Fraudsters may increasingly be moving away from major corporate scams to target large numbers of consumers for very small amounts, according to a new think tank report.
The report from RUSI, The UK’s Response to Cyber Fraud, is intended to provide long-term recommendations for government and private sector organizations to help tackle the modern online scourge.
It noted that some researchers consulted by the report’s authors have posited that some fraudsters are migrating from “industrial scale” attacks on businesses to easier prey.
“For all the protections that can be put in place to help individuals stay safe online, a bank cannot always increase a customer’s level of protection directly, and a level of awareness and action is incumbent on customers themselves,” it noted. “This leaves gaps which criminals can exploit, with some research participants conceptualizing this as ‘silent stealing.’”
The rationale is that, rather than trying to steal £10m from a bank direct, it would be easier to steal £10 each from 100,0000 consumers. This theoretically keeps the scammers under the radar as, even if a consumer found out they had lost the money, few would bother reporting it.
Home workers are increasingly susceptible to such threats given that home networks and devices may be less well protected than those in the office and used by various members of the household for potentially risky activities.
However, Adenike Cosgrove, cybersecurity strategist, international at Proofpoint, argued that it’s important to put the findings into perspective. BEC losses reported to the FBI hit nearly $1.8bn last year, for example.
“Our research has shown that almost two-thirds of businesses worldwide faced these attacks in 2020, and we expect this trend to get even worse throughout 2021,” she said.
“From the attacker’s perspective, the barrier to entry is low, yet with the potential reward so high, BEC will remain a draw for cyber-criminals and isn’t going away any time soon.”
Last month, RUSI warned that fraud had become a grave threat to the UK’s national security and urged government to get a handle on it.