Cyber Crime – What’s trending for social media

This past week, I had to provide some opening remarks regarding what we, as law enforcement, can expect will trend in Internet threats in the coming years.  Social media as a threat vector is high on that list.  Criminals are certainly making very innovative use of social media to conduct their fraudulent activities.  Interestingly enough, what works for the criminals also works for law enforcement.

Natural disasters and horrific world events are like racing flags that signals the criminals to create fraudulent websites looking to prey on the emotions of good citizens separating them from their charitable dollars.  One article at CSO Online noted that more than 125 domain names were registered within the initial few hours after the Boston marathon bombings.  Conversely, as the tragedy unfolded, government and law enforcement used social media to disseminate information to the public and solicit their help. Social media sites are also used to gain information on criminals.  By scouring sites, using profiling techniques or covert infiltration, law enforcement officers are able to learn about criminals.

We are all too well aware of phishing attacks which attempts to steal our personal information and ultimately our money, usually sent via email.  Spear phishing, which targets specific data or identities, is on the rise.  This year, Facebook fell prey to what is known as a watering hole attack.  A very precise Facebook page was infected to successfully attract specific targets redirecting them to malware infected sites.  The traditional means of disseminating malware via email has graduated.
Our world is changing at a rapid rate.  Criminals will always leverage the weakest link.  And that unfortunately is the individual user.  Greed, ignorance or social engineering make them a prime target and easy prey. There are however a few things we can do to protect ourselves.  Be careful how much personal information we share.  Use strong passwords that are changed often.  Don’t use the same password across different platforms. Make sure that anti-viruses are used and up-to-date. Download only from trusted sites.  And finally, be sure to ‘friend’ only real friends.
security-password-100314299-primary.idge

 If you’ve used any of these passwords http://www.networkworld.com/article/2226175/microsoft-subnet/top-25-most-commonly-used-and-worst-passwords-of-2013.html, stop what you’re doing and change it now! 
https://www.europol.europa.eu/sites/default/files/ec3-icspa.jpg

Interested in what other threats are on the horizon, check out this white paper authored by Europol, Trend Micro and the International Cyber Security Alliance.  Have you heard of ‘human malware’?  No. Then read on.  https://www.europol.europa.eu/sites/default/files/publications/2020_white_paper.pdf