BID® Daily Newsletter
May 17, 2022

BID® Daily Newsletter

May 17, 2022

Cybersecurity is High – How to Keep Fighting

Summary: Cybersecurity is a top priority these days. Cybercriminals are crafty and can find their way in. Last year, all forms of cybercrime showed an increase, resulting in $6.9B of losses. Today, we cover five forms of cybercrime that particularly stand out.

Research by engineers at the University of California at Santa Barbara resulted in a 12-in robot jumping 100x its own height – about the height of a 10-story building! This is not only unprecedented in the animal kingdom, but is also the first time that a jumping robot has achieved such heights. Who knows what is next for these nimble robots!
Unfortunately, cybercriminals are also nimble. They find the weakest link and pounce. For instance, an American who is at least 60 years old, single, and feels a little intimidated by computers is the perfect target for much of the cybercrime that happened in 2021, according to the annual Internet Crime Report by the Federal Bureau of Investigation (FBI). Yet, there are many other victims too — no one is safe out there.
Community financial institutions (CFIs) are adept at communicating these risks to their employees and customers, but it is a fast-moving environment. So, we take a look at the recent statistics and the cyber risk areas of highest concern.
Released on March 22, the FBI’s report indicates that all areas of cybercrime increased YoY in 2021. The number of complaints about cybercrime rose by 7% and the amount lost to cybercrime increased by 64% to $6.9B. Within those overall numbers, these five categories of cybercrime stand out for their aggressive increase.
Romance scams

Last year was the best year ever for thieves out to bilk the lovelorn and lonely. These romance scams brought in at least $1B from 24K victims in 2021, according to the FBI’s report. The Federal Trade Commission reported $547MM in romance scam losses in 2021, up from $307M in 2020 and $202M in 2019. Actual numbers are probably higher, because many victims of romance scams are ashamed to report their losses.
  • Where they start. Dating apps are a place where many romance scammers meet their victims. Though that’s changing.  One-third of reported victims say that first contact happened on Facebook or Instagram.
  • Why they increased. The jump in romance scams is probably at least in part because of the pandemic, which forced many people into social isolation and increased the degree to which they depended on technology to meet their emotional needs. Tinder users, for instance, sent 19% more messages in 2021 than in 2020, and had conversations that were 32% longer than before the pandemic.
Phishing, vishing, smishing, and harming
These crimes, which all center around attempts to persuade a victim to give up valuable information, happened a reported 324k times in 2021, an increase of 34% YoY. These attacks begin with an email asking the victim to visit a fraudulent website (phishing), a telephone call asking the victim to “verify” bank or credit card information (vishing), an SMS message link (smishing), or a secret redirection to a third-party website (pharming).
Incidents of malware through any and all of these channels have increased since the invasion of Ukraine, so it is particularly important to be diligent with your cybersecurity hygiene. In light of this, a joint advisory was recently published by the Cybersecurity & Infrastructure Security Agency and the FBI to provide clear direction on how to protect against such attacks. Here are the important steps to stay safe.
  • Set antivirus and antimalware programs to conduct regular scans
  • Enable strong spam filters to prevent phishing emails from reaching end users
  • Filter network traffic
  • Update software
  • Require multifactor authentication
Cryptocurrency fraud had a banner year in 2021, with scammers stealing $14B from unwitting consumers — nearly double the $7.8B thieves took in 2020. Many cryptocurrency scams persuade victims to put money in nonexistent investments or buy newly created coins or tokens. Some crypto thieves combine this form of crime with romance fraud, telling victims about “can’t miss” cryptocurrency investments or asking a victim to “confirm” his/her crypto wallet key information. CFIs need to impart particular caution on their crypto customers, as cryptocurrency is still a difficult area to track and resolve.
Tech-support fraud

Thieves have another scam where they either call or email consumers stating that there’s something technically wrong with their computers, credit cards, or bank accounts. This type of scam pulled in nearly $350B in 2021, up from just under $150B in 2020 — over 130%! Thieves branched out, impersonating not only computer companies, but also brokerages, large and small financial institutions, utility companies, and virtual currency exchanges. Continue to communicate with your employees and customers that they should not react to these notices, but instead contact the organization directly, if there are concerns.
Scams targeting seniors

Virtually every kind of scam takes in more older people than younger people, usually for more money per individual victim. In 2021, people in their 20s lost $431MM. Victims over age 60 lost $1.68B. While seniors stay up-to-date on news and politics, they are less likely to know the latest cybersecurity issues or malware trends. Providing regular information to customers on what to be on the lookout for and how to report any issues, continues to be important for these customers.
Most people are not aware about how and where to report such crimes. Unless the amount is high, they don’t report it at all,” according to Pranav M B, communications lead, Centre of Internet and Society.
Cyber risk is not going away and Americans were hit hard last year. The US was the country most hurt by cybercrime in 2021. Government agencies and financial institutions, including CFIs, are working to make 2022 a better year for consumers and a worse year for thieves. Together, we can do it.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.