Cyber security is the act of using technologies, processes and controls to protect systems, networks, programs, devices and data from cyber attacks. It helps at reducing the risk of cyber frauds and protect against the unauthorized access to data, networks and applications.
Thus, Fraud in itself is when trickery is used to gain a dishonest advantage, which is often financial, over another person. Cyber fraud then is any fraudulent act dealing with computers, data and networks. Over the years many terminologies has been employed to describe this wicked act, from scam, con, swindle, extortion, sham, double-cross, hoax, cheat, ploy, ruse, hoodwink, to yahoo-yahoo. However as the name changes so also their operations has seen evolution over the years. The 2019 Financial Cost of Fraud report estimates the cost of fraud to the UK is between £130bn – £190bn a year. The Office for National Statistics (ONS) say that people are more likely to fall victim to fraud or cyber offences above any other crime. Between April 2018 and March 2019 there were 741,123 crimes were reported to Action Fraud, £2.2bn lost by victims and 65% of reports were from businesses and 35% from individuals. More notably is the fact the numbers are rising as the years go by. For us to effectively address this issue, we have to first understand cyber fraud in itself and it’s various forms of manifestations. Thus we’d briefly talk about various types of cyber frauds.
Types of cyber crime
Cyber crime can be of many types. Types of cyber attacks are discussed below:
Hacking
Hacking is basically gaining unauthorized access to your system profit, data, information gathering, or to evaluate system weaknesses. This is a deliberate and premeditated action done by targeting flaws of systems to defraud.
Virus Dissemination
It involves direct or unauthorized access to system by introducing malicious programs known as viruses, worms etc. Virus needs host while worms are standalone. These viruses are scripted codes that performs tasks when it’s finally in a system that’s not authorized by the owner. These acts can range from duplicating files, to recreating documents.
Denial of Service
This brings down the server (any server). It is known as the flooding machine with requests in an attempt to overload systems. It also uses bots for tasks. The bots perform repetitive actions which are humanly impossible. They are verily used in guessing passwords and forcing logins, it’sno wonder many systems limit their login attempts because of these bots, to prevent them from trying every combination possible.
Credit Card Fraud
Card fraud begins either with the theft of the physical card or with the comprise of data associated with the account. This is a very serious mode of digital fraud in Nigeria and the whole world at large. In times past credit cards thefts are very as there are various gateways to bypass, not only do you need the credit card physically or the information on it ( For online transactions), then you’d need also have the accounts pin, token or OTP code. However with the evolution of payment gateways who rarely asks for these codes unlike previous times, credit card fraud has really been on the rise, as many payment gateways do not ask for pin nor send OTP.
Phishing
A malicious individual or group who scam users. They do so by sending e-mails or creating fake web pages that are designed to collect an individuals information or online bank credit card, or other login information.
Sim or Application Hijacking
A common fraud is the sim swap fraud where a stolen phone sim would be retrieved or hijacked. This is why locking device is very important. This also enables fraudsters to hijack WhatsApp accounts as switching WhatsApp accounts only require the 6 digits code majorly sent on setup, and these codes can be seen on some devices which are setted to show sensitive information while still locked. This is why WhatsApp and other similar apps are introducing the 2 Factor Authentication, to further increase security. These can be prevented by early steps after phone loss.
What leads to the commission of cyber crime?
There are 4 main things which aids cyber crime access.
Breach Because of Mobile Devices
In 2015, mobile devices had less than 1% infection rate, so they were considered safe. Now, more than three-fifths of IT security professionals report that it is either certain.
Embedding Malware Into Legitimate Applications
Cyber criminals have embedded malware into legitimate applications and they are targeting poorly secured WiFi spots, stealing passwords, and more in their quest to steal information.
Exploiting Unauthorized Products
In many cases, attackers like to exploit unauthorized products having weak security controls in the corporate cloud.
Unlimited Internet Access
By using internet, we have given convenience in accessing without any limitations. This is the foremost factor which causes cyber crime as bots have a non-stop time to hack systems.
How can you protect against cyber fraud?
CONTINUALLY UPDATE YOUR COMPUTER AND MOBILE DEVICES.
Cybercriminals frequently gain access to information by using known flaws in the software and operating systems that run your computer or phone. Updates are crucial; patching these flaws and vulnerabilities can make it less likely that you will become a victim of a successful cyberattack.
Use a full-service internet security suite
For instance, Norton Security provides real-time protection against existing and emerging malware including ransomware and viruses, and helps protect your private and financial information when you go online.
USE GOOD PASSWORD HABITS.
Do not repeat passwords across multiple websites, change your passwords every three to six months, and create strong, difficult-to-guess passwords. New research indicates that long passwords can be just as effective as passphrases if you avoid terms or names that can be directly tied to you. Remember to use a combination of letters, numbers and symbols whenever possible. For a brief description of passwords and passphrases.
Manage your social media settings
Keep your personal and private information locked down. Social engineering cybercriminals can often get your personal information with just a few data points, so the less you share publicly, the better. For instance, if you post your pet’s name or reveal your mother’s maiden name, you might expose the answers to two common security questions.
MAINTAIN STRICT ACCESS TO YOUR SENSITIVE APPS, COMPUTER AND DEVICES.
For mobile devices, enable a PIN/passcode and choose the option within your settings for auto-lock. For computers, keep multiple profiles, which will enable you to apply restrictions to accounts used by younger children.
ALWAYS BACK UP THE DATA ON YOUR COMPUTER AND YOUR MOBILE DEVICES.
Even the best machine or device may become compromised or crash. Regular backups to an external hard drive will help you recover your information in these situations. They can be purchased at any electronics store and programmed to perform nightly backups of either specific files or everything on your computer. Make use of redundant backups by using an external hard drive and a secure cloud provider for irreplaceable items, such as family photos.
Always Take required measures to help protect yourself against identity theft ( 2FA Authentications, 2 Step verifications, Encryptions and Private Questions)
KNOW WHAT TO DO IF YOU SENSE A BREACH
If you discover that your information has been exposed, you may want to enable a fraud alert or a credit freeze on your credit information. A fraud alert on credit reports requires potential creditors to contact you and obtain permission to open new accounts or lines of credit. A security freeze may help block institutions or lenders from accessing your credit report, unless a pre-set PIN is provided to “thaw” the report, which prevents them from opening new accounts in your name.
Anthony G. Otun, M.F.M
C.T.O IRD Tech Lab
