Why Does Cybercrime Happen and What Can You Do About It?

There are countless threats out there that can leave your business in a worse state than before, including viruses and malware, ransomware, data breaches, and other types of phishing attacks. It’s hard to go about your day without worrying about these types of threats, especially in today’s connected business world. However, the ones you need to watch out for most of all are the ones that are so personal you’d never expect them.

Why Commit Cybercrime in the First Place?

The first step toward understanding what to do about cybersecurity and how dangerous cybercrime really is starts with examining the motivation behind such attacks. The modern perception of a cybercriminal is far from accurate. You might picture some nerd sitting in a dark room pouring over lines of code, and while we’re sure this description might apply to at least a handful of them out there, the reality is that cybercriminals—more often than not—treat their crimes as if they were a business model, and businesses have to be efficient.

The goal of any business venture is to make money, and the more efficient a business is, the more revenue it can generate. The same applies to cybercrime organizations. They want to get the best return on their investment, and just like your own business, they will depend on building their own skills up, delegating tasks, and making decisions that are informed through the use of analytics and other key performance indicators.

And have you ever wondered what hackers do with the profits they get from their cybercrime? Recent evidence shows that some criminal organizations are not simply cybercrime businesses—some have even been found to be associated with human trafficking rings.

Yes, that means that any business that falls for a ransomware attack and pays the ransom for the encryption key could very well be funding far worse things than simple ransomware attacks.

Of course, most of these attacks revolve around the wild profits that can be generated from such activity. Globally, the cybercrime industry brings in $1.5 trillion every year, with ransomware alone encompassing over a billion dollars. Keep in mind that this is even with companies arguing against paying the ransom.

Cybercrime and Other Attacks Aren’t Always Immediately Obvious

Technically speaking, many cybercrime attacks are difficult to piece together. Cyberthreats generally have to pull off the long con, so to speak, by infecting machines over the long haul and then waiting for them to eventually become useful. For example, one or two devices infected by malware might not accomplish much, but when those devices turn into a massive botnet that can deliver crippling DDoS attacks, suddenly the value adds up, and rather quickly at that.

Ransomware as well is mostly about the numbers. A campaign might be developed to target multiple individuals, streamlined over time to strike at the most lucrative victims possible. Basically, it’s marketing with nefarious purposes.

The Most Personalized Attacks Yield the Most Results

Most of the time, you can expect phishing attacks to be relatively obvious. These aren’t the ones you need to watch out for; it’s the ones you cannot see that are most dangerous. The most devastating threats are the ones that feel more like a numbers game, and the ones that are most personalized to fool the user. Here are some examples:

• An email that looks like it’s from your local gym saying it looks like you were double charged, to have you log in and put in your credit card information, only to send that info to hackers.
• “Adobe” or “Microsoft” emailing you to urgently log in and fix something with your account, but it leads to a fake login page that steals your information.
• Members of a local chamber of commerce could start getting emails from an unassociated third-party offering a mailing list of all the other members, leading to some kind of a scam.
• Fake cease and desist scams from quote-unquote lawyers claiming you’ve committed copyright infringement trying to get you to settle out of court.

The unfortunate reality of the situation is that everyone who has any kind of digital footprint, be they a business owner, an employee, or an everyday technology user, needs to be cautious of cybercrime. Simply being aware of and acknowledging the threat can go a long way on its own toward keeping you safe.