The FBI’s Internet Crime Complaint Center released its annual report this week. The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an increase of 69.4% from 2019—and reported losses exceeding $4.2 billion. The top three crimes reported by victims in 2020 were phishing scams, non-payment/non-delivery scams, and extortion; ransomware was also a significant factor.
Cybersecurity executives weighed-in on the top figures and trends the report revealed.
Vanessa Pegueros, Chief Trust and Security Officer, OneLogin:
“Cyber criminals are masterful when it comes to playing on human emotions. They take advantage of human loneliness, fears around health, and the desperate hopes of quick economic gain. Computers don’t have emotions and are the vehicles by which cyber criminals monetize these human emotions. We need to continue to implement security controls on computers because we will not change our humanness.”
Jerome Becquart, Chief Operating Officer, Axiad:
Email phishing: “Email phishing remains a growing issue because an organization’s greatest vulnerability is its users. Despite all the efforts businesses make to educate users to identify phishing emails, and the implementation of increasingly smarter email filtering solutions, hackers still find new ways to trick users and get through the system. Most email scams are masquerading as a known email source or colleague within the same organization, which makes the recipient more likely to share sensitive information.
Digital Signature of emails should be more widely used to prevent this, as they enable the email recipient to confirm that the sender is authentic and legitimate. In our experience at Axiad, implementation of Digital Signature for e-mails significantly decreased the risk of email phishing, as we know that if an email for a co-worker doesn’t have their digital signature, it is a phishing scam.”
User credentials: “The problem with user credentials being compromised is not a new issue - passwords are not secure and are an easy target for scammers and hackers, which is one of the reasons credential issues make up over 80% of data breaches. The good news is that we see a lot of organizations moving to a passwordless approach using technologies such as FIDO2 and PKI. These technologies are widely available and supported by all the major players, from Microsoft to Google and AWS. These approaches result not only in better security but also better user experience, as passwords are painful to remember, need to be changed frequently, etc. However, it’s important for businesses to deploy passwordless solutions for their various business use cases, as FIDO2 or PKI don’t protect all of your users and devices on their own. By implementing multiple credential solutions, you can protect every identity on your network. “
Timothy Chiu, Vice President of Marketing, K2 Cyber Security:
“The FBI’s 2020 Internet Crime report shows a big jump in complaints about cyber crime. During this last year, just like everyone else, cyber criminals were working from home, and with the shelter in place and quarantine, they were working harder than ever. Cyber criminals generally prefer attacks that are easy and will give them the biggest return. One way to ensure that is to take advantage of trending topics and news. Last year COVID was the news, all the time and unavoidable, making it the obvious choice to use for scams, phishing and malware attacks, as evidenced by the FBI report.”