Just as there are good and bad people in the real world, the virtual world has superheroes who use their cyber-security knowledge to help others (also known as white hats or ethical hackers), and anti-heroes who use their digital skills to spread fear and create chaos. These troublemakers are known to commit fraud, violate privacy and even steal your identity.
Cybercrime costs organizations, companies and governments billions of dollars each year. Even worse, illegal activity on the internet shows no signs of slowing down. The very opposite is true: cybercrime is growing cybercrime is growing in leaps and bounds. And people are aware of it. A Gallup study shows that American citizens are more worried about cybercrime than they are about immediate life-threatening crimes such as murder or terrorism.
We are not going to get too technical about cyber-security today; we are just going back to the basics for anyone worried about cybercrime. We are going to explore the different types of attacks one can be exposed to, and the most effective methods available for protecting yourself against all these malicious activities.
What is Cybercrime?
In plain English, cybercrime is a crime committed on the internet, on local networks, or even against isolated computers. It can affect any of our digital devices like PCs, Notebooks, Smart TVs, Tablets, smartphones, home electronic systems, etc. Cybercrime also refers to any activity where crime is committed using any computer system.
Cybercriminals are publicly known as hackers, although the term is technically inaccurate; the correct term is ‘cracker’.
Cybercrime Classification
Before defining the different types of cybercrimes, we should get familiar with the four major cybercrime classifications. Categories of cybercrimes are based on who is affected by digital crime.
Against Individuals
This directly affects any person or their properties. Examples of this type of cybercrime include, but are not limited to, social engineering, phishing, email harassment, cyberstalking and spreading illegal adult materials.
Against Companies/ Organizations
This is one of the most common types of cybercrimes today. When a company’s online presence or any of its products are hacked, it becomes a serious problem that can result in a big number of consequences for the company, as well as their employees, associates and customers. Examples include data breach, cyber extortion and warez distribution, etc.
Against Society
This one affects society as a whole, for example, financial crimes against public organizations, selling illegal products, trafficking, online gambling, forgery, etc.
Against Government
This is one of the worst world’s worst types of cybercrime and can result in prosecution by federal cybersecurity and law enforcement agencies. It is also known as cyber terrorism and includes such activities as breaking into government systems and networks, defacing and shutting down military websites, and spreading propaganda.
Types of Cybercrime
This is not a complete list of network threats, it is merely a review of the most popular types of digital crimes to give you an idea of what’s out there.
Common Ways Systems and Networks are Attacked
Identity Theft
Also known as identity fraud, this is one of the worst scenarios that can befall a victim of cybercrime. It starts with someone stealing your identity, allowing digital criminals to use identifiable data including your name, driver’s license, social security information and more to commit fraud, steal property, misappropriate goods or use services in your name.
Botnets
The word ‘botnet’ comes from the roots ‘bot’ and ‘network’ and it is used to refer to a large number of controlled computers (bots) linked over a network (internet). These botnets are used to spread malicious files and software, infect other systems, launch DDoS attacks, steal data, send spam campaigns and more.
Cyberstalking
Cyberstalking is a form of cyberbullying, where an individual tries to threaten or harass others by using computer systems connected to the internet. Most cyberstalking cases involve using anonymous communication systems such as email, social networks, instant messaging applications or anything relying on anonymity to protect the cyberstalker’s true identity.
Social Engineering
Social engineering is one of the most classic types of cyber attack that can be launched against individuals or organizations. It involves manipulating people to get valuable information that can later be used to illegally log into private protected systems or networks. The primary motivation behind social engineering is often to steal money, financial data (bank account or credit card information), and other sensitive information from a company or an individual.
Flood Attacks
Flood attacks include DoS and DDoS attacks. They are usually launched by botnets and can target your domain names and IP addresses to flood them with malicious requests that overload the servers, leading to service failure and connectivity interruption for valid, legitimate system users.
Potentially Unwanted Programmes (PUP)
These refer to the software you never officially requested but has been installed nevertheless. This type of software usually arrives bundled in other software that you have agreed to download. Most victims of this type of attack can blame cracked/pirated software. Common examples of this type of cybercrime are adware, spyware, dialers and malware.
Exploit Kits
Exploit Kits use a software toolkit to target vulnerabilities found in remote software. A common example is the act of silently exploiting Flash or Java vulnerabilities to hack a website, then redirecting traffic to malicious pages.
Phishing Attacks
Phishing attacks are a form of social engineering used to trick users into providing their login, password, and other sensitive/personal information. Most phishing campaigns are performed by sending massive spam emails with links to maliciously-hacked websites that look like real ones (such as financial institutions, banks, online wallets, etc). Once users log into these fake websites, log-in details are stored in the attackers’ remote database. They can then use the victim’s credit card, bank account or email services.
Illegal Content
The internet is full of illegal content: this includes content prohibited by international laws from around the world. Examples of illegal content include child and animal-related sexual material, online prostitution services, selling drugs online and copyrighted materials (such as videos, music, books, software, etc).
Online Scams
Cyber scams or online scams involve fraudulent business offering fake services, goods or rewards to unwitting victims. Examples of online scams are charity fraud, gambling fraud, Ponzi schemes, online ticket frauds, fake gift cards, automotive fraud and more.
Preventing Cybercrime
Updated Software: This is a critical requirement for any computer system and application. Always keep your OS system, services and applications updated to have the latest bugs and vulnerabilities patched. This advice applies to smartphones, tablets, local desktop computers, notebooks, online servers and all applications that run internally.
Enable System Firewall: Most operating systems include a full pre-configured firewall to protect against malicious packets internally and externally. A system firewall will act as the first digital barrier whenever someone tries to send a bad packet to any of your open ports.
Different/Strong Passwords: Never use the same password on more than one website, and always make sure it combines letters, special characters and numbers. The best way to sort this out is to use a password manager like 1Password, LastPass or Keepass, which will help you generate strong passwords for each website, and at the same time, store them in an encrypted database.
Anti-virus and Anti-malware Software: This is an excellent measure for both desktop and Corporate users. Keeping anti-virus and anti-malware software up-to-date and running scans over local storage data is always recommended. While free anti-virus/anti-malware solutions can be helpful they are often merely trial software and do not offer full protection against most common virus/malware and other network threats. There are numerous options for Windows, and one of the best is the Windows Malware Removal Tool. Linux and Unix systems also offer excellent choices such as the all-mighty ClamAV, LMD, Chkrootkit, Rootkit Hunter, and others.
Activate E ail’s Anti-spam Blocking Feature: A lot of computer hacking takes place whenever an unsolicited email is opened containing suspicious links or attachments. So, first things first: enable the anti-spam feature of your email client; and second (and most important): never open links or attachments from unsolicited recipients. This will keep you safe from phishing attacks and unwanted infections.
Use 2FA for Online Services: Nowadays, most online-based services and products offer two-factor authentication (with Authy, Google Authenticator, etc). These security mechanisms let you add a second layer of authentication, so even if an attacker should steal your username and password, he will be prevented from logging into your online accounts because he does not have the 2FA code sent to, generated by, or, created in your computer.
Encrypt Local Hard Disk: Digital crime does not only occur on the internet. That is why the best way to protect your data will always be to encrypt your hard drive so that when criminals want to take a look at your drive content, they won’t be able to. You will be the only one with the correct key to unlock it. Linux with LUKS, Windows, and macOS systems all support disk encryption.
Shop only from Secure and Well-known Websites: We have seen that not all SSL-based websites are secure. To prevent yourself from being a victim of man-in-the-middle attacks and crimes against your credit cards or online wallets, first, make sure that the site you are shopping on is encrypted with HTTPS. Also make sure you are shopping on a well-known site, such as Amazon, eBay, Walmart, etc.
Use a WHOIS Private Service: To protect your registered domain names, the best thing is to enable WHOIS protection for all of them. This allows you to remain hidden, without revealing your name, address, city, country, telephone number and email address. While using a private WHOIS service will not help you fully prevent domain hijacking, it can help you protect your personal and private details.
Use a Private-secured DNS Server: DNS hijacking is becoming a common threat these days. That’s why using a private and secure DNS can be one of the best things around for preventing unwanted third-party attacks, at the same time preventing the government and ISPs from browsing your host communication historical records.
VPN services are becoming more popular every year, and it’s completely natural to use one if you plan on keeping third party companies (especially your ISP) from spying on your online activities. Another reason to use a VPN may be to log into your secure network from a remote place, including when you use unreliable internet connections on the road while travelling, or when you are merely away from home.
Encrypt your Email: By using a PGP key, you can ensure your email will only be read by its intended recipient. PGP helps you sign, encrypt and decrypt texts, emails, files and much more so you can increase the security of your email communications.
Monitor Children’s Online Activities: Sometimes local network breaches do not come from your computer, but your children’s tablets, phones or notebooks. Educate your children to prevent them from falling victim to cybercriminals, by using the same tips we have shared with you. While we are pretty sure most teenagers and children will not use PGP encryption, the rest of the tips can be easily applied to any of your kids. It is also important to browse their online historical activities in the browser, social networks and emails to keep them safe from anyone with bad intentions. It is never a bad idea to use parental control software to protect them from any threat.
Conclusion
As long as there is cyberspace, there will always be cybercrime. It is a cruel reality, but part of human nature. There are lots of ways one can become a victim of cybercrime. Fortunately, we have shared some interesting tips that will likely reduce your chances of getting attacked by malicious users.
Our Correspondent
