The rise of ransomware and id fraud
15th December 2015
Cyber crime is becoming more sophisticated. This week it was reported that The Independent played victim to a so called cyber ransom attack on its blog pages which tried to extort money from its readers. In short the malware infects a computer and encrypts all its files. It then demands money for a key to decode the documents. The ransom is often requested in bitcoins as this is harder to trace. Experts are advising the only way to recover files without paying the ransom is to switch to a back up, which is fine for businesses that are likely to backup the server regularly but how many of us actually do this at home? Organisations and home users alike are advised not to pay the ransom as there is no guarantee that the people behind the attack will relinquish the codes to translate the files and it is likely your details will be added to a sucker list and you’ll be targeted again.
This is a form of organised cyber crime on a massive scale. Palto Alto Networks suggest that one type of ransomware called Crypto Wall has generated in excess of $325 million for the gang behind it. Moreover, it is a global problem. The Australian government recently released a report claiming that 72 per cent of businesses experienced a ransomware incident this year – the figure was only 17 per cent two years ago. However, as our new research conducted amongst ex-offenders reveals fraud is not just the domain of sophisticated criminal gangs, but is becoming a more pedestrian crime and is increasingly prevalent on our streets.
The most common form of ID fraud was (unsurprisingly) found to be handbag and wallet theft in the pursuit of personal information and credit cards. Perhaps more surprising, however, was that the second and third most popular type of identity fraud was deceased fraud (stealing the personal information of someone that has died and using it to obtain credit/goods and services) and mail fraud (stealing mail to obtain personal information which can then be used fraudulently).
Confidence trickery like phishing, telephone fraud and SMSishing were also present in the top 10. It is estimated the ID fraud in the UK is growing at a rate of 500 per cent per year. This has enormous implications for UK consumer facing businesses as more and more transactions are proven to be fraudulent. Part of the solution is putting processes in place which flag fraudulent purchases – for example screening all transactions against a deceased file which identifies whether or not the person allegedly making the transaction is alive or not. Its not a nice thing to have to do, but sadly one that is becoming increasingly necessary as ID fraud is now estimated to cost the UK economy in excess of £3bn.