A day in the life of a Cybercriminal. Defend yourself!
Have you ever thought about what a typical day might look like for a cybercriminal?
Let’s take a look!
? 7.00 AM. I normally start my day by reading the newspaper or watching the news. Staying up to date on current events helps us, cybercriminals, learn about hot button topics that we can use to make our scams relevant and convincing.
? 9.00 AM. I’m off to work! Time to greet the boss – yes, many cybercriminals don’t operate alone. Sure, there are lone wolves, but it’s a common misconception that all cybercriminals work alone in a dark basement.
Many of us have found there is safety in numbers, and we can put our talents and resources together to reach our goals. You may be surprised to learn that organized cybercrime units could operate like a typical business does, with departments, job roles, and maybe even a set salary.
? 10 AM. Time for a team meeting with my coworkers – Our typical pow-wow may start with some small talk, then we discuss the daily game plan and goals. Yes, in an organized cybercrime unit, there are goals and daily objectives we must meet. Tasks are generally broken up and assigned out based on skill level.
My job for the day? Designing and delivering ransomware to some overwhelmed hospital units we’ve been targeting.
? 11.24 AM. I’ve got my first ransomware victim of the day! What should my ransom demand be? Too much and they won’t pay, too little and there’s not enough meat on the bone. Decisions, decisions!
? 1.30 PM. Break time! Let’s browse social media, but which profile should I login with? I’ve created a few fake social media accounts using made-up personas and stolen pictures and sent a friend request to anyone I could find. Now that we are “friends” I can use the personal information I find to craft a spear-phishing attack or coerce them into clicking on a malicious link or file.
? 4.00 PM. Time to end my day with some cold calling, though you may call it a phone scam. I pull out my smartphone and open the called-id spoofing app that will mask my number and begin dialing. Using a massive list of sensitive information that my firm purchased on the Dark Web from a recent breach, I’ve got some great information to reference to make my scam more believable.
As you can see, a cybercriminal’s daily activities share many similarities to our own at work. Of course, their actions are malicious in nature, but they are human, can be working in organized groups, have tasks to do and goals to meet, just like we do. They can be outsmarted though; we just need to keep a level head and exercise skepticism as much as possible. If you’re looking for news or information, visit a reputable website instead of clicking on social media links. If you don’t know the person sending you the friend request, don’t accept it. Don’t give up personal information on a phone call you didn’t initiate and remember, keep your guard up and use your best judgment. If something doesn’t feel right, trust your instincts.?
Related articles: