content of one or more webpages. The defacement of one or more websites is achieved through security vulnerabilities in the websites concerned, which enable attackers to change the website content and design. Sometimes, such attacks are politically motivated, carried out by so-called "hacktivists" as a form of political protest.

Domain registration fraud (domain fraud)

Domain owners are informed by a dubious company that there is interest in domains with the same name and that these have to be registered immediately. An alleged domain name registry sends an email to the owner of a .ch domain. It claims that it has received a request to register the same .ch domain name under .net, .com, .biz or some other ending. The fraudsters now offer to register these domains. However, the prices are massively inflated and it is doubtful whether the domains will actually be registered after payment.

Fake-Support

A caller pretends to be an employee of an IT company (typically Microsoft) and tells the victim that their computer is infected and needs to be restored. A software needs to be installed to do this. The alleged support callers phone people randomly. They have no idea of the configuration of the computers of the people they are calling. The cyber attackers want to trick the victims into downloading a program that will allow them to access their computer.

Dubious webshop

Goods ordered through a webshop are not delivered. Contact details for a webshop are missing or incorrect. The internet is full of dubious companies, sellers and buyers whose sole aim is to cheat you and take your money. Buying from an unknown person or webshop always carries a certain amount of risk.

CEO-Fraud

Supposedly urgent payment request from the boss or CEO. Typically, the boss or CEO cannot be reached by telephone for further information. The attackers obtain information about a company, a authority or association from various sources beforehand. This information is then used to devise a scenario and carry out a customised attack. The fraud itself frequently takes place by means of an email from the alleged CEO to the finance department or from the alleged chairman of an association to the treasurer. A credible story is used to persuade the person contacted to make allegedly urgent payments.

Classified ad fraud – pay despite sale

When an item is sold on a classified ad platform, a fee has to be paid for transport or the alleged bank transfer, for example. There are many variants with this type of fraud. Typically, however, despite a sale, money still has to be transferred to the buyer or to a third company that is then supposed to organise transport, for example. There is also a variant where the payment is to be processed via PayPal. Afterwards, a fake email comes from PayPal stating that fees have to be paid before the transaction can be executed.



Fraudulent lotteries

Supposed promises of prizes of mobile phones or vouchers. In many cases, these are sent on behalf of well-known food and other retailers. The authors want to attract as many participants as possible, so the questions are very easy to answer. In order to receive the supposed prize, personal data such as credit card details, name, email address and mobile phone number have to be entered on a fake website. Often a subscription for several years is unwittingly taken out when the information is sent. The fee is immediately charged to the credit card.

Cybersquatting

Someone tries to imitate an existing company or person. To do so, they register a domain name that looks so similar to the original that they could be mistaken for each other.

Investment fraud advertisements

Well-known figures allegedly advertise lucrative investment offers. They claim to have earned a lot of money in a very short time with these offers. These fraudulent articles are distributed via email, as well as through advertising networks. It is often difficult to recognise that an article is in fact a dubious advertisement and not a genuine newspaper article.

Malware after call

Supposed calls from parcel delivery companies to install a malicious software. In this variant, the emails are often accompanied by a telephone call from a company called Swiss Express Service (or similar), which wants to have the shipping documents signed. During the conversation, the caller says that the documents will be sent via email. The attackers attempt to install malware on a computer in this way. The link in the PDF document contains hidden malware. The malware delivered can vary. In most cases it is an e-banking Trojan.

Parcel subscription scam

A parcel notification with a payment request for a small fee requires your credit card details. An alleged parcel notification email contains a link to a page with a so-called subscription scam. Either you have to give your credit card details or activate a service on your mobile phone by sending a text message.

Reputational damage

Websites, emails or social media are used to spread false information that could damage the reputation of a company or individual. There can be many reasons for this, e.g. revenge, blackmail or to create a competitive advantage.


Hoax

Fake message aimed at intimidating the recipients and persuading them to forward the message to as many other recipients as possible. A hoax is a falsehood spread in books, magazines or newspapers, via email, instant messaging or other means (e.g. text message, MMS or social networks) that is considered by many to be true and is therefore forwarded to friends, colleagues, relatives and others.

Illegal pornography

The law mentions three types of pornography that are punishable offences: pornographic activities involving children, animals or violence.

Cheque fraud

Strangers send fake cheques and convince their victims to transfer money abroad.

E-banking malware

The malware attempts to manipulate an e-banking transaction. E-banking transactions that cannot be explained are generated. Attackers try to infect third-party computers with malware through various channels, e.g. via a file attachment in an email, hidden in a free download or when visiting a website.

Money Mules

A job offer includes the receipt and transfer of money. Your own bank account has to be used for this. Money is transferred within a short time to the bank accounts of those who take up such an offer. After a commission is deducted, this amount usually has to be transferred abroad. The money almost always comes from illegal business transactions. Those offering such jobs exploit unsuspecting people to transfer money earned through online fraud to accounts abroad.

Vulnerability

A vulnerability has been found or a vulnerability has been exploited. The exploitation of vulnerabilities is one of the most frequently used cyberattack methods. They can concern software vulnerabilities, design vulnerabilities or poorly configured protection (default passwords).


Why is it cyber security important?

Cybersecurity is important because it protects all categories of data from theft and damage. This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems. Without a cybersecurity program, your organization cannot defend itself against data breach campaigns, which makes it an irresistible target for cybercriminals.


Article from Swiss Security Solutions LLC

If you are a victim of cybercrime, contact us by filling out the online contact form on our website or by calling the number +41 44 586 60 33

Private Investigator Switzerland

Schaffhauserstrasse 550.

CH-8050 Zürich

Switzerland

T. +41 44 586 60 33

info@private-investigator-switzerland.com

www.private-investigator-switzerland.com