Cyberattacks are becoming more frequent and growing more sophisticated as criminals endeavor to stay ahead of law enforcement and scam even more people and companies. Forbes Magazine posted an article this week outlining an expert’s take on the most likely cybersecurity scams that we are likely to confront in 2023. While this topic can seem overwhelming and even scary, it is always best to stay informed and give your employees the information they need to remain protected.

Those who investigate these types of crime report they’re observing more creative cyberattacks, especially for lower-level schemes targeting individuals and families. This is occurring because cybercriminals are not seeing the results they are accustomed to when using traditional phishing and fraud initiatives with the same types of victims. In short, people are finally catching onto the traditional methods of scamming people, while law enforcement is simultaneously cracking down on pandemic-related fraud, specifically suspicious unemployment claims. When their tried-and-true methods don’t work, criminals need innovative new ways to make their ill-gotten gains.

cybersecurity scams Sarasota

  1. Company Email Schemes: Business email compromise (BEC) top the list of scams, as they provide profitable payouts. BEC-related losses totaled nearly $2.4 billion in 2021, according to the FBI’s Internet Crime Complaint Center.  The scheme involves “spoofed” emails that appear as if they’ve originated from a trusted entity (such as an important executive, fellow employee, or business vendor.) The scammer convinces the recipient of the email to quickly transfer funds on their behalf.  Another attack is known as the payroll diversion scam. Scammers acting as legitimate employees email the payroll department to revise their direct deposit details. These emails can look authentic and even provide a conversational back story.
  2. Ransomware and Malware Attacks: Ransom and malware attacks tend to generate media attention, like the Colonial Pipeline ransomware attack in 2021, which sabotaged a significant fuel supply system in the southeastern U.S. The hackers succeeded in achieving a $4.4 million payout. This type of activity is likely to escalate, perhaps with entities involved in worldwide conflict. U.S. government agencies and defense contractors may be targeted with phishing emails meant to create chaos.
  3. Crypto Scams: AI translation programs are more sophisticated and accurate than ever and can effectively communicate with victims worldwide. The latest crypto payout scheme is known as “pig butchering.”  It is as ugly as it sounds – criminals send a text message to someone’s phone or via a dating app to begin to build an online friendship. The original message typically sounds as if the criminal and victim know each other, such as “I haven’t heard from you lately, do you want to go to dinner tomorrow night?” As the conversation progresses, the criminal asks their “new friend” if they know anything about cryptocurrency. They point them to a website where everyone is apparently making money on their investments and hope the victim will invest their money. Why the colorful name? The friendship process is likened to “fattening the pig” until it’s time to kill it – moving on with all the victim’s money.
  4. Cybercrime Cash-Outs: Bad actors are most likely to get caught during the cash-out, as law enforcement is able to begin following suspicious bank account activity once transfers surpass $10,000. Cryptocurrency is easier to track, however, which is forcing criminals into crypto mixing services. These services avoid attention by taking in traceable “dirty” crypto and cleaning it so it can’t be connected to a ransomware attack. But not enough targets use crypto at the moment, meaning we are likely to see even more creativity and innovation in this area.
  5. Scamming as a Service: Apparently, criminals like efficiency as much as the rest of us. Underground virtual marketplaces with end-to-end services give cybercriminals the ability to fill their carts with everything they need. They can purchase stolen credentials, credit card numbers, contact phone numbers, phishing kits, prepackaged malware, and other “bad guy” tools to move forward with their ransomware attacks, phishing campaigns, and fraud scams – all from one place.

The moral of the story is that scammers will always find new ways to steal money from unsuspecting victims. In 2023, companies will need to continue to be vigilant and train employees to avoid falling into a new cyber trap. The good news is that most people are getting pretty proficient at spotting these scams and threats.

If your company needs help with cybersecurity in 2023, call the experts at Alliance IT. We are here to help.