2022 Trend Micro Inc - National Cybersecurity Alliance
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
DIGITAL TRANSFORMATION In 5 years, 25% of shopping malls in U.S. will be gone! Source: Forbes, 2018 Mobile payments > U$1T Source: Statista, 2019 2 © 2022 Trend Micro Inc.
Benefits of Digital Transformation vs. Cyber Crime Challenges Technological Innovations Cloud IoT/IIoT AI/ML Big Data Platform & Smart Fiber / 5G computing technologies Infra/auto + 1. Environmental Factor – Misinformation 2. Social Engineering – Targeted attacks = Exponential Growth of Cybersecurity Challenges ! More data and information providing a huge 3 © 2022 Trend Micro Inc. opportunities for scam and fraud perpetrators
New Enterprise Protection, “Zero Trust Strategy” Cloud-native apps Multiple clouds SaaS applications Extended network Email On-premise IoT and OT Remote users Multiple OSs 4 © 2022 Trend Micro Inc.
Social Engineering (human factor in cybersecurity) Adversaries: § State Actors “Trusted Sources” § Organized Criminals Business and and Hackers Social • Phishing Engineering Home Users • Baiting • Impersonating i.e., BEC, deepfake, spear “Trusted Sources” phishing , pharming i.e., fake donation, technical support, Phishing relatives and friends need urgent help, prize winners…etc. Technical Attacks (web, file, email, cloud, network, endpoint devices….) Vulnerability Exploits “In the context of information security, social engineering is the psychological manipulation of people into performing 5 actions © 2022 or divulging Trend Micro Inc. confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information.” Wikipedia
A Successful Threat Defense Against Both Technology Defense: Prevent, detect, and respond to sophisticated software and attacking by technologies. i.e., vulnerability exploit, cloud and network, endpoint and IoT devices. Social Engineering Defense: Identify human emotions exploits i.e., fear, curiosity, helping heart, misinformation,..etc. Cyber crimes and scams with sophisticated social engineering component may be more difficult to prevent and detect as it cannot be defended through technical solutions alone. 6 © 2022 Trend Micro Inc.
Recommendation for all webinar participants: Must Observe Cybersecurity Hygiene § Always use strong password (or password management tool) § Enable multi-factor or two-factor authentication ü multiple login steps ü what you know, device you have, or your biometrics § Backup and Restore discipline § Trusted Vendors - monitoring § Cloud storage (i.e., OneDrive, Dropbox, Google Drive,..etc) § Service providers (i.e., payment platform, ISP/xSP, ERP/CRM,..etc) § Cybersecurity protection at home computing, WiFi routers, and mobile devices (always setup and change default passwords) § Caution with potential fake (spoofed) websites § Professional customer support with 24x7 urgent reporting options § Use a real-time cybersecurity browser protection § Malicious and fraudulent websites
Observe Cybersecurity Hygiene (continued) § Install OS upgrades and vulnerability patches timely § Protect your identity § Minimize family and professional relationship public postings § Protect your PII (personally identifiable information) § ID protection, credit score, and credit freeze § Use reputable cybersecurity tools § Seek professional IT and cybersecurity help if needed § Clear defense strategy and observe IT operating policy if available i.e., will a single layer endpoint (laptop) antivirus product suffice? § Watch Out for Phishing and Smishing >> Think and Assess before you click!
Trend Micro’s Focus on Cybersecurity Education and Awareness Outreach Universities and K- 12 Schools SYNERGY priority, Nonprofits and timing, and culture Government DIGITAL Trend Micro TRANSFORMATION
Our Email Contact: csr_education@trendmicro.com Mitchel Chang Senior Vice President, CSR and Education Trend Micro Mitchel_chang@trendmicro.com Mitchel is responsible for Trend Micro’s Corporate Social Responsibility (CSR) and Initiative for Education. He brings his passion to make the digital world safer along with decades of technology industry leadership experience to the education outreach programs. Mitchel has been with Trend Micro since 2003, serving 12 years as Senior Vice President of Global Technical Support. As part of the executive team, he was responsible for all customer support functions, developing an internationally recognized and award-winning support team. Mitchel is actively engaged with three major Trend Micro’s education outreach programs: 1) Internet Safety for Home and Small Businesses, 2) Internet Safety for Kids and Families, and 3) Cybersecurity Education for Universities. He has also served on various national and community education advisory boards such as Cybercrime Support Network (CSN), NIST National Initiative for Cybersecurity Education (NICE) Conference, National Cybersecurity Alliance (NCSA), and Silicon Valley Cybersecurity Institute (SVCSI).
The Global State of Scams
Scams, fraud & cybercrime are closely related Cybercrime Cybercrime Child Abuse Cyberstalking • All crime using (Internet) technology Mal- & Ransomware • Victims include companies/countries HYIP Fake IT Support Dating Scams Media Piracy Non-Delivery Advance Fees Online Fraud • The victim is “tricked” Online Fraud Unexpected Money Online Scams • & provides data/money Employment & Jobs Phishing/Vishing Counterfeit products Fake Charities Investments Online Scams Pyramid/Ponzi • The victim “volunteers” BEC schemes • “greed” plays a major role Hacking Cyberbullying DDoS Attacks Threats & Extortion Online criminals use the same infrastructure and tricks to commit several kinds of online scams, frauds and cybercrime
What do wigs, research papers and herpes share? They are products popular amongst scammers. Scam victims feel ashamed to go to the police to report the scam. Globally on average 3 - 15% of all scams are reported to law enforcement.
Squid Game crypto token scammed $ 3.4 million in 5 days Squid was billed as a token that could be used for a new online game inspired by the popular Netflix series. The game was due to go live this month. Its value grew from $ 0.01 to $ 38.48 in 5 days before it collapsed. https://www.bbc.com/news/business-59129466?fbclid=IwAR0fhr86Z7t4e-0SbIphKruMjRYD_qS2F6-9P_Jhhr7BveArsqf5d4HvbkQ
Anybody, high- and low-educated, can fall for a scam The Sha Zhu Pan or “Pig-Butchering” Scam: victims are “fattened up” for 3 to 6 months before being asked for money in Romance and Forex/Crypto Scams
76% of consumers are confident they can identify scams Not confident at all Not very confident Fairly confident Very confident 0% 10% 20% 30% 40% 50% Question 10: To what extent are you confident or not that you would be able to identify a scam if you came across one? Answered: 2,684
Of those targeted, 73% fell for a scam 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% I lost money My personal details I ended up taking I was affected in I was drawn into None of the above - Other (please were taken part in an activity I some other way the scam initially I was not drawn specify) did not want to (please specify) but did not suffer into the scam any type of loss 46% reported losing money, 20% lost personal data in at least one scam Question 11: You were targeted by scams in the last year. As a consequence, which of the following happened? Answered: 2,687
Most consumers do not identify the scam in time Other (please specify) I suspected it was a scam but I chose to risk it I was attracted by the lure of money I lacked the knowledge to identify the scam I did not identify the scam until it was too late 0% 10% 20% 30% 40% 50% 60% 43% of the participants admit they were attracted to the lure of money or took the risk willingly Question 13: You stated falling for a scam. Which were the main causes this happened? Answered: 2,033
Higher income consumers take risks more willingly 60% 50% 40% 30% 20% 10% 0% Under $15,000 Between $15,000 and Between $30,000 and Between $50,000 and Between $75,000 and Between $100,000 and Prefer not to say $29,999 $49,999 $74,999 $99,999 $150,000 I did not identify the scam until it was too late I lacked the knowledge to identify the scam I was attracted by the lure of money I suspected it was a scam but I chose to risk it Lower income respondents seem slightly more attracted by the lure of money Question 13: You stated falling for a scam. Which were the main causes this happened? Answered: 2,033
We are only at the beginning; Scammers are professionalizing rapidly Scams are Increasingly Scams are Localized Specific Groups Personalized & Translated are Targeted With more data and new technologies such as deep fakes, scams are becoming very difficult to identify
How “BIG” are Online Scams?
Online scams have grown sharply due to Corona $ Billion Lost in Online Scams Number of Complaints received 4.2 791790 3.5 2.7 467361 351937 1.5 1.4 288012 298728 301580 1.1 2015 2016 2017 2018 2019 2021 2015 2016 2017 2018 2019 2020 However the number of scams and money lost have been growing for years… Source: FBI IC3 reported scams in the USA. pdf.ic3.gov/2019_IC3Report.pdf
We researched scam statistics from 42 countries Series1 190% -14% And how they try to fight online scams…
$ 47.8* Billion lost in Scams Up 15% * The actual amount is likely to be much higher as on average only 7% of all scams are reported
Scams Reported grew from 139 to 266 million (93%)
Scammers are Winning
Online scams are great (for criminals) Offline Online Mature Market Growing market High Costs Low Investments High Chance of Arrest Low Chance of Arrest
You can also read