What is cyber fraud?
Cyber fraud is a blanket term to describe crimes committed by cyberattackers via the internet. These crimes are committed with the intent to illegally acquire and leverage an individual's or business’s sensitive information for monetary gain.
Cyber fraud examples
There are many different types of cyber fraud, but they all have one thing in common: the use of technology to commit a crime. Here are just a few examples of cyber fraud:
Phishing scams generally center around malicious emails that, at first glance, look like legitimate correspondence from trusted contacts. They could be emails containing fake invoices, password renewal requests, messages from HR or leadership, and more.
For example, a user may receive an email from HR prompting them to update passwords by clicking a link. If the email is a phishing email, the link will redirect the user to a site that looks legitimate but has actually been set up by a cyber attacker. The user then adds their details, which the attacker then uses to gain access to sensitive data and materials.
This is software that's designed to damage or disable computers. It can be used to steal personal information, delete files, or even create backdoors that allow cyber criminals to gain control of a victim's computer.
A type of malicious software cyber criminals use to encrypt a victim's files and demand payment in order to decrypt them. This type of attack is commonly carried out through malicious links or email attachments.
All DDoS attacks have one common goal – to overwhelm a server or network to disrupt the performance of a target site. They are commonly carried out in the form of:
- Volumetric attacks: Consume all available bandwidth between the intended target server and the internet to create a bottleneck. As their namesake suggests, volumetric attacks are characterized by sending a large amount of data using amplification, commonly with the help of a botnet.
- Protocol attacks: Target weaknesses in the third and fourth layers of a protocol stack by overwhelming server or network resources such as firewalls.
- Application layer attacks: Attacks the layer in which web pages are generated and delivered in response to HTTP queries.
In social engineering scams, criminals appeal to an individual's emotions in order to manipulate them into divulging confidential information. Typically, a criminal will begin these attacks by conducting research on their intended target, gathering information on the individual through social media and general search queries.
Once they have identified a target's wants or needs, they will reach out to the individual via social media, email, or phone, offering a service. Once contact is made, the cyberattacker will attempt to gain the individuals confidence and prompt them to divulge sensitive information that can give them access to personal accounts.
The dangers of cyber fraud
Cyber fraud is on the rise. From spear-phishing and ransomware to CEO email fraud and business email compromise, the most dangerous cyber fraud attacks all begin with an email. Email scams are successful time and again because they target your weakest link: people. Despite all your efforts and technology to stop scam emails, it only takes one user's lack of vigilance to enable cyber fraud attack.
The impact of cyber fraud can be devastating. Fines and legal trouble are the result when sensitive material like customer information and personally identifiable information is stolen. A CEO spoof email can trick an employee into wiring large sums of cash to a fraudulent account. And the disruption to business from ransomware and other cyber fraud attacks may lead to loss of business, customers and revenue.
Combating cyber fraud requires a multilayered approach that combines technology, training and expertise. That's why companies around the world turn to Mimecast for solutions to stop email-borne attacks.
How can you prevent cyber fraud?
You can help protect yourself against cyber fraud and prevent attacks with a few simple steps:
1. Keep software and devices up to date to ensure your systems have the most up-to-date security enhancements.
2. Make sure all your devices are equipped with antivirus and malware protection software.
3. Use different and unique passwords for all your accounts. Don’t make them the same, and avoid using predictable passwords such as birthdates or names.
4. Enable two-factor authentication to your passwords to add an extra layer of protection.
5. Back up your data on the cloud or external drive.
Stop cyber fraud with Mimecast
Mimecast offers a comprehensive service for email security, archiving and continuity, delivering an all-in-one solution for defending against cyber fraud.
It starts with technology. Mimecast uses sophisticated detection engines and threat intelligence to identify known and emerging threats and prevent them from reaching your email system. Mimecast's suite of security services includes solutions to combat advanced threats like cyber fraud, as well as anti-malware and anti-spam software for more routine threats. Mimecast also offers technology for preventing data leaks and for sending email messages and large file attachments securely.
To better prepare users to defend against cyber fraud, Mimecast offers Dynamic User Awareness tools that train employees to think twice before they click on a link or open an attachment, and to better recognize the signs of cyber fraud and email threats.
And because it may be impossible to stop every threat every time, Mimecast offers continuous data protection for email and files through a cloud archive, enabling you to mitigate the impact of a successful attack and to provide users access to their data during an outage.
Mimecast tools for combating cyber fraud
Mimecast provides several tools that target the common techniques of cyber fraud attacks.
- Attachment Protect scans all email attachments for code that may be malicious, preemptively sandboxing suspicious attachments or transcribing them to a format that is safe for users to read.
- URL Protect prevents users from clicking on links in email that may download malware or load malicious websites.
- Impersonation Protect scans all incoming email for signs of impersonation fraud, and blocks, quarantines or tags suspicious messages with an alert or warning.
Learn more about preventing cyber fraud with Mimecast.