The Top most Common Types of Fraud!

When you become the victim of fraud, not only do you have to deal with the aftermath of someone scamming you, such as financial loss, but you also have to deal with the emotional side of it.

There are a range of different types of fraud, either way all of them can cause feelings of anger, devastation, fear and frustration. 

Do you think you have been the victim of fraud? At the TCG Forensic Division, we offer a range of digital forensic services, including fraud investigations. Please feel free to contact us on 021 110 0422 or email contact@tcgforensics.co.za to have a confidential discussion around your particular requirements.

Here are the 11 most common types of fraud to look out for…

1. Insurance Claim Fraud. People who make false claims, such as stage accidents, to receive insurance money from their insurance company. This can be a difficult type of fraud to investigate because some injuries can be difficult to medically identify and debate.  

2. Corporate Fraud. This includes fraud issues such as theft of information, such as private client information. This kind of fraud can lead to a damaged business reputation.

3. Financial Fraud. Evading tax, public corruption, healthcare fraud issues, telemarketing fraud and terrorist financing are all part of financial fraud.

4. Identity Theft. Those who are the victim of identity theft will have to look out for suspicious loan or credit card applications, strange withdrawals from bank accounts as well as using a different name to receive benefits.

5. Internet Fraud. Of course, this type of fraud always occurs online where a cybercriminal will try and take advantage with ransomware or phishing scams. Usually this includes stealing private information such as banking and login details.

6. Corporate Slip & Fall. Fraud like this is planned out by individuals in order to file a claim. People will go as far as to pretend to fall or throwing liquid on the floor in order to ensure a slip.

7. Transit Fraud. Companies who offer transportation, whether it is a bus, train or taxi, will often see fraud such as this where passengers will not seat or secure themselves properly, leading to them falling and injuring themselves on purpose.

8. Ticket Fraud. In some countries, the level of ticket fraud is significant. People will buy tickets online from a fake website; these tickets are not legitimate and have often already been used or do not exist.

9. Mechanical Fraud. This type of fraud is not common, however there are many people who fall victim to mechanics who scam their customers. Often they will be overpriced or they will request things to be fixed that are not broken.

10. Expense Claim Fraud. This often happens in large companies where employees will pocket run over business expenses for themselves. An example could be asking for money to stay in an expensive hotel when in fact they are staying in a cheap accommodation and pocketing the remainder.

11. Inventory Theft. Large companies face the issue of inventory theft when unsupervised employees steal products or order more than the store needs and take the rest for themselves. This may include “expired” food products when they are in fact not expired at all.

What is Ethical Hacking?

Ethical hacking, sometimes known as white hat hacking is when a digital forensics expert or OSINT investigator attempts to penetrate a computer system, network or app on behalf of the owners – with their permission. Ethical hacking is usually done to find if there is any security vulnerabilities that a hacker or cybercriminal could use to exploit someone.

The purpose of ethical hacking is to test the security of the systems involved and identify if there are any vulnerabilities in the system as well as the network or infrastructure. Investigators involved will often attempt to exploit the vulnerabilities themselves to see whether malicious activities are possible.

Black hat hackers are the unethical counterpart of ethical hackers. Rather than take advantage, ethical hackers will use their skills to document if there are any weaknesses in the systems and give advice on how to fix them and then strengthen their overall security systems.

Here are some ways ethical hacking done by digital forensics experts involve in OSINT (Open Source Intelligence) can help businesses and organisations:

1. Finding Vulnerabilities: By using ethical hacking you can discover if the IT security measures are working properly as well as whether they need to be updated. A business can use the advice from ethical hackers and improve their overall security to stay safe from cyber-attacks, including online scams and fraud.

2. Demonstrate Cybercrime Methods: These demonstrations can help show users how malicious hackers will attach their systems and create disasters for businesses. Those who have an in-depth knowledge of this are better able to prevent it from happening again in the future.

3. Prepare for a Cyber-attack: The one way to destroy a business is a cyber-attack, especially small businesses, but businesses are still not prepared! Ethical hackers know how cybercriminals work so they can assist businesses and business owners with prepare for the future and better adapt to online threats.

Some say that hacking is hacking, but ethical hacking is done by professionals to assist businesses and organisations with their security systems and ensure they are effective and successful.

Is your security system up to par? Contact the OSINT or digital forensics department on 021 110 0422 or email contact@osint.co.za | contact@tcgforensics.co.za. Alternatively, you can find out more on the website www.osint.co.za | www.tcgforensics.co.za

Are you Flirting with a Dating Bot?

Guess what, dating bots are a real thing and falling for one is easier than you think.

Online dating is supposed to be fun and convenient, you get to chat with new, fascinating people that could potentially turn into love interests plus it takes away that first-date awkwardness.

But it’s never that simple.

Dating online has many pitfalls including dating bots that clog almost all the online dating sites you use. Did you know that almost 60% of traffic online is generated by bots? This includes dating websites and social media sites.

Online dating bots are specifically designed to chat with you and trick you into paying membership fees on dating websites; they can even trick you into giving out your private information such as your banking details.

Here’s how to recognize a dating bot:

• Their profile picture is a professional glamour shot.
• They profess their undying love for you a day or two after chatting.
• They make promises to meet you in person, but something always comes up.
• They ask you for money for things such as emergency medical bills, travel expenses, etc.

It is important that you know that there is a difference between dating bots and malicious scammers. A scammer is a cybercriminal who wants to steal your money and possibly your personal information, but a dating bot is an automated computer script.

Are you flirting with a dating bot? Here are some signs to look out for:

• They have automated scripts so they will respond to your messages really fast.
• They don’t respond directly to you if you ask a specific question instead, they’ll respond with a series of lines.
• They don’t have mutual friends or interests.
• They immediately encourage you to visit a specific site or share your personal information with them.

Despite all the negatives about online dating, in this day and age online dating is a great way to meet new people and possibly find your perfect companion.

If you think you’ve been scammed, contact OSINT immediately on 021 110 0422 or email contact@osint.co.za.

10 silly things you do online that are putting you in danger!

You may not be someone who takes risks. You may be someone who follows all the rules, you pay your bills on time, you always wear your seatbelt and you even put on sunblock when it’s a cloudy day.

But do you follow all the rules when you’re online? Are you exposing yourself and your money to the dangers that lurk on the internet? Here are 10 silly things that you might be doing that put you at risk!

1. You just assume that online banking websites are safe. Cybercriminals will go where your money goes, so going to a fake banking site and not noticing before you put in your private login details and password can easily lead to cyber theft.

2. You’re doing your online shopping in shady places. You see a great deal online, but you need to be cautious before you visit just any online shop and click “Add to Cart.” Always enter the URL directly and make sure the site is reliable and well-known.

3. You use the same password for everything. If you’re not taking the time to think of unique, different passwords for all your accounts then cybercriminals will have no trouble stealing your money. Each one of your passwords should be a minimum of 12 characters and include upper class and lower class letters, at least one number and a special character.

4. You don’t know who your friends are. It might make you feel cool to be friends with everyone from your hometown, but it is always advised to be cautious when accepting just any friend request on Facebook. Do not accept anyone you don’t know personally!

5. You never question anything. You should always be on alert when you go online and question how legit the websites are when you visit them, you could potentially lose money and private data. Never click on ads and links from suspicious emails or SMS messages.

6. You’re being too open. You might just think it’s a Facebook post, but when you include personal details such as your address, school, place of work or family history then you’re giving cybercriminals clues to gain your passwords.

7. You never bother to read the fine print. Nobody enjoys reading the Terms and Conditions that is why online businesses know they can take advantage and sneak some things past you. Do not accept the Ts and Cs without reading them or you could be giving away your online privacy.

8. You do your shopping and banking using public Wi-Fi. Cybercriminals love to use public Wi-Fi hotspots to trick you into connecting to a malicious network. Always be wary of public Wi-Fi links and make sure your network is completely secure – your best bet is to just use your data connection for important transactions!

9. You jailbreak your mobile devices. By jailbreaking your device you are doing more than adding features, you are taking away vital protections and inviting cybercriminals to hack your smartphone or tablet. Avoid jailbreaks, third party download sites and suspicious apps.

10. You don’t know what your kids are doing online. If you have children you should always know what websites they are visiting as well as what social media networks they are using. The internet is going to be a part of their life whether you like it or not, so help them learn about cyberbullying and online etiquette.

Are you exposing yourself as well as your private data to the dangerous cybercriminals that lurk online? If so, be sure to take the right steps to avoid making these silly mistakes. 

Should you need any assistance or have any questions please contact the OSINT | Open Source Intelligence Division or Digital Forensics on 021 110 0422 or email contact@osint.co.za additionally you can take a look at the website www.osint.co.za | www.tcgforensics.co.za

The Top 4 Malicious File Attachments to look out for

Billions of messages are sent out every day by spammers, most of it is annoying advertising and harmless in general, but every now and again there is a dangerous file attachment in one of the messages!

To trick you into opening the attachment, most spammers will pretend it is something useful or important such as a Word document, gift card, a PDF, etc.

Here are the top 4 dangerous file attachments to look out for…

1. ZIP and RAR archives – Cybercriminals like to use archives to hide the malware they are trying to send you! On Valentine’s Day this year attackers were sending out files named Love_You_0899 to people into clicking them and installing ransomware.

2. Microsoft Office documents – Word documents as well as Excel spreadsheets are some of the most popular Microsoft Office files cybercriminals love to use. Most of the time, they will target office workers and disguise the malware files as urgent messages, contracts or bills.

3. PDF files – A lot of people know about Microsoft Office booby traps, but not much about PDF files. Cybercriminals are fond of concealing malware in PDF files because it can be used to create and run JavaScript files as well as phishing links in the documents.

4. ISO and IMG disk images – These files are rarely used however lately cybercriminals have been using these files to spread malware. Attackers will use the disk images to deliver malware to a victim’s computer by putting a malicious executable file inside the image.

Do not be fooled by file attachments that seem to be an amazing offer, important PDF or urgent  message!

Never open suspicious emails from email addresses you do not know and always use a the right security tools that will notify you of any dangerous files and notify you of them.

Do you feel unsafe? Be sure to contact OSINT | Open-Source Intelligence on 021 110 0422 or email contact@osint.co.za otherwise learn more on www.osint.co.za

Are you Dating an Online Scammer?

Dating scams cost unsuspecting people money as well as heartache each and every year, but still people continue to fall for the tricks and so online dating scams continue to rise.

These cybercriminals will play a long game to cheat you out of your money, rather than using a simple phishing email or scam. If you are using an online dating app or chatting on social media, please be aware that these cybercriminals do exist and you could even dating one!

Be sure to look out for these signs to tell if the person you’re dating online is actually a scammer!

1. Suspicious Profile

A typical scammers dating profile will have only a few images that have been posted recently. Most often these images are model or glamour stock photos. They’re looking for singles in your area, but they work or live in another country. Be wary if the profile has limited information and only one or two photos.

2. Moving the Conversation

Online dating scammers will try their best to move the conversation to another form of messaging such as Skype, Facebook, WhatsAppor SMS. If they try and take the conversation elsewhere – be on alert!

3. Professing their Love

You’ve just started chatting and they profess their love for you and gush about the deep emotional connection you have. This is all a way to emotional manipulate you, especially if you are feeling isolated and vulnerable at the time. Always lookout for those who are overly flattering in the early stages of the communication.

4. Something always comes up

A common line used by scammers is planning to meet up with you but then an unexpected issue always comes up just before it happens. Because they can’t meet up with you, this might even be one of the first reasons they ask you for money, perhaps they’ll lie and say they don’t have money for a plane ticket or to travel.

5. Avoiding Video Chat

Did you know that the majority of online dating scams go back to those living in Nigeria? So they may avoid phone calls or voice chats because their accents and appearance will give them away. No matter where they are from, someone scamming you will be using fake photos so they will always make excuses not to video chat. Do not be fooled by someone who says they love you and then blames shyness for not wanted to communicate over video.

6. Requesting Money

The ultimate goal that an online dating scammer has is to rob you of your money, so there are a range of scenarios they will make up. Some of the most popular include: a sick family member or emergency, health issues and travel problems. You are definitely the target of a scam if you ever get any kind of financial request!

7. Assisting with Financial Transactions

A newer kind of online dating scam is turning the victim into a money mule or money laundering accomplice! Be on full alert if you are ever asked to do any kind of financial transaction or exchange, they would possibly be luring you into doing something illegal.

If you choose to date online, please be sure to take the right measures to protect yourself and overall just use your common sense.

If you think you’ve been a victim of an online dating scam or perhaps you think you might be dating a scammer right now – contact the OSINT department in South Africa on 021 110 0422 or email contact@osint.co.za | alternatively visit the website to find out more www.osint.co.za

Your regular IT Guy just won't make the grade when it comes to a forensic investigation - and this is why...

We often have clients and potential clients advise us "We'll get our IT guy to look, he's excellent"

Now we're not questioning your IT guys skill or experience in computing in any way whatsoever and we're quite sure he's very capable. That being said, when matters take a legal turn and a forensic approach is needed one has to look at the requirements for the assessment itself.

Firstly, will your IT guy stand up in court? Will be stand under cross examination and be admitted as an expert in his field? Will his deeper understanding of operating systems and data analysis pass scrutiny?

Before you can even consider the legal aspects, you need to appreciate that in forensic terms whatever is done must be replicable in court, properly presented as an impartial finding and of course happen within a secure chain of custody - anything less could put the outcome at risk in a court of law.

Digital Forensics is a highly specialized field which requires training in investigative skills and criminal/ civil law. This is before even going down the road of the technical proficiency and qualifications required to trade in the industry. Beyond this, one requires a veritable arsenal of specialized tools and equipment - even the most basic of lab facilities can cost R500k to equip.

Even the most seasoned IT professionals will not have access to the specialized tool set required and a free Linux tool or two just isn't sufficient. Cybercrimes and Forensic Investigation require the use of tools that will be acceptable to a court and do not alter the data in any manner whatsoever during the process (write blocking), this is of course done with a detailed understanding of the legal processes required to offer up evidence in court.

When engaging a Digital Forensics specialist, you're not just getting a set of hands - you're hiring an investigative professional with specialist skills armed with the latest technologies to ensure that evidence is acquired in a sound manner and correctly presented to court.

When you need a Forensic Investigator, ensure that you're dealing with a suitably qualified professional who has the academic qualifications as well as the track record to appear in court to quantify the evidence acquired and advise you accordingly during the investigation.

We do all forms of digital forensics such as cyber forensics (penetration testing / hacking recovery / cyber investigations), cellular phone analysis, hard drive analysis, device acquisitions and due diligence investigations. Please contact the TCG Digital Forensics Division on contact@tcgcape.co.za or call 021 110 0422 

Written by Craig Pederson

11 Common Types of Fraud

When you become the victim of fraud, not only do you have to deal with the aftermath of someone scamming you, such as financial loss, but you also have to deal with the emotional side of it.

There are a range of different types of fraud, either way all of them can cause feelings of anger, devastation, fear and frustration. 

Do you think you have been the victim of fraud? At the TCG Forensic Division, we offer a range of digital forensic services, including fraud investigations. Please feel free to contact us on 087 001 0523 or email contact@tcgforensics.co.za to have a confidential discussion around your particular requirements.

Here are the 11 most common types of fraud to look out for…

1. Insurance Claim Fraud. People who make false claims, such as stage accidents, to receive insurance money from their insurance company. This can be a difficult type of fraud to investigate because some injuries can be difficult to medically identify and debate.  

2. Corporate Fraud. This includes fraud issues such as theft of information, such as private client information. This kind of fraud can lead to a damaged business reputation.

3. Financial Fraud. Evading tax, public corruption, healthcare fraud issues, telemarketing fraud and terrorist financing are all part of financial fraud.

4. Identity Theft. Those who are the victim of identity theft will have to look out for suspicious loan or credit card applications, strange withdrawals from bank accounts as well as using a different name to receive benefits.

5. Internet Fraud. Of course, this type of fraud always occurs online where a cybercriminal will try and take advantage with ransomware or phishing scams. Usually this includes stealing private information such as banking and login details.

6. Corporate Slip & Fall. Fraud like this is planned out by individuals in order to file a claim. People will go as far as to pretend to fall or throwing liquid on the floor in order to ensure a slip.

7. Transit Fraud. Companies who offer transportation, whether it is a bus, train or taxi, will often see fraud such as this where passengers will not seat or secure themselves properly, leading to them falling and injuring themselves on purpose.

8. Ticket Fraud. In some countries, the level of ticket fraud is significant. People will buy tickets online from a fake website; these tickets are not legitimate and have often already been used or do not exist.

9. Mechanical Fraud. This type of fraud is not common, however there are many people who fall victim to mechanics who scam their customers. Often they will be overpriced or they will request things to be fixed that are not broken.

10. Expense Claim Fraud. This often happens in large companies where employees will pocket run over business expenses for themselves. An example could be asking for money to stay in an expensive hotel when in fact they are staying in a cheap accommodation and pocketing the remainder.

11. Inventory Theft. Large companies face the issue of inventory theft when unsupervised employees steal products or order more than the store needs and take the rest for themselves. This may include “expired” food products when they are in fact not expired at all.

How does a Criminal hack your Cellphone?

A lot of people would be really surprised if they knew how easily hackers gain access to cellphones to steal personal and private data or information.

These days cyber criminals have software and systems that can hack your mobile phone with just your number, where they listen to your private calls, read your messages and emails, access your online banking and anything else you store on your phone.

A hacked phone is a concern to most people, but it is even more of a concern to massive enterprises and businesses across the globe. Cellular phones are used daily by businesses and often sensitive information is shared over calls and through messages, meaning a hacked phone can lead to loss of financial data and important customer information!

What is even scarier is the fact that tutorials on how to hack cellphones can be found on the internet for just about anyone to access. This is why it is so vital for everyone to set up security to protect their mobile phone and communications.

Did you know that every year billions of phones are hacked because they are unprotected?

Securing your phone and communications from hackers requires multiple steps including creating secure, unique passwords, avoiding public Wi-Fi connections, and diligence in checking links in emails and messages to ensure authenticity before clicking on them, and encrypting calls and messages.

Are you looking for professional digital forensic services which include cellphone analysis, penetration testing, image enhancements and so much more? Call the TCG Digital Forensic’s team on 021 110 0422 or email contact@tcgforensics.co.za

Spotting a Cybercriminal

When someone says “cybercriminal” the first image that pops into your mind is probably a teen / young adult male who is a wizard on the computer, but struggles to have a healthy social life.

BUT, this is just a typical stereotype! Our digital forensic experts from TCG Digital Forensics have provided some facts and stats about the average cybercriminal and how to spot them…

       ·         Over half of the world’s internet users have been the victim of cybercrime at least once.

       ·         Every single day more than 105 million people are victims to cybercrime.

Who are these cybercriminals?

Age:

43% – 35+ years old
29% – Under 25 years old
11% – 50+ years old
8% – 14 to 18 years old

Gender:

76% – MALE

Work in Groups:

25% of active cybercriminal groups have been operating for 6 months or less
50% cybercriminals have 6 or more members

Location:

North & South America – 19% of global attack traffic

Europe – 28% of global attack traffic

APAC – More than 49% of global attack traffic

Indonesia – Highest in APAC with 14%

Organised Crime:

       ·         Cybercrime has morphed into fully-fledged businesses with executives, managers and workers

       ·         Underground chat rooms, market places, hired hackers, other illegal information, etc. – all these support the cybercrime businesses

       ·         Invitation-only, help wanted portals specifically for cyber criminals, most originating from Russia.

We can’t stop cyber criminals from attempting their crimes, but we can stop them from getting our identities and precious information online! If you have the feeling that you may be the victim of a cybercrime, do not hesitate to contact us at the TCG Forensic Division on 079 691 0138 or email craig@tcgforensics.co.za

Avoid Cyber-Fraud this Holiday Season

Getting your Christmas shopping done online is becoming the norm these days. Not only is it easy and convenient, but you also won’t have to deal with the horrible crowds, traffic and crazy long lines!

However, it also excites criminals who are lurking online, waiting to scam people.

DLA has put together five tips to keep you safe this holiday season:

>> know the scams

Never open links or emails from strange email addresses. It’s always best to question emails and double check if they are actually legit, such as your bank.

Stay safe online by reading up on the latest scams and avoid becoming a victim of cyber-fraud.

>> install a firewall

A firewall isn’t always 100 percent safe, but it is a much-needed layered security.  The software filters and keeps you safe from malware and downloads.

Windows offers a built-in firewall, but if you are looking for something else there are some great free firewall software suites online.

>> choose a strong password

If you use the most commonly known passwords out there – password, qwerty, 123456789 – then don’t be surprised when hackers take control.

It is best to try add numbers, capital letters, special characters and always use different passwords for different accounts.

>> check the URL

When shopping online, always check the URL of the website you’re on. Safe online sites will have a little green lock in the address bar which shows you that your personal data will be protected.

Always keep an eye out for the green padlock to ensure your safety online.

>> back up your data on a regular basis

Ransomware can be vicious and aggressive, so regular data backups should always be a part of your cyber-security strategy.

It is easier to restore your device to a previous backup, than pay an exorbitant ransom amount to unlock your data, which most of the time doesn’t even work!

Cyber-fraud is a global problem with attacks happening daily and Christmas is no exception. Identity theft, banking fraud and malware are common place in today’s digital society. Criminals seek out opportunities every day of the year to defraud you, so be vigilant this festive season and keep an eye out for any fraudulent behaviour online!

What Exactly is Computer Forensics?

The field of computer forensics has grown to become a science in itself. Computer forensics is also known as cyber forensics. It involves applying computer investigation and analysis techniques to solve a crime and provide evidence to support a case. Investigators often use proprietary forensic applications and software programs to examine computer hard drives, extract certain types of data from files and folders, and also to recover information from encrypted files. This digital information must be organized and documented into an official report form to be presented in a court of law.

Computer Forensics Defined

The computer forensics definition can be broken down into several technical aspects of the actual science of computer forensics. The general definition of computer forensics is the processes and investigative methods used to find digital evidence and prepare it for legal proceedings. The more in-depth definition includes the preservation of media and data, identification of computer-related evidence, extraction of the data and interpretation. Interpretation is perhaps the most important element of the computer forensics definition because this is where forensics experts must draw conclusions from a formal forensic analysis.

Throughout the process of data gathering and interpretation, the computer forensics specialist must document everything in a structured fashion. They must report exactly what types of investigations were performed and document all of the steps taken to retrieve various files, folders and data. The courts can then apply various types of methodology and testimonies in order to determine whether evidence presented can actually be used in the legal proceedings. This is why computer forensics specialists must learn about the different legal processes involved in an investigation and make sure that there is always a high level of integrity of evidence.

Why the Computer Forensics Definition Can Change

It's important to recognize that there are two main types of computer forensics investigations so the computer forensics definition can change. The first involves investigations where a computer or digital technologies were used to perform the crime (cybercrime). The second is when a computer is used as the target of a crime, such as when a hacker retrieves sensitive information or someone has their identity stolen online. In both of these situations, the computer forensics definition may change slightly because the investigator uses different techniques and methodologies to solve the crime.

The digital forensic experts from DLA use their knowledge of investigation and forensic software to find and reveal the computer or mobile forensic evidence that your require.

The 5 cyber-attacks you're most likely to face

The fact is most companies face the same threats and should be doing their utmost to counteract those risks. However at some point you may lose your precious data to a vicious cyber-attack, if you’re ever in this position, contact the experts at DLA for assistance!

Here are the five most common successful cyber-attacks.

Cyber-attack No. 1: Socially engineered Trojans

This is the No. 1 method of attack. Usually, a website will tell users they are infected by viruses and need to run fake antivirus software. Also, they're nearly out of free disk space and need a fake disk defragger. Finally, they must install an otherwise unnecessary program, often a fake Adobe Reader or an equally well-known program. The user executes the malware, clicking past browser warnings that the program could possibly be harmful. Voilà, exploit accomplished!

Cyber-attack No. 2: Unpatched software

Coming in a distant second is software with known, but unpatched exploits. The most common unpatched and exploited programs are Java, Adobe Reader, and Adobe Flash.

The best countermeasure is to stop what you’re doing right now and make sure your patching is perfect!

Cyber-attack No. 3: Phishing attacks

About 70% of emails are spam. Even though there are anti-spam vendors, you will probably receive several spam emails each day, and a least a few of them each week are darned good phishing replicas of legitimate emails.

Cyber-attack No. 4: Network-traveling worms

Computer viruses aren't much of a threat anymore, but their network-traveling worm cousins are. We don't see the massive outbreaks of the past with email attachment worms, but the network-traveling variety is able to hide far better than its email relatives.

Cyber-attack No. 5: Advanced persistent threats

APTs usually gain a foothold using socially engineered Trojans or phishing attacks.

A very popular method is for APT attackers to send a very specific phishing campaign -- known as spearphishing -- to multiple employee email addresses. The phishing email contains a Trojan attachment, which at least one employee is tricked into running. After the initial execution and first computer takeover, APT attackers can compromise an entire enterprise in a matter of hours. It's easy to accomplish, but a royal pain to clean up.

The Profile of a Cyber Criminal

The original cyber criminal is typically seen as a smart, lonely deviant – a teenage or adult male who’s long on computer smarts, but short on social skills. But like most stereotypes, it doesn’t begin to tell the whole story.

The digital forensic experts at DLA have provided interesting facts and statistics to identify the exact profile of a cyber criminal.

- Every day over 105 million worldwide are victims to cyber crime.

- 65% global internet users have been victims of cyber crime.

So, who exactly are these cyber criminals?

Ageless Society

• 50+ years old – 11%
• 35+ years old – 43%
• Under 25 years old – 29%
• 14 - 18 years old – 8%

Gender

• Male – 76%

Work in Packs

Cyber criminals work in groups as part of larger organisations…

• 25% active cyber criminal groups have operated for 6 months or less
• 50% cyber criminals groups have 6 or more members

Located in

• North & South America – 19% of global attack traffic
• Europe – 28% of global attack traffic
• APAC – More than 49% of global attack traffic
• Indonesia – Highest in APAC with 14%

Highly Organised

• Full-fledged businesses with execs, middle managers and workers.
• Underground chat rooms, web portals + market places for hiring hackers, buying malware + other illegal information are supporting these “businesses”.
• Invitation-only, help wanted portals specifically for cyber criminals, most originating from Russia.
• Hosting providers are key to success of cybercriminals who need servers to store illegal code, malware + stolen data, most of these providers are in Russia and China.

FIGHT BACK!

Always

• If buying merchandise or making a payment online, make sure it is a reputable, secure source.
• Track your online credit transactions often for fraudulent activity
• Shred, don’t throw away any bank or credit card statements

Caution

• Be wary of providing credit card information through email.
• Be cautious when dealing with individuals from outside your country.
• Be cautious when money is required up front for any job lead.

Never

• Never provide unknown prospective employers with your social security number.
• Never give your credit card number out over the phone unless you made the call to the known business.
• Never open or respond to spam emails.

We can’t stop cyber criminals from attempting their crimes, but we can stop them from getting our identities and precious information online.