Cyber criminals have ditched audacious attempts to steal large sums of money, and instead moved to taking smaller amounts from many more victims.
So-called ‘silent stealing’ sees hackers attempt to swindle in the region of £10 out of as many victims as possible, in the hope it’ll go entirely unnoticed – or at least not be reported to banks or the authorities. It’s also a much easier option, thanks to the vast amount of compromised personal data available online. Previous hacks or leaks from large businesses have put a vast cache of personal data in easy reach for hackers, who are able to capitalise on those individuals who haven’t updated their details.
It’s not all about using previously disclosed data, though, as some cyber criminals are also phishing for new personal information; sending scam emails to potential victims claiming to be from their bank, building society, mortgage provider or similar. Armed with personal or account details, the hackers can siphon off smaller sums from large swathes of accounts.
This approach isn’t just effective at going unnoticed, it also makes tracking the cyber criminals more difficult. The police have warned that such moves make it hard to know whether any theft is down to one user or part of a huge criminal organising stealing millions.
This change in hackers’ approaches was noted in a new report by the Royal United Services Institute (RUSI), which says it found clear evidence of cyber criminals “going down market”.
Warning that the issue had reached “epidemic levels”, report author Sneha Dawda urged the authorities to prioritise the development as a national security issue. To those worried about becoming the next victim, Dawda said: “It’s really about checking, checking and checking again before you do anything like giving out your details… and simple things like a password manager and having unique secure passwords for each account that you have will minimise that risk of cyber criminals being able to take advantage of multiple accounts.”