Intelligent CISO Issue 80 | Page 13

One in eight Brits have had online account breached
‘ Pig butchering ’ scammers targeting job seekers with cryptocurrency fraud

CISO news

One in eight Brits have had online account breached

O ne in eight ( 12 %) Brits have had an online account breached according to new research from Thales .

The survey of 2,000 UK consumers highlights a worrying lack of awareness about this growing threat , with one in 10 stating they do not feel confident in spotting the signs .
The 2024 Imperva Bad Bot Report highlights a significant increase in account takeover ( ATO ) attacks , with a 10 % year-on-year growth . The report also notes that 11 % of all login attempts across the Internet are now associated with ATO attempts . This surge is largely driven by a rise in malicious bot traffic , which now accounts for nearly one-third of all Internet traffic .
Tim Ayling , Vice President Cyber Security Solutions EMEA at Imperva , a Thales company , said : “ Account takeover attacks are becoming increasingly prevalent , driven largely by the rise in malicious bot traffic . Our latest research highlights that these automated threats now account for nearly one-third of all Internet traffic , significantly contributing to the surge in account takeovers .”
Alongside account fraud , account takeover attacks are a frequent way that online accounts are compromised by bad actors . Account takeover attacks are distinctive in that they ’ re typically automated .
Attackers might try credential stuffing , for example , where bots are used to repeatedly attempt to log into a user account using a common list of common or breached passwords .

‘ Pig butchering ’ scammers targeting job seekers with cryptocurrency fraud

P roofpoint threat researchers have released new insights uncovering a concerning rise in cryptocurrency scams targeting job seekers with fake job offers .

For years , Pig Butcher scammers have swindled victims out of billions by luring them into fake cryptocurrency investments . Recently , Proofpoint observed a shift towards job scamming , tapping into a market of financially insecure victims .
The scam exploits psychological mechanisms such as the Sunk Cost Fallacy , Loss Aversion and the Principle of Reciprocity , making it alarmingly effective , and according to Chainalysis – a cryptocurrency investigation company – these scams have already netted substantial amounts in cryptocurrency . For example , a fake site impersonating Daptone Records made over US $ 300,000 in just two months .
Key findings from the research include :
• There has been an increase in cryptocurrency fraud using fake job lures , impersonating well-known organisations .
• These begin with unsolicited messages on social media , SMS , or messaging apps such as WhatsApp and Telegram promising work-from-home opportunities , exploiting the popularity of remote jobs .
• Victims are directed to register on malicious websites , often requiring referral codes . Once registered , victims perform tasks like fake reviews or product orders .
• Eventually , victims encounter ‘ errors ’ requiring them to pay into fake accounts , lured by promises of bonuses .
• A high confidence that these scams are linked to ‘ Pig Butchering ’, a romance-based cryptocurrency investment fraud : the job fraud offers smaller but more frequent returns for scammers compared to traditional Pig Butchering .
• Scammers leverage brand recognition instead of long romance scams and use flexible platforms for various lure types .
In June 2024 , the FBI issued a warning about these fraudulent job scams originating on mobile devices . To protect against these scams , Proofpoint recommends vigilance regarding unsolicited job offers , never providing money to supposed employers and spreading awareness .
In conclusion , the report found that cryptocurrency investment and job-related scams are extremely prevalent and use sophisticated social engineering techniques to convince people they are legitimate . Just like confidence scammers have done for centuries , fraudsters continue to promise easy money to unsuspecting targets to swindle them .
WWW . INTELLIGENTCISO . COM 13