7 Cybercrime Scenarios You Should Avoid
July 25, 2014
Just like regular crime, cybercrime is a very serious matter. The difference here is that you may not know that you've become a victim until it's too late. Unlike regular crime, cybercrime can be happening to you right now and you wouldn't even know it. You can simply be doing whatever you usually do online, and without any warning, cybercrime can strike.
That's why we've put together this list. By taking the most popular activities done by users online, such as searching for information or reading online news publications, and then finding what kind of threats involve those activities, we've gathered the seven most common cybercrime scenarios that you need to avoid so that you'll be able to prevent yourself and your family from falling victim to them.
1. Ransomware takes your files hostage for money.
Image source: Key Figure in Police Ransomware Activity Nabbed Security Intelligence blog post. Figure 1 screenshot of Police Ransomware.
If you find your desktop suddenly full of words and pictures that basically add up to ‘pay us money or you'll never be able to use your computer again’ then you've been hit ransomware. Ransomware is a type of a malware that locks your files (or worse, your entire system) down so that you can't use them UNLESS you pay the cybercriminals involved. They usually charge upwards to US$100.How to Avoid:
Refrain from downloading files from unverified/third party sources, use a security solution that blocks malicious files from executing/being downloaded. Make sure you always keep backups of your files, stored on different media and/or a separate system. Keep your software updated.Just in Case:
Don't pay the ransom, whatever it is. Not only are you helping cybercriminals by paying them, but you're also opening yourself up to even more cybercrime. The only way to recover is to format your system and restore your files through an external backup. Disconnect your system from the internet and seek the help of a more experienced friend/relative/tech support staff if this is your first time doing so.2. Money is inexplicably missing from your online banking account.
If you've ever tried to log into your online bank account and found out that not all of your savings are accounted for, it may be a sign that you've been hit by a cybercriminal. While there are multiple ways that a cybercriminal could have gotten your account details, there's a likely chance that you had accidentally stumbled on a phishing website in the past, mistaking it for the login website of your online bank. Always check to see if the URL of your login website is correct – if it isn't, then it's important that you do the following right away:How to Avoid:
Bookmark your online banking website. This stops you from accidentally typing in the wrong URL and stumbling upon a fake one. Apply additional methods of securing the way you log into your bank account too, such as two-factor authentication or any other method that your bank website offers. Don't click on any mails that you may receive asking for your username or password, too — no organization does that unless it's a scam. They’d never ask you to connect to their website through a link in an email, either. Also, look into security solutions that can block access to this kind of threats.Just in Case:
Call your bank immediately and alert them of this — they'll help you figure out how to get this fixed, and the sooner the better. If you can change your online banking details yourself, do so, but make sure to change all other passwords related to your account (including the email account password you receive your online banking notifications on).3. Facebook account spams friends without your knowledge.
You've been turned into a Facebook/Twitter/Social Networking profile spammer. Either you've clicked a malicious link somewhere, or you stumbled on a fake login website that you tried to log in with (thus sending your login details to cybercriminals).How to Avoid:
Don't click every link you see, whether it was sent to you by a contact or posted on your wall/feed. There's always a chance your contact may have gotten hijacked themselves and are posting malicious links so that you too can be hijacked. Remember the wisdom of proverbs like “there's no such thing as free” and “if it sounds too good to be true, it probably is” to keep yourself safe. You may aso want to install a security solution that warns you of these threats and blocks them automatically.Just in Case:
Run a scan with your security solution to get the hijacking malware out of your system. Change your password right after, as well as the password of the email you use for your social networking account. You can check out how to keep your social media accounts more private and secure with our e-guide, “How To Protect Your Privacy On Social Media.”4. Getting a really big and expensive mobile phone bill for no reason.Image source: Trojanized Flappy Bird Comes on the Heels of Takedown by App Creator Security Intelligence blog entry screenshot.
You've likely become a victim victim of a Premium Service Abuser. They are types of malicious smartphone apps that, when downloaded and installed, sends subscription messages to a premium service secretly or makes calls and sends messages without you knowing. This results in you getting all those unauthorized charges.How to Avoid:
Only download apps from official/first party download sites. Never download any app anywhere else.Just in case: Check all the apps you very recently downloaded. Do some of them feel ‘off’ to you, like mislabeled or having the wrong developer name? Did you download any one from a shady website, or somewhere that isn't a first-party market? Check on their permissions too. If some of them have way too much for their type of app, then uninstall them at once. Look into installing a mobile security solution too, to stop this from happening again. You should also check the app download page for reviews — chances are, if it's a malicious app, the victims may have left warnings there.5. Being forced to answer several surveys to download a desired video or software.
Image source: PlayStation 4 and Xbox One Survey Scams Spotted Security Intelligence blog entry screenshot
You've been scammed. This is a combination of cybercriminals using Blackhat SEO and social engineering to get you into a survey scam. What happens is that they check to see what kind of topic will get the most number of victims and\ use that as a lure. That's social engineering. Then they seed a malicious website with keywords that'll make it appear on top of a search engine results page. This brings us to the survey scam that you landed on, which could potentially infect you with malware, or land you on a phishing website.How to Avoid:
Don't use search engines to get what you want. Rather, go directly to reliable websites that you believe may have what you want, and search from there. For example, instead of looking for a video on a search engine, go to video websites such as Youtube and search from there. The same thing goes for gifts (Amazon), news (CNN.com, BBC.com) and trivia (Wikipedia). Also, our security add-on for browsers, as well as our security offerings blocks all of these sites automatically.Just In Case:
Close your browser window, disconnect your system from the internet and run a scan with your security solution, just to make sure no malware got loaded onto your system.6. Smartphone/mobile device battery life is drastically shortened.
Image source: Cybercriminals Improve Android Malware Stealth Routines with OBAD Security Intelligence blog entry screenshot
If your smartphone-s battery life isn-t lasting as long as usual — even after you-ve replaced it — then you might be infected with mobile malware. Most of them have routines that run even if the smartphone is idle or locked. This of course drains your battery much more quickly, more so when you're using it. You may also experience slowdown issues whenever using apps.How to Avoid:
Don't download from unauthorized/third party app download websites. Look into a mobile security solution that can block such websites and apps from ever getting to your mobile device.Just In Case:
Similar to Number 4, check your recently-downloaded apps and uninstall them if they seem the least bit suspicious. You can also download and run a mobile security solution to scan your mobile device for any malware.7. System is too slow/crashing a lot all of a sudden, and unable to open security programs/websites after opening a file attachment or visiting a link.
Image source: Kim Jong Il Malicious Spam Found Security Intelligence blog entry screenshot
You may have fallen for a socially-engineered spam attack with a malicious attachment. Like Number 6, cybercriminals tailored their spam to make sure YOU click on it and open the attached file, which invariably turns out to be malware. Also note that sometimes, the above may not happen at all – some malware can be so stealthy that their malicious routines are invisible to the userHow to Avoid:
Delete all suspicious or unfamiliar emails as soon as you get them. These emails would usually ask you to open links or their attachments for more information or some tempting offer. Even if you're familiar with the sender, try to verify with them first\(either by phone call or some other type of correspondence) if they did in fact send you that particular mail before doing anything. Look into a security solution, too, to prevent these threats from getting into your inbox.Just In Case:
Quickly disconnect your system from the internet and run a full scan for malware using a security solution. This will help remove the malware as well as block any future attacks. You can check out our relevant eguide, How Social Engineering Works, on how socially-engineered attacks come to play.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.