Phishing mails in the junk of my mailbox is ‘quite’ normal. Sometimes they end up in your inbox. For some people it is easier to fish out the real ones than for the other when such is addressed to you personally or the company you work for. Last year, webshop Bol.com received a short email written in Dutch from Brabantia. At least that was what Bol.com thought. The message was filled with typos and grammatical errors while the lay out looked professional. It stated that the money must be transferred to Brabantia’s bank account in Spain. Unfortunately, employees of Bol.com fell for it and deposited around 750,000 euros to the scammers (Mous, 2021).
Phishing and online scams as effective threats are just the tip of the iceberg to enable other types of cybercrime, e.g., disruptive malware (DDoS and ransomware), data harvesting malware, malicious domains, fake news and misinformation (Interpol, 2020). The persistence of cybercrime-as-a-service continues to ensure that less skilled criminals can also carry out cyber-attacks (Bijzonder Strafrecht, 2021). Cybercrime cannot or can hardly be solved with investigation. In general, controlling this form of crime rests with the users of the internet.
According to the Cyber Security Council, companies tend to think that no one is deliberately targeting them. They assume that there is only a small chance of becoming a victim. A fundamental fallacy. “You may not be a conscious target, but distance and time do not play a role on the internet,” says Pim Takkenberg of security company Northwave. Criminals search the internet for victims. “So if you don’t take care of your security, you can become a victim, even though no one is deliberately targeting you” (Schellevis & Andringa, 2021).
Ransomware attacks on large companies and institutions are an increasing threat to economic and social security. A part of the ransom money received by hackers is directly invested in new attacks, according to the Dutch police (Bijzonder Strafrecht, 2021). Ransomware is also increasingly being combined with the publishing or resale of information during the attack.
Data has globally become a new natural resource which creates new opportunities for innovation in our digitized economy but also unforeseen malice. Cyber threats are expanding from networks, computers, and smartphones to railways, power grids, cars, hospitals, people and anything with an electronic pulse or a heartbeat (Morgan, 2020). Many ‘Things’ are connected to corporate network to some extent which will further complicating cybersecurity.
This may sound a bit daunting, but when COVID-19 is slowly out of sight, I think that the world will be down for a moment (again) if cybercrime takes over. Especially when the government pays little attention to this matter.
——————————————————————————————————————————–
Bijzonder Strafrecht, 2021. Aanpak cybercrime: capaciteit OM blijft achter. [Online]
Available at: https://www.bijzonderstrafrecht.nl/home/aanpak-cybercrime-capaciteit-om-blijft-achter
Interpol, 2020. INTERPOL report shows alarming rate of cyberattacks during COVID-19. [Online]
Available at: https://www.interpol.int/News-and-Events/News/2020/INTERPOL-report-shows-alarming-rate-of-cyberattacks-during-COVID-19
Morgan, S., 2020. Cybercrime To Cost The World $10.5 Trillion Annually By 2025. [Online]
Available at: https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
Mous, A., 2021. Phishingmail kost Bol.com 750.000 euro. [Online]
Available at: https://www.vpngids.nl/nieuws/phishingmail-kost-bol-com-750-000-euro/
Schellevis, J. & Andringa, R., 2021. Digitale deuren staan soms wagenwijd open, ‘situatie is alarmerend’. [Online]
Available at: https://nos.nl/artikel/2375676-digitale-deuren-staan-soms-wagenwijd-open-situatie-is-alarmerend
Hi Noa, first off I want to mention that this is an enjoyable and easily readable article. It is interesting to see how we progressed from the chain mails we used to get when we were younger to identical company emails. I feel like most individuals would say that they would recognize an email like this, but the employee of Bol.com falling for the scam even though the message had a lot of grammatical errors, shows that this is not the case.
It is also alarming to see that companies are now being scammed. Companies should put more emphasis on their cyber security because as you said they are not deliberately being targeted, only if they seem like an easy target. Also, because information is becoming a more valuable good to sell for criminals, emails like this could become more common. Especially for the governments, as they have access to the most sensitive information and in the past have shown not to be resistant to such attacks.