The bane of the internet, cybercrime refers to any and all illegal activities carried out using technology. Cybercriminals — who range from rogue individuals to organized crime groups to state-sponsored factions — use techniques like phishing, social engineering, and all kinds of malware to pursue their nefarious plans. Find out how cybercrime works and how to protect yourself here.
This article contains:
Cybercriminals buy and sell malware online (generally on the dark web) while also trading in services that test how robust a virus is, business intelligence dashboards to track malware deployment, and tech support (that’s right — crooks can contact a criminal helpline to troubleshoot their illegal hacking server or other malfeasance!).
The professionalization and proliferation of cybercrime adds up to countless costs in damages every year, impacting individuals, businesses, and even governments. Experts estimate that cybercrime damages will reach $6 trillion annually by 2021, making it one of the most lucrative criminal enterprises.
As the Internet of Things (IoT) evolves and smart devices become more popular, cybercriminals benefit from a much broader attack surface — increased opportunities to penetrate security measures, gain unauthorized access, and commit crimes.
As the saying goes, there’s more than one way to skin a cat — and there are most certainly a variety of ways to make money as a cybercriminal.
As mentioned, cybercriminals range from individuals to criminal organizations to state-sponsored actors. Just as the type of criminal varies, so do their crimes and the methods they use to break the law. From a single hacker who managed to hack into the US stock market to North Korean state-sponsored groups that propagated ransomware on a massive scale, there are a staggering amount of cybercriminals active every day. Moreover, expert skills are no longer required to become a cybercrook.
Here are some standout examples of cybercrime to watch out for.
Computer viruses are the granddaddy of cybercrime; probably the first kind of it you became aware of. Viruses infect computer systems, destroying files, messing with the overall functionality, and self-replicating to jump to other devices and systems. Viruses are actually a form of malware, which encompasses all kinds of malicious software: any code or programs written and distributed to do damage, steal data, make money for their owner, and generally ruin your day. This includes ransomware, which can lock up your files until you pay a ransom to decrypt them, and adware, which spams you with ads.
While identity theft is not exclusively a cybercrime, these days it’s much more likely to happen through technology. In fact, identity fraud happens every two seconds in America today. If a hacker wants to commit identity theft or credit card fraud, they first need to access enough of their victim’s personal data to fuel the crime. Here are several ways they can get that access:
Phishing: Cybercrooks use “bait” in the form of fraudulent messages to lure victims to fake sites where they unwittingly enter personal information like usernames, passwords, or bank details.
Pharming: Taking it one step deeper than phishing, pharming uses malware to reroute unsuspecting internet surfers to fake versions of websites, where they unknowingly enter their personal details.
While hackers have many ways to steal personal data, there are also some good ways you can prevent identity theft. Avoid accessing your personal accounts (especially online banking) on public Wi-Fi, and consider setting up a monitoring service to make sure your online accounts haven’t been breached.
Cyberbullying refers to all kinds of online harassment, including stalking, sexual harassment, doxxing (exposing someone’s personal information, like their physical address, online without their consent), and fraping (breaking into someone’s social media and making fake posts on their behalf).
Cyberextortion is just what it sounds like — a digital version of the nightmare that is extortion. One of the most common forms is ransomware, when hackers infect your computer with malware that encrypts all your files until you pay them a ransom to unlock them. Cyberextortion can also refer to blackmailing victims using their personal info, photos, and video; or threatening businesses using methods like botnet-driven DDoS attacks.
As mentioned, many cybercriminals these days are actually state-sponsored groups. Whether it’s the North Koreans, the Iranians, or even the US’s own NSA-affiliated Equation Group, world powers use hacker groups as one weapon in the complicated matrix of global politics. Stealing classified intelligence and using malware to attack nuclear plants are just two ways in which state-sponsored groups can do some frightening things on the world stage.
No matter the type of cybercrime, you can help protect yourself by installing a strong antivirus program like Avast Free Antivirus. Avast will block malicious links, suspicious websites, harmful downloads, and various other threats. Cybercriminals don’t like to work too hard — if they can’t access your machine or personal data, they’re likely to move on to the next (easier) victim. So give yourself a strong layer of defense and fight back against cybercrooks.
Although the internet is only about 30 years old, experts consider an 1834 hack the first cybercrime in history. Two thieves were able to infiltrate the French Telegraph System and gain access to financial markets, committing data theft.
Other early cybercrimes, beginning in the late 1800s and first half of the 20th century, saw hackers focus on the telephone systems. Just two years after phones were invented, teenage boys broke into Alexander Graham Bell’s telephone company and caused mischief by misdirecting calls. Phone hacking, or phreaking, later became popular in the 1960s to 1980s.
The year 1940 saw the first ethical hacker: French computer expert Rene Carmille hacked into the Nazi data registry to thwart their attempts to register and track Jews.
In the 1980s, the advent of email brought with it phishing scams (remember the Nigerian prince?) and malware delivered through attachments. By the 1990s, web browsers had become commonplace, along with computer viruses. The widespread adoption of social media in the 2000s only increased cybercrime, and especially data theft, due to the nature of these platforms. During the past ten years, malware infections and data theft have increased dramatically, and show no signs of slowing down anytime soon.
With the proliferation of the Internet of Things, cybercriminals have many creative new ways to attack. As more and more everyday objects — refrigerators, washing machines, heating systems, light bulbs, and more — come online, they open new vulnerabilities and opportunities to cybercrooks. Hackers have already figured out how to infiltrate a casino via its smart fish tank and deploy ransomware through a coffee maker; the full scope of cybercrime in the age of IoT is not quite known yet, but it’s something we should certainly be on guard for.
As an everyday user of computers and mobile devices, how are you most likely to encounter cybercrime? It can reach you through a variety of ways, including unsafe websites, social media, holes created by exploited security vulnerabilities, weak passwords on accounts and/or smart devices, and, especially, email.
Though social media may be one of the most popular ways to use the internet these days, email is still the most prevalent delivery method for cybercrime. Not only that, email fraud is the second-costliest cybercrime, according to the FBI. Email fraud encompasses phishing attempts, malware in the form of sketchy attachments or links, as well as some forms of digital extortion, ransomware, and exploit kits.
The deep web refers to all parts of the internet (sites, e-shops, forums, etc.) that are not accessible by a regular search engine like Google or Bing. A subset of the deep web is the dark web, or darknet, which requires a special browser, such as Tor, to access it. Although the dark web is not itself illegal, the anonymity it affords makes it a hotbed for criminal activity.
On the dark web, cybercriminals can exchange the most dangerous and odious commodities our society has to offer: malware, drugs, weapons, child pornography, and even contract killing. The dark web is also where information, like stolen passwords or credit card numbers, gets bought and sold. That’s why if you’re a victim of a data breach, it can sometimes take a few days (or even longer) until someone purchases the stolen data and tries to access your account.
As mentioned, cybercriminals can target individuals, businesses, and governments. And at the risk of sounding alarmist, none of those groups are any more or less safe from threats than the others. Cyber fraudsters are pretty indiscriminate when it comes to choosing their victims. Luckily, we have some proven strategies for preventing cybercrime, which we’ll share with you a bit later in this article. (Spoiler alert: the best line of defense is making sure you’re using good antivirus software.)
The impacts of cybercrime can be devastating due to the high risk of data loss and financial impact.
Data breaches, identity theft, problems with devices: cybercrime can have a big impact on individuals. You might find yourself dealing with suspicious charges on your credit card as a result of identity theft, a ransomware attack demanding hundreds or thousands in blackmail to release your files, or expensive fees in data or electricity from cryptojacking or botnets. The costs can be worse than monetary when cyberbullying, including sexual harassment, is plaguing you.
Businesses as well as healthcare organizations and governments can also suffer from sensitive data loss, huge financial burdens, and brand damage. The average ransomware attack against small and medium businesses in 2019 demanded $5,900 to unblock their files or systems. Far worse, the downtime during these attacks cost the affected businesses $141,000 on average. That’s to say nothing of ransomware attacks on governments, such as the one that caused Jackson County, Georgia to pay $400,000 to restore their IT systems and infrastructure.
Data breaches can also have huge impacts on companies and their customers, such as the monumental Equifax hack, the Yahoo! breach, or the many Facebook leaks.
Each state in the US has slightly different laws surrounding cybercrime. The punishments depend on the severity of the crime and the amount of damage done, of course. Cybercrimes are usually classified as some type of felony, and the justice system is generally harsh on those who can be found and charged. Unfortunately, the most successful hackers are those who never get caught.
Another issue is the fast pace of technological innovation. In many cases, our laws are not current enough to adequately address all the possible forms of cybercrime. It might take a newer, younger wave of lawmakers to properly take on the challenges of today’s digital and criminal landscape.
While it can sometimes be hard to recognize if you’ve been the victim of a cybercrime, some crimes do leave clear signs:
Malware infection: Your machine might start running slowly and sending you various error messages.
Phishing or pharming attack: You’ll find suspicious charges on your credit card or other compromised accounts.
Keylogger: You may see strange icons or your messages might start adding duplicate text.
Botnet: If your computer becomes involved in a botnet, it may be hard to recognize at all.
Crytojacking: You’ll see increased electric bills.
Broadly speaking, sudden decreases in performance or strange behavior from your PC, tablet, or mobile indicates that you may have been the target of a cybercrime.
If you think you’ve been a victim, you should definitely take the time to report cybercrime. If you’re in the US, the government has some resources that can help you: they suggest contacting the Internet Crime Complaint Center, the Federal Trade Commission, or the Department of Justice, depending on the nature of the crime. If your identity was stolen, you should especially make sure to report the identity theft, including using the resources on IdentityTheft.gov.
If you’re outside the US, look for similar organizations in your country to report cybercrime.
Cybercrooks and thieves can be very hard to catch or stop, making broad solutions to cybercrime elusive. For specific instances of cyberfraud, we generally rely on the police, national security departments, and commercial cybersecurity firms to fight the bad guys.
For the average computer user, it’s quite hard to go up against a cybercrook. The best approach is to follow some common best practices. If you can block cybercriminals from getting access to your devices, you’ll block them from making money off of you — which is, after all, their primary motivation. And how can you do that?
The best way to protect yourself against cybercrime is to exercise sensible digital habits. Here are some common-sense browsing habits that will help you defend yourself daily:
Be wary of emails with sketchy links or attachments you didn’t expect.
Don’t download anything from unknown sources.
Check to make sure you’re on a legitimate website before entering any personal info.
Always apply software updates immediately (they fix security vulnerabilities).
Don’t use unencrypted public Wi-Fi (in coffee shops, airports, etc.) without a VPN.
Use strong, unique passwords — don’t reuse the same password across multiple accounts.
Use two-factor authentication whenever possible.
Boost your router security to protect your home network.
In addition to the common-sense tips mentioned above, the strongest line of defense against cybercrime is using a robust antivirus program. Most cybercrime uses some form of malware or another, which can infect your computer, pilfer through your personal data in search of info for identity theft, and lock up your files and demand money for their release. Avast Free Antivirus will block malware before it has a chance to get on your machine, acting as an invisible barrier between you and cybercriminals.