SAN FRANCISCO – Online theft of personal data is one of the Internet crimes that has increased the most in recent years, with cybercriminals gaining more sophistication along the way, while data hijacking or “ransomware” crimes have declined, Microsoft’s head of cybersecurity, Diana Kelley, told EFE on Tuesday.
The fraudulent practice of sending emails purporting to be from reputable companies to induce people to reveal personal information, such as passwords and credit card numbers, known as “phishing,” is one of the most common types of cyberattacks worldwide.
“We are seeing a lot of phishing where the attackers are getting more and more sophisticated. They’re using business information and social information to craft their e-mails and get innocent victims to click,” said Kelley.
Phishing is also one of the cybercrimes that is growing at the fastest rate and in Microsoft’s latest intelligence report on cybersecurity it found that in April approximately 0.7 percent of all e-mails were phishing scams.
Although at first glance that figure might seem small, this means that approximately 1 of every 150 e-mails that were analyzed was an attempt to surreptitiously obtain illegal access to personal data.
Moreover, the 0.7 percent figure is significantly greater than the 0.49 percent rate noted in April 2018 and five times greater than the 0.14 percent rate from January 2018.
“This is not anymore the classic phishing example where you get an e-mail from a prince in a country far away asking for money so he can get his throne back and pay you a million dollars. We’re seeing e-mails that are very, very personalized, and they really look like they come from somebody that you know,” said Kelley.
She noted that often the fraudulent e-mails are created to imitate local businesses that some recipients know or have done business with, and thus they may be more willing to provide personal data.
Meanwhile, there has been a reduction in “ransomware” attacks, where criminals introduce a virus into users’ computers via an e-mail, freezing access to their e-mail and other data until the users pay the criminals to “unlock” their devices, which they may or may not do once they’ve received the money.
Ransomware attacks has affected 0.11 percent of all computer systems analyzed by Microsoft at the end of 2017 and early in 2018, but by April 2018 that percentage had dropped to 0.02 percent.
The ransomware cases are concentrated in emerging markets such as Latin America, Africa and Asia.
“We tend to see higher encounter rates in more of the emerging areas than in countries that have been online for a long time. We’re not saying any country is doing something wrong, these are just characteristics of markets that are going through an adoption process,” said Kelley, noting that two factors contribute to this situation.
First, pirated software is much more prevalent in developing economies where online users do not receive as frequent security updates, and second users often do not practice “cybernetic hygiene” as diligently as in more advanced online markets.
Another trend that is on the rise, according to Microsoft, is that of illegally “mining” for cryptocurrency, where online pirates access people’s personal computers and create digital currency such as Bitcoin there without the owners realizing that their system is being used for that purpose.