Data breach

Identity theft investigations are steadily increasing and exhibiting ever-changing characteristics as hackers continue to refine these highly effective and profitable ways of fraud.

Registration via user and password on the web for various reasons is no longer in step with the times: on the one hand, entering users’ personal data becomes more and more complicated due to the growing number of services used. On the other hand, the security of access data is increasingly at risk due to the growing technical possibilities available to cybercriminals.

Brute force attacks or even phishing emails, which may appear harmless at first, are on the rise, and users often don’t even notice that their login details have been intercepted.

The cyber attack on Garmin, which involved the payment of a ransom of 10 million dollars to Russian hackers

The attack on Facebook in September 2018 resulted in the direct compromise of 50 million personal data and 40 million indirectly. In this case, the use of tokens used to access the platform allowed hackers to take possession of the accounts. The use of the token as an identification card to access specific features of a digital system is a string of characters that contains the information necessary to identify a specific user, or more generally any application. By stealing the token, a hacker can assume the identity associated with the token and access the platform undisturbed in its place.

Generally, the techniques used initially involve the replacement of identities or the appropriation of digital identities enabled for the use of the digital service. Subsequently, the systems begin to show the first malfunctions. In the beginning we fear technical failures, but as the hours go by we discover that we are the subject of a cyber attack and it is already too late!

Often the hacked identity becomes the enabler to install the malaware that encrypts systems and makes them unusable until a ransom is paid.

All online services become inaccessible, email, e-commerce, access to CRM systems, call centers. The target company becomes aware that it is the object of a (criminal) cyber attack only after a few days, without the possibility of defense.

The company becomes hostage to hackers. All this is achieved by simply piercing the servers through the interception of identities: users, passwords, pins, tokens, unprotected connections, servers located remotely.

In 2020, due to the Sars-Covid epidemic, the days dedicated to online discounts have multiplied and it has become increasingly common to make transactions even from mobile devices or buy products and services online, even for those who work in the company. This trend and greater familiarity with digital tools are seeing an increase in new ways of fraud and “digital theft”: identity theft. Identity theft means the appropriation and fraudulent use of personal, financial or confidential data in order to obtain illicit gain.

The most common techniques are phishing and scam which involve slightly different methodologies of approach to carry out identity theft. 30% of users in 2017 opened phishing emails, and 12% clicked on the scam link contained therein, according to the Verizon Data Breach Investigation report.

Identity theft investigations are steadily increasing and exhibiting ever-changing characteristics as hackers continue to refine these highly effective and profitable ways of fraud.

In this context, where secure authentication on the World Wide Web is required throughout the world, the My-ID digital platform is inserted: the only key is me !. The unique multi-factor biometric solution produced by aCrm net.

SHARE THIS

Share on linkedin
Share on whatsapp
Share on facebook
Share on twitter
Share on email