Cybercriminals can be many things; evil, selfish, immoral, greedy, arrogant … Well-read is not one characteristic that springs to mind, however.
A report from Microsoft has found a clear correlation between current events and the topics used in the latest scams and phishing emails. The COVID-19 outbreaks and lockdowns of 2020 showed that, as news grew of the epidemic, there was an rise in the number of pandemic-themed scams sent out trying to lure us into clicking on malicious links. Later on in 2020, when news of a vaccine started to break, there was a clear shift towards scams promising that people could get their shots by supplying personal and medical information.
This trend will continue. Being prepared means understanding what is happening in the world around you and recognising when current events are reflected in the emails that cybercriminals send.
The results are in on breaches from 2020, and there is good news and bad news. According to new data from Risk Based Security, the good news is that the number of actual breaches was down by 48%. The bad news? The number of lost or stolen records went up by a whopping 141%, to 37 billion. That’s a lot of personal and confidential information.
Overall, 23% of the incidents (from a total of 3,932) were down to people within the organisation that was breached, and 69% of those were down to human error (that’s 624 incidents if you aren’t keeping up with the maths).
What can you take away from this? If nothing else, reading these newsletters is essential, because really, who wants to be involved in any of those statistics?
According to an experiment carried out by Kaspersky, 90% of second-hand storage devices such as USB sticks and hard drives still contain traces of private and business data. This ranges from passport photos, banking documents and medical records to personal images, intimate messages and even pornographic content.
More alarmingly, according to Kaspersky’s research, 41% of people who find information on second hand devices say they will use it, publishing it on social media, saving it for themselves or sharing it amongst friends or family. If they are happy to do that, just think what a criminal would be willing to do with it.
Your obsolete company equipment will be disposed of properly and securely by your IT team. But these findings should make you think twice about how quickly you pass on your old personal equipment without destroying the data on it first. (Follow the link above for some tips on how to do just that.)