Fraud Moves on From Phishing

Targeted fraud is on the rise, morphing into a well-managed crime that pays off better than ever.

Unlike spammers, fraudsters are criminals who study their victims, and with the right information they can fool victims rather easily. Fraudsters have moved on from just using large-scale phishing attacks that expose a few vulnerable victims.

According to a study from ZapFraud, fraudsters are now beginning to leverage new tools, so that a single targeted email can pay off much better than sending a million untargeted fraud emails. Ready access to social media and commonly available online databases serve these criminals, who know how to use personal data to gain victims' trust. Today's fraud succeeds because the sender knows enough about a victim to create context that makes sense.

“The right context equates to calling out someone's name in a crowd, instead of yelling ‘hey you,’” ZapFraud said. “Highly targeted emails suggest to the victim that the sender knows them or has information the victim needs or can use. Senders/fraudsters create an atmosphere of familiarity that is accepted by the targeted victim of the attack and encourages them to respond.”

Major data breaches, especially, contribute to fraudsters' growing field of potential victims, who are easy marks of very precise spear phishing emails. The new fraud—targeted attacks—appears to be very credible, and as a result, increases the click-through rate by more than 200 times compared with non-targeted fraud messages, according to Cisco. Victims, who in large numbers entertain the illusion that they are impervious to fraud boost criminals' chances of success.

What’s Hot on Infosecurity Magazine?