Cybercrime is more common than you might think. Every year, cybercriminals are developing new ways to attack businesses and consumers, making off with not only sensitive personal information, but also account numbers, passwords, address books and more.
Just like with any crime, there’s no standard crime scene or outcome from one of these events. Navigating the impact of a cybercrime is different for everyone and can be incredibly confusing. Industry terms such as “phishing scam” or “PII breach” used to describe cybercrimes can add to the confusion.
It’s easy to become overwhelmed if you’ve been a victim of a cybercrime, but the first step is to understand what type of cybercrime you’ve been targeted with and the type of information potentially exposed. So in the spirit of National Cyber Security Awareness Month, we’re breaking down the five most common types of cybercrimes and how you can help protect against them.
1. Phishing Attack
In a phishing attack, cybercriminals use email or malicious websites to solicit personal information from an individual or company by posing as a trustworthy organization. Phishing attempts often arrive in the form of an email, but also can arrive as a text message (called SMiShing) or voicemail (Vishing).
At one point or another, we’ve all received chain emails from friends, former colleagues, coworkers or family members. The message seems innocent enough – take a quiz, learn about your ancestry or register for your upcoming college reunion. You click the link, enter some personal information and later learn that your friend, colleague or family member didn’t send the message at all. It’s at this point that you realize you may have been scammed.
Phishing attacks typically appear to come from a source you trust, including individuals or companies that you do business with on a regular basis. The email seems legitimate and contains a call to action that you recognize, such as to verify an email address or to provide invoice information. In reality, though, this is actually a trick used to capture your personal information, online credentials or even to install malware on your computer.
Recognition and avoidance are the best defenses against phishing attacks. One of the best ways to protect yourself is to never click on links or attachments in emails until you verify the sender. Call your friend or the company using a known, valid phone number or website address first.
See more tips for staying safe from phishing attacks »
Malware – or malicious software – is one of the most popular types of cybercrime because it can manifest itself into numerous formats. Malware could include anything from Trojan viruses to worms to spyware, and is still a key component in the majority of cybercriminal operations, including phishing attacks, credential breaches and more.
Different types of malware can wreak havoc on your devices in different ways, from remotely controlling your computer to spying on your key strokes to even stealing personal documents or information saved on your device. Malware attacks typically lead to larger breaches of personal information, online account credentials and more.
In recent years, a new type of malware – ransomware – has increased in notoriety and is currently plaguing organizations across the world. During a ransomware attack, malicious software causes devices and networks to be locked down until a ransom is paid. Cybercriminals often target organizations that possess significant amounts of confidential information that need to be used in a timely manner, such as hospitals or law firms.
Fortunately, most malware attacks can be prevented with a good offense. Be diligent about what email attachments you open, avoid suspicious websites and install and maintain antivirus programming on all your devices. This includes your smartphones!
Learn more about how to keep your devices safe »
3. Online Credential Breach (user names and passwords)
Becoming a victim of an online credential breach could occur in various ways – malware, phishing attack, credential stuffing, etc. – but the end result is always the same: cybercriminals have access to employees’ or customers’ personal online credentials (user name and password).
Many recent cybercrimes seek consumers’ account information for bank accounts, credit cards and retailers. In fact, according to the 2018 Credential Spill Report by Shape Security, nearly 1.4 billion passwords were leaked for hackers to reuse last year alone.
Despite warnings against it, many consumers continue to use the same password across different online platforms, so once one account is breached, they all are at risk.
Helping to prevent a credential breach starts with using strong, unique passwords for your various accounts. Do not share these passwords or save them to a public computer. Never use the same password for banking as you do for other non-financial sites, such as social media or email. Consider using a dedicated computer for banking versus other day-to-day functions to lessen the chance of a computer breach, leading to theft of your online banking credentials.
Learn more about protecting yourself online »
4. Debit or Credit Card Fraud
Theft and fraud committed using a credit or debit card to either obtain goods without paying or to obtain unauthorized funds from an account is not a new phenomenon. However, online shopping coupled with the rise in cybercrime has increased the amount of cyber fraud seen today.
It’s important to remember that here are multiple ways this type of cybercrime could take place, including entering your card number on a fake website, using public Wi-Fi where a hacker may be lying in wait, or a breach on a business’ internal payment system.
According to a recent Identity Theft Resource Center study, 20 percent of all breaches in 2017 included credit and debit card information – a rise of nearly 6 percent year-over-year. Help protect yourself by watching your accounts closely, regularly checking your credit report and using credit monitoring services.
See more on credit or debit card fraud protection »
5. Identity Theft
Similar to credit and debit card fraud, the risk of identity theft is on the rise as well. Due to the increasing use of computer networks and electronic data sharing, accessing consumers’ personally identifiable information is getting easier for cybercriminals.
Criminals used to resort to stealing your mail or digging through your trash to harvest personal and financial information. Today, cybercriminals can obtain your personal information through many avenues, including a phish, malware attack or even purchasing it on the dark web. Not to mention, these days all a hacker needs is a Social Security Number, name and address to open a new line of credit and just an account number to potentially drain your assets.
Being the victim of identity theft is more than an inconvenience – it can have a long-term negative effect on your financial stability, including the ability to make big purchases, open accounts or receive owed benefits.
The easiest way to help protect yourself from identity theft is to monitor your accounts and credit reports diligently, change your account passwords regularly and enroll in email alerts to confirm transactions on your accounts are legitimate. If you notice suspicious activity, you should report it to the proper authorities immediately.
Learn how to help keep your identity safe »
It’s important to remember that cybercrime comes in many forms. When it comes to cybersecurity, ignorance isn’t bliss and time is always of the essence. Make sure you are taking steps to help keep yourself safe.
Do you recall all the various parties with whom you’ve willingly shared your bank account details? PNC recently commissioned a survey of nearly 1,200 consumers (not necessarily PNC customers) on this very question, learning that 87 percent of banking consumers have shared their checking/debit information with at least one third-party:
- 78% Digital payment tools
- 73% Employer
- 38% Utilities
- 38% Insurance companies
- 26% Credit card companies
- 14% Gym (for membership fees)
- 8% Landlord
One in five (21 percent) report sharing their debit card information regularly, including card number, expiration and security code. Due to the sensitive nature of this information, always think twice before linking a third-party to your bank account and be sure to monitor your accounts closely.