With so many of us now opting to use digital services, cybercriminals have a larger pool of opportunities to target. In 2021, an estimated 5.9 billion accounts were compromised in data breaches.
While it’s deeply concerning to think about our data falling into the wrong hands, understanding what types of information a cybercriminal looks for and how they use it can help us to protect our assets.
Not all cybercriminals want to use your data themselves – they sell it instead. One of the main places this occurs is on the dark web, where for-sale collections can include millions of records of stolen data.
To give you an example of rates, stolen PayPal account details with a minimum balance of $1,000 can sell for around $20. You can check out this index to see estimated prices for data that could be sold.
Otherwise known as a ransomware attack, cybercriminals gain unauthorised access to an organisation’s system and encrypt important data within, only returning access upon payment from the victim.
This type of attack has been growing steadily over the past few years and is having a significant impact on the market, with damages exceeding $30 billion in 2023.
Using stolen login credentials (in other words, your username and passwords), cybercriminals can gain access to your online accounts and change the password to lock you out.
Hackers can target any kind of account, whether it’s your social media or Amazon. However, they often look for ones that include payment details so they can use your financial information.
Stealing data is often just the first step in a plan of attack.
Some cybercriminals repurpose and utilise stolen data to target individuals or organisations with personalised fraudulent emails, tricking the victim into believing they are a trusted source.
‘Whaling’ is when a phishing attack specifically targets senior executives and, if done correctly, can offer a large return on investment to criminals.
Identity fraud is when cyber criminals use another person’s identifiable information for personal gain. If a threat actor gathers enough data about an individual, they can:
If cyber criminals gain access to your systems, they can link your IT up to a botnet – a network of hacked computers and servers.
This powerful network allows criminals to conduct large-scale crimes, such as DDoS attacks, that sabotages a website by overloading it with requests, leaving it unable to function.
As servers and storage systems can be expensive, some cybercriminals ‘borrow’ other people’s instead.
They aim to break into your infrastructure, storing their own data and running applications within it instead of paying for their own.
With the level of cyber risk remaining high, it is vital that both consumers and businesses protect their personal information.
Some key practices you should embed into your daily routine are: