The first thing that comes to mind when we hear the word "cybercrime" is that of a shady hacker. While unethical hackers are also part of the equation, cybercrime is professionally organized and has quite a few types.
If you are concerned about cybercrime, then understanding what it entails and its various types can prevent you from becoming its victim. Read on to find out what cybercrime means, its different categories, and various types.
What Is Cybercrime?
Cybercrime is a type of criminal activity where a computer, a computer network, or a networked device is used as a primary tool for carrying out online crimes.
Most cybercriminals commit cybercrime to rake in money. While some cyber criminals are part of organized groups and use advanced skills to carry out cybercrime, others are simply novice hackers or bandits.
Occasionally, cybercrime can also be committed for personal or political reasons, such as taking revenge or attacking rival countries.
Three Categories of Cybercrimes
Cybercrime comes in many different strains including identity theft, stalking, financial fraud, online bullying, hacking, and more. At a minimum, cybercrime can cause major inconvenience and annoyance for its victims, while at worst, cybercrime can result in financial distress or a severe threat to a victim’s reputation or personal safety.
Based on the levels and types of threats used by cybercriminals, cybercrimes are divided into three main categories:
1. Crimes Against Individuals
These crimes are intended towards individuals and can range from cyber harassment and stalking, distribution of child pornography, human trafficking, credit card fraud, identity theft, email spoofing to online libel, or slander.
2. Crimes Against Property
Just like real-life incidents, these cybercrimes are committed against property such as a computer or a server.
Phishing scams, DDOS attacks, virus attacks, computer vandalism, keylogging, cyber and typosquatting are all part of these crimes.
3. Crimes Against Government
This type of cybercrime is also commonly known as "Cyber Terrorism". While not as prevalent as the other two categories, this cybercrime targets a nation's sovereignty.
Cybercrimes against the government may include hacking of websites and military websites, accessing confidential information, cyber warfare, or the distribution of government propaganda.
Different Types of Cybercrimes
So far, we've only covered the different categories of cybercrime and how they affect people. However, the attacks themselves can take different forms depending on what the attacker wants to achieve.
A malware attack is carried out by infecting a system or a network with a computer virus or other type of malware.
The compromised computer or system can then be used by cybercriminals for malicious reasons such as stealing confidential data, damaging the data, or carrying out other criminal acts.
The main purpose of DDoS attacks is to bring down a network or website by sending multiple overwhelming and malware-injected requests to a targeted website server or a resource.
You can think of a DDoS attack as an unexpected traffic jam that clogs up the highway and prevents regular traffic from reaching its destination.
Botnets are large networks of infected devices that are controlled externally by remote hackers.
The hackers use these botnets to attack or inject other computers with spam. Botnets can also be used as malware or perform other malicious tasks such as carrying out DDoS attacks.
When someone uses your personal information without your permission or consent, it is called identity theft.
Cybercriminals can conduct identity theft in various ways such as stealing funds, accessing confidential information, buying things from stolen credit cards, or opening a new phone, electricity, or gas account under the victim's name.
Any type of harassment that takes place through online channels such as chat, social media, forums, or email is known as cyberstalking.
Most cyberstalkers know their victims well and carry out harassment with a well-laid-out plan over an extended period of time.
Ransomware is a malicious attack that leaves your data encrypted by cybercriminals and the only way to regain access is by paying them money.
While ransomware attacks targeted towards individuals are also prevalent, most attacks are directed towards established organizations where the ransom money can sometimes cost a fortune.
The biggest example of ransomware is the WannaCry ransomware from 2017 which targeted a vulnerability in computers running Microsoft Windows and affected 230,000 computers across 150 countries. Users were locked out of their files and sent a message demanding that they pay a BitCoin ransom to regain access.
Social Engineering Attacks
Instead of hacking and using technical tactics, social engineering attacks exploit human psychology to gain access to data, buildings, or systems.
Cybercriminals gain confidence by making direct contact with their victims over the phone or email in an effort to extract personal information such as passwords or bank account information. Sometimes insider threats in the workplace are a common culprit behind social engineering attacks.
Once the cybercriminals gain access to personal information, they can either sell that information or secure accounts in the victim's name.
Potentially Unwanted Programs (PUPs)
While Potentially Unwanted Programs are less threatening than other kinds of cybercrime, they are still a type of malware. They enter your system in the form of spyware or adware and can uninstall crucial software such as pre-downloaded apps.
The best way to avoid PUPs is to always have an up-to-date antivirus installed and running on all your devices.
Phishing is a treacherous way of luring victims into opening malicious email attachments and URLs.
Malicious emails and attachments are disguised to look trustworthy and once the victims click on those attachments, the cybercriminals grab the access they need.
Most phishing emails claim that the user either needs to change their password or update their billing information, among others.
Online scams are always circulating on the internet. They usually come in the form of ads or spam emails promising their victims rewards or offers of unrealistic amounts of money.
Any offers received through emails or ads that are too good to be true, are mostly scams. Once clicked, these scams can generate malware that can compromise both your personal information and system.
Exploit kits are automated programs that cybercriminals use to exploit known vulnerabilities or bugs in systems and applications.
Most exploit kit attacks are carried out secretly when victims are busy browsing the web. The main premise behind these kit attacks is for the cybercriminals to download and execute malware in the victim's machine.
The biggest downside of these exploit kits is the fact that they are sold as ready-made tools on the dark web for cybercriminals to buy conveniently.
Do Not Become a Victim of Cybercrime
When it comes to cybercrime, no amount of prevention or mitigation is enough. The best defense against cybercrime is simply practicing mature digital habits.
To prevent yourself from becoming a victim of cybercrime, always keep the following points in mind:
- Be cautious of opening emails with sketchy links or attachments.
- Never enter your personal information on any website unless you are certain about its legitimacy.
- Avoid downloading anything from unknown sources.
- Be quick in applying software patches and updates for all your programs as they fix any known security vulnerabilities.
- Always use a VPN when using unencrypted public Wi-Fi in places such as coffee shops and airports.
- Always create unique and robust passwords for all your accounts and do not reuse the same passwords for multiple accounts.
- Use two-factor authentication whenever possible.
- Since routers are also vulnerable to cybercrime, boost your router security to mitigate any attacks on your home network.
Keeping Safe From Cybercrime
While we cannot completely shelter ourselves from the countless number of cybercrime lurking online, we can at least do our best to mitigate them as much as possible. Now you know the avenues that malicious agents can take and how to stay safe to the best of your ability.