Connect with us

Hi, what are you looking for?

Tech & Science

Cybercriminals are seeking more sophisticated data streams

Phishing and stolen (or compromised) credentials were the two most common initial attack vectors.

Image: © Thomas Samson, AFP
Image: © Thomas Samson, AFP

As the rise of technology continues society is seeing more deep technology adopted, such as cryptocurrency ETFs accepted, and more AI tools used across industries. The downside is that the extension of technology increases the risk of cybercrime.

Social engineering is the most common and successful method an attacker will use to gain access to private information. Social Engineering is a technique used by scammers to gain access to a user’s credentials by eliciting the information directly from the user. This is usually done by pretence, with the scammer posing as an authority or credible figure.

Researchers at Coin Insider have identified and analysed the need-to-knows about Digital Journal readers for avoiding social engineering attacks.

To highlight this, the IBM Cost of a Data Breach report notes that globally $4.5 million was lost due to data breaches through social engineering techniques. Here, the U.S. is hit hardest, with the highest data breach cost.

Phishing and stolen (or compromised) credentials were the two most common initial attack vectors. The number of unique phishing sites detected worldwide is at 1.35 million.

Most phishing sites targeted financial institutions, looking to gain inside access. The main channel phishing scams operate through SMS (76 percent), webmail, and web-based software (18 percent). Most scams are through social engineering, which relies on a manipulation of a person’s ability to trust.

The research reveals two types of valuable information that a malicious entity might seek out:

Type 1 (valuable information):          

  • Personal Identifiable Information (PII)
  • Parental Personal Identifiable Information (PPII)
  • Protected Health Information (PHI)
  • Free Application for Federal Student Aid (FAFSA)
  • Financial Information (FI) Employment Information (EI)
  • Institutional Partnership Information (IPI) Intellectual Property / Academic Research
  • 3rd Party Vendor Information Payment Card Information (PCI)

Type 2 (open source intelligence):

Full Name (First, Last, Middle) Job title & role

Monitor/review social media accounts Monitor personal & institutional news feed

Explore old versions of websites Public directory (phone & email)

Google map & satellite imagery Public photos (Flickr, Google Images, etc.)

An attacker can use Type 2 information to construct an authoritative identity and can engage with you in a manner in which you’ll trust because it feels as if they are who they say they are or a person you know.

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Social Media

Take the money out of posting this garbage on social media and it’ll stop.

Entertainment

R&B artist AKIA chatted about her new single "Soft Girl Era," and being a part of the digital age.

Tech & Science

Webtoon Entertainment, the most popular digital comics hosting platform, has filed for an initial public offering (IPO) on the US Nasdaq stock.

Entertainment

These releases include a musical biopic; another kung fu lesson; a strange romance; a couple of cult classics.