With the new year now upon us, so too are the top cybercrimes we can expect to see more of this year...a lot more thanks to AI and other advancing hacking tools. Below are some of the top risks facing us with cybercrime 2024 that is today. Some, such as phishing, are no surprise. However, even the old “standbys” for the cybercriminals are expected to be improved in the upcoming year. Read on for more of what you can expect this year.
Phishing Improves. Whether by email, text, voice, or QR-code, phishing attacks are bigger and better than ever this year. Growing assistance from AI produces text, audio, and images that cybercriminals use to dupe victims into believing they're the real thing. With the typical phishing red flags becoming less obvious with AI, it means more of us will be falling for the phishing lures we knew to avoid.
- Don’t give up on the telltale signs of phishing. They still do indicate something may be amiss. However, also be extra careful of any requests for sensitive information and payment of any kind. Have a backup plan to make sure the requestor is who you think it is, such as a quick “hey, let me call you right back.” Then call on a number you know is theirs.
The Dark Web. That cesspool of illegal activity, the dark web has been revving up serving criminals of all kinds. This year, expect cybercriminals using the dark web to dish-out heaping helpings of Malware as a Service (MaaS) and plenty of Hacking Guns for Hire.
Malware as a Service is the ability to rent or purchase malware for a price depending on your budget or desired crime. But now, the MaaS available on the dark web is increasingly available with tutorials and simplified teachings. That means any aspiring do-badder can peruse the dark web and leave it with their malware of choice and easy lessons on how to use it.
Hacking Hired Guns. Yes, the dark web offers hiring cybercriminals to do your hacking for you. This year will not only see an increase in these Hired Guns, but it's believed more threat groups will offer hacking as a service for the right price.
- Don’t go clicking on links and attachments. That one still remains true. If you have any doubt, just don’t click it. If you aren’t sure, use that backup plan to verify such as a phone call or separate email asking the sender.
Malicious Browser Extensions. These extensions play a growing part in attacking everyday users. Hiding in software and sometimes in plain sight, malicious code plants malware that steals data, spies on your device activity, and generally anything else it’s been built to do.
- Avoid using these on your browsers. While some may be extremely useful, many of them are more trouble than they’re worth. If you aren’t sure if you need it, shut it off in your browser settings and find out. If you don’t miss it, delete it altogether. Don’t download them unless you are 100% sure you want it and it isn’t full of malware.
Supply Chain Attacks Going Up. Providers of third-party goods and services to businesses are a growing target this year. Supply chain attacks need only one compromised employee in an organization to multiply within the company, its customers, and to keep on going.
- Always keep your devices updated with supported versions and with the latest patches. Remember that supply chain includes software developed for your devices.
Escalating IoT. Whether personal or business, as more devices connect to the massive Internet of Things, so do hacking opportunities. The IoT we have today began decades ago with the technology of the times. Since then, building upon it and adding to it at lightning speeds with every connection means escalating crimes of opportunity for hackers.
- Limit the devices that connect to the internet in your home. Each one is an entry point for a cybercriminal. Consider putting them on a separate network from the one you connect your computers, tablets, and smartphones to. This limits what damage they can do, should they be compromised.
Staying Vigilant In 2024
This expanding technology horizon brings with it the need for staying vigilant of our cyber-surroundings. Growing cybercrime trends in 2024 need to be met with strengthened collaboration between security professionals and businesses to mitigate threats using zero tolerance. Employees need ongoing cyber-education through their employers to meet these threats with effective response and preventive steps. And consumers, those often with the most to lose, need to stay aware of the ever-evolving technology landscape and how best to stay safe.
AI ChatGPT And PaaS Merge, Further Weaponizing Email Phishing Campaigns
Published March 27, 2024
Hold on to your login credentials! A recent look at email phishing campaigns uncovered a 61% spike in attacks over the second half of last year. However, security pros find AI (artificial intelligence) is now accelerating these campaigns, and the number of attacks will significantly increase going forward. With the release of the AI ChatGPT platform coupled with PaaS (phishing-as-a-service) kit upgrades, email phishing is slated to be more pervasive and destructive than ever before.
Make Sure Your Smart Home Is A Safe Home. What You Need To Know
Published February 4, 2024
Most of us would agree living in a connected world has its perks. Otherwise known as the IoT (Internet of Things) all devices using the internet are IoT-connected. But what happens when some devices, especially those in smart homes, jeopardize the security of their users? The security that smart homes are expected to provide can backfire in unpredictable and disturbing ways. Knowing how to safely and securely run smart home devices is the best answer to that question.
2024 HIPAA Rules Promote Data Privacy, Cyber Awareness Training
Published January 28, 2024
The 2024 HIPAA requirements for healthcare organizations include a focus on patient data privacy and cyber incident preparedness. It's a welcome change with new compliance that all Americans can be happy about, especially when their PHI (protected health information) is better guarded from cybercrime. Here's a quick summary of a few that may affect you and the organization you work for including bolstering employee awareness, incident response, and more data privacy.
The AI 'Crystal Ball' Predictions for 2024
Published January 22, 2024
With artificial intelligence continuing to grab the headlines, many wonder what AI-enabled cybercrime will look like in the coming year. From deep fakes to AI-enhanced phishing emails, the risks to online security are greater than ever before.
And while predictions are far from fact, read on for three of IBM's most prevalent "crystal ball" AI-related cybercrimes we can expect to see in the new year: Generative AI, Lookalike Behavior, and Wormlike behaviors.
It’s Happening…AI Kidnapping Faked For Ransom Money
Published January 19, 2024
Many of us wonder about the advent of artificial intelligence (AI) and how it will be used for wrongdoing. Well, wonder no more. The unthinkable happened when an Arizona mother received a phone call from her 15-year-old daughter saying she was kidnapped and being held for $1 million ransom. What unfolded exposed a cruel scam using AI to clone her daughter’s voice. It’s not the first time that criminals exploited AI for their benefit, and it surely won’t be the last.
