Industry Trends

Cyber Fraud Examples: What Threat Actors Are Doing Today

By Aamir Lakhani | February 15, 2021

FortiGuard Labs Perspectives

While 2020 has come and gone, many of last year’s cyber fraud problems will continue into 2021 and beyond. Cybercriminals will focus on maximizing their profits, using a traditional cost-benefit analysis to decide on the best attack vector

As we step into the “new normal” where remote and hybrid workplaces become commonplace, cybercriminals will adapt their tactics. From their perspective, these prevailing trends only increase the return on investment for scams and fraud. With this in mind, organizations must remain vigilant to protect themselves and their sensitive data from these attack methodologies. 

What is Cybercrime & Cyber Fraud?

Cybercrime and cyber fraud describe when a malicious actor uses the internet to defraud or otherwise take advantage of a victim. It covers a wide range of illicit and unethical activities, including identity theft, phishing, hacking, and more. In 2020, cybercrime caused nearly $1 trillion in global losses, highlighting the need for cybersecurity awareness and threat prevention.

4 Modern Examples of Cyber Fraud

With the threat of cybercrime increasing with each passing year, individuals and organizations need to increase their awareness of rising threats. Here are four common examples of cyber fraud that organizations need to be aware of.

1. Social Engineering Attacks

Social engineering attacks offer a high-impact, low-cost methodology for cybercriminals. In their own way, cybercriminals have similar goals to legal businesses – they want to maximize profit while reducing operational costs. And thanks to a plethora of “as-a-Service” criminal software available on the dark web, social engineering attacks are perfectly positioned to meet these goals. 

Successful social engineering attacks prey on people’s emotions, leveraging the fight or flight response. When overwhelmed by feelings like fear or empathy, people often make rash decisions. At the start of the pandemic, cybercriminals used these emotions to launch successful phishing attacks. Typical themes included:

  • Layoffs
  • Health authority impersonation
  • Opening phases 

People desperately wanted information, leading to increased profitability as they let down their digital guards. This threat will continue throughout 2021 and beyond, whether they’re targeting individuals searching for vaccination opportunities, a return to a “normal” life, or those who just want reassurance. Fear and uncertainty only make social engineering attacks more profitable. Only once this information becomes more concrete and available will threat actors see the viability of these scams reduce in terms of a cost-benefit perspective. 

From the enterprise IT security perspective, the environment in early 2021 mimicked early 2020. For example, a previous FortiGuard Labs Global Threat Landscape Report found that variants of web-based phishing lures and scams sat firmly atop the list of methodologies, only dropping out of the Top Five in June 2020. In short, during the pandemic’s early months, cybercriminals focused heavily on social engineering attacks.

2. Phishing

Remote and hybrid workforces make spear phishing and whale phishing, among other tactics, particularly attractive to cybercriminals. While business email compromise is a standard attack vector, the distributed workforce model increases the effectiveness of these types of attacks.

Typically, these attack methodologies offer cybercriminals a high reward model. By hitting higher-profile targets within the organization, they can engage in multiple types of attacks. In other words, rather than hitting 1,000 victims with lower reward, cybercriminals would prefer to target high-priority individuals with blackmail and extortion with the knowledge they can walk away more profitable. 

A successful whale phishing or spear phishing attack also gives cybercriminals a way to monitor important transactions passively. Taking a top-down approach allows malicious actors to divert funds or payments which, from a cost model perspective, is a low-cost, high-reward attack vector. So long as people work remotely, business email scams will continue to offer cybercriminals value. This is due to the fact that physical disconnection, by nature, increases the likelihood that digital fraud will be successful.

3. Timely Attacks

Year after year, cybercriminals ponder over ways to take advantage of the holidays. Again, looking at this from a profitability perspective, it makes sense. People love holidays and expect emails offering discounts or specials. These attack methodologies will likely continue as they always have. However, organizations and individuals must keep in mind that malicious actors often take a multi-faceted approach to attacks, rarely using a single vector as covering more digital “surface” increases profitability. 

To compound the issue, malicious actors are getting more personal. In conjunction with the typical email social engineering scams, many cybercriminals are now targeting social media accounts, particularly online dating apps. Malicious actors have profited from people’s desire for emotional connection in a physically disconnected time. By running an email campaign in conjunction with dating app romance scams, attackers get the much-desired “bang for their buck.”

4. Supply Chain Disruptions

Continually looking for “get rich quick” opportunities, cybercriminals focus on a cost model that seeks the most vulnerable, high-profit target. No target fits these requirements better than supply chains. In 2021 and beyond, the global vaccine supply chain is particularly vulnerable. 

The vaccine supply chain consists of more than just the researchers creating the vaccines. In reality, mass distribution requires a complex, interconnected set of vendors. An attack on any of these elements can cause considerable disruption in vaccine manufacturing and distribution. Governments, private companies, and citizens need the vaccine distribution process to run as smoothly as possible so that they can work towards bringing economies back online. 

Disrupting a vulnerable supply chain member could offer a high-value, low-cost ROI. 

Fighting Cybercrime with Threat Intelligence

Security researchers like the team at FortiGuard Labs focus on knowing how cybercriminal ecosystems work so that they can disrupt malicious activities. The laws of physics say that for every action, there is an equal and opposite reaction. In this scenario, while cybercriminals approach attacks from a cost model, security researchers use a disruption model. 

The cybercrime supply chain, much like the traditional corporate counterpart, consists of an interconnected set of dark web “as-a-Service” third-parties, including crimeware developers, producers, and payment distributors. A single disruption in this criminal supply chain can reduce attacks by slowing down their operations. 

Cybercriminals’ goals include ransom, exploitation, and profit. With this in mind, security teams must respond accordingly. But while understanding the intentions of cybercriminals is crucial, it is only half the battle. In addition to becoming aware of what is happening around them, companies must also protect themselves from scams and fraud with solutions that disrupt criminals and beat malicious actors at their own game.  

Learn more about Fortinet’s FortiGuard Labs threat research and intelligence organization and the FortiGuard Security Subscriptions and Services portfolio.

Learn more about Fortinet’s free cybersecurity training, an initiative of Fortinet’s Training Advancement Agenda (TAA), or about the Fortinet Network Security Expert program, Security Academy program, and Veterans program. Learn more about FortiGuard Labs global threat intelligence and research and the FortiGuard Security Subscriptions and Services portfolio.