GDPR Fueling Rise of PII Theft, Cryptomining Plateauing

Written by

Scammers are increasingly targeting Personally Identifiable Information (PII), turning away from bitcoin scams and putting resource behind traditional technology support scams. 

According to Malwarebytes's Cybercrime tactics and techniques: Q2 2018 report, the new General Data Protection Regulation (GDPR) could be fueling this increase in PII theft, as the information could be more valuable on the black market. The company observed that a victim had allowed a phishing scammer entry into their computer, which resulted in stolen email credentials. 

The report also noted that phone scamming had risen in awareness with the general public, with potential victims being more vigilant. However, scammers still tried filtering down to unsuspecting victims by using tactics such as calling to route straight to voicemail to request a callback, hanging up on victims who aren't entirely convinced and requiring a small upfront payment before the scam. 

"Because of the new policies ushered in by the EU’s GDPR in late May, organizations will only have a limited time to hold onto PIIs of their customers, making it more valuable to criminals," said the report. "This means we may see an uptick in data - stealing threats, from spyware and info stealers to keyloggers and good old-fashioned phishing scams."

However, Eerke Boiten, professor of cybersecurity, De Montfort University, disagrees: "The explanation is nonsense. The 1980 OECD data privacy guidelines already included limited retention of data in the explanation of the Purpose Specification principle, from there it arrived in the 1995 EU Data Protection Directive, the UK 1998 Data Protection Act, and so on. So the word "new" is only about 40 years off.

"So will personal data become more attractive to steal and in that way more valuable? I don't think there's a significant difference as far as criminals' use of such data is concerned. Companies may have more to lose, but I don't think criminals stand to gain more."

Interestingly, Malwarebytes found that cryptomining detections were declining, but were still dominating the threat landscape for both businesses and consumers. The report explains that many criminals are not getting the return on investment from cryptomining they were expecting, and is expected to stabilise as it follows market trends in cryptocurrency.

Enterprise systems remain vulnerable to cryptomining, with detections every month fluctuating throughout 2018: "By Q3, we may be able to identify an ongoing trend and/or campaign trying to spread these tools," said the report. "More than likely, though, we'll see a decline in business detections as we head into Q3, which has already been observed on the consumer side." 

Android cryptominers also saw a decline from Q1, with May seeing a 16% drop from the previous month. There were 244% more miner detections than in Q1. 

What’s hot on Infosecurity Magazine?