Data Nukes

Secure Data Destruction

Crimeware

By

crimeware
What is crimeware?

According to the 2015 Verizon’s Data Breach Investigations Report, the second most common attack pattern involves crimeware – 18.8% of confirmed data disclosures fall into this category. So what exactly  is crimeware and how can it be prevented?

Crimeware is a type of malware that is specifically designed to automate a cybercrime. Unlike other forms of malware, like spyware or adware, crimeware is created for the purpose of stealing an individual’s identity and/or accessing their financial accounts with the intention of stealing funds or completing unauthorized transactions. Crimeware is also being used to steal confidential or sensitive corporate information.

Here are some methods criminals use to install crimeware:

  • Installing keystroke loggers on computers to track log in and password information input by the computer user.
  • Redirecting a web user to a counterfeit website that is controlled by the criminal. This can happen even if the user has entered the correct web address.
  • Pulling password information that is saved in computer history (cached).
  • Breaking into networks using remote applications for the purpose of committing a cybercrime.
  • Encrypting data on a computer and requiring the computer owner to pay a ransom to regain access to their computer and data.

Crimeware can be installed on a victim’s computer in the following ways:

  • Through a vulnerability in a web application, like the browser that you use.
  • Through fraudulent emails that mirror legitimate businesses and get their victims to open attachments that have the crimeware in them.
  • Remote exploits that allow the criminals to compromise servers.

What are some things you can do to protect yourself from crimeware?

  • Use anti-virus software and be sure it is up-to-date
  • Verify, check, and verify again that an email is legitimate before you click through to a website requesting you to log in and use your password. Call the sending party first to verify – check, check, check!
  • Don’t open an attachment from someone you don’t recognize.
  • Set up two step verification for your email accounts – and bank accounts, if possible.
  • Set up alerts on your bank accounts for activity over a certain amount.
  • Password protect all of your data containing devices.
  • Subscribe to an identity theft protection service.

Unfortunately, it is difficult to stay ahead of cybercriminals but you can reduce the risk of becoming a victim of crimeware by being educated, and paranoid, when it comes to your online activities.

Contact us for data security on your unwanted data containing devices (computers, laptops, smart phones, servers, tablets). Our comprehensive data destruction services can protect your personal and corporate identity and confidential information by ensuring that all data on devices is properly destroyed.