This blog post was first published in 2020.
What is cybercrime in finance?
Cybercrime in finance is the act of obtaining financial gain through profit-driven criminal activity, including identity fraud, ransomware attacks, email and internet fraud, and attempts to steal financial account, credit card, or other payment card information.
In other words: Financial cybercrime includes activities such as stealing payment card information, gaining access to financial accounts in order to initiate unauthorised transactions, extortion, identity fraud in order to apply for financial products, and so on.
The financial services industry is a very lucrative target and is, therefore, heavily impacted by the rise of cyber criminality. However, cyber financial crime also affects all sorts of companies and unsuspecting individuals like you and me.
Everyone may fall victim to credit card skimming, having their virtual wallets targeted, or malware designed to steal your password.
“Nowadays the term “hacker” slowly disappears from the threat landscape and we see an increase of “criminals” who follow the same paths as always, the only difference being they are now cybercriminals. To avoid becoming a victim of financial cybercrime, you must understand that technology will react to the decisions you make–it cannot make decisions for you,” – Adrian Constantin Stanila, Head of Cyber Security Incident Response team in Visma.
What are the types of attacks motivated by financial gains?
We have all received the well-known email where some Nigerian prince has died and their barrister is now contacting you, the sole heir, in order to send over a load of cash to you.
It’s just one tiny little hiccup: To receive the payment, you need to do a money transfer through the Western union for some strange and obscure reason you might not fully grasp and then you’re out on a slippery slope. Sounds familiar? We all know the story, but the plots have become more advanced.
Various social engineering techniques are most often used in order to manipulate victims into providing confidential information. This can be everything from fake emails supposedly sent by Netflix asking you to pay your subscription invoice, to illegitimate replica emails pretending to be from Paypal or iTunes informing you of your monthly invoice–trying to get you to click on a fraudulent link.
Other well-known scams are Bitcoin scams or love scams, where people are targeted through fake profiles on dating sites or popular social media sites to strike up relationships, leading to the scammer asking for money transactions exploiting the victim’s feelings.
What are the consequences of financial crimes?
The consequences of a successful attack can be dramatic and have devastating effects on a company. Loss of large sums can impact the whole economy of the company and even lead to bankruptcy in the most severe cases, especially if the company is small.
Reputational damage in the eyes of stakeholders, clients, and the general public is also an unfortunate consequence. When it comes to private individuals, they may experience having their accounts emptied, savings stolen and debts taken up in their name after having their identity stolen.
So, what initiatives can we take to prevent such cybercrimes from succeeding?
Read more: Password Security Tips from our experts
How to prevent financial cybercrimes?
Human error is usually why exploits happen, so it goes without saying that training and awareness are important.
As a company, it is also important to focus on awareness so that the employees will be equipped with the knowledge of how they can be tricked in order to change these behaviours. It is also essential to have well-functioning threat intelligence in place, regular vulnerability tests run by the IT security team, and overall good cyber hygiene.
When it comes to you as an individual, try thinking about these things:
- Always be alert and careful when shopping online, making transactions, or signing into your online bank and government portals
- Always make payments and transfers through official sites and be critical of who you’re sending money to and why
- Be careful not to click on suspicious links, always verify the sender’s identity and if in doubt, ask for a second opinion
You might also be interested in reading: Key findings on cybersecurity from the Hidden Statistics report 2020
How does Visma contribute to this?
Our goal is to be transparent in regards to cybercrime, choosing to share information rather than keeping it quiet. This is a social responsibility approach that we have put upon ourselves as a company, for the greater good of all our customers, partners, and employees.
Raising awareness and running training in cybercrime techniques and consequences are necessary in order to reduce the number of victims.
Through sharing our knowledge, expertise, and experience in our digital channels as well as participating in conferences and running awareness campaigns internally, we aim to contribute to the fight against cyber criminality.