Although they say crime doesn’t pay, turning a profit continues to be the primary motivation for hackers and cybercriminals.
According to Verizon’s recently published 2020 Data Breach Investigations Report, 86% of the data breaches analyzed were financially motivated. This puts making money ahead of other commonly observed motivations like espionage, ideological reasons, and just for fun.
You’d think that stealing credit card details and then cleaning out bank accounts would be the go-to money-maker for hackers, but that's not exactly how it works.
Here are just some of the ways that hackers can cash out, and make you pay the price.
Selling data on the dark web
In recent years, it has been observed that personal data is much more sought-after and valuable than credit card or bank account details. This can include everything from online account credentials, to phone numbers and home addresses, and even medical records.
A big batch of stolen usernames and passwords for example could be used to perform credential stuffing attacks and potentially compromise plenty of other accounts, which is why they can fetch a good price on the dark web.
Credit card theft
Just because credit card details don't sell for as much as credentials do, doesn't mean they aren't a booming business themselves. Much like credentials, the true value of stolen credit card details for a hacker comes from selling them in batches, not actually using them themselves.
Some hackers even go a step further and pull off what is known as carding, where stolen credit cards are used to buy prepaid gift cards and either directly sell those cards or use them to purchase products which could then be resold for cash.
With a well-targeted ransomware attack, a cybercriminal can take a business' data hostage and deny them access to it, in order to then demand a hefty sum in exchange for its return, i.e. the ransom. Even hospitals and entire American cities have fallen victim to these types of attacks.
Although it is often recommended not to pay the ransom, the number of victims who end up giving in has been increasing due to the fact that the affected organizations see paying as the quickest and easiest way to get their operations back on track.
A botnet is the name given to a network of devices transformed into a cybercriminal's own personal zombie horde. By infecting them with malware, a hacker can seize control of certain aspects of these devices, which could be anything from computers to household IoT devices.
One thing botnets are really good at is launching DDoS attacks, where a web server gets bombarded by so many requests to serve a webpage that it ends up crashing and going offline. Anyone with a grudge looking to bring down a web page can pay top dollar to unleash a botnet.
Don't be a cybercriminal's cash cow. Think before you click any suspicious links or download sketchy email attachments, and most importantly, always use strong and unique passwords for all your online accounts, and be ready to change them immediately in case of a data breach.
Download the MYKI app for mobile or desktop today and start taking control of your digital identity.