How Cyber Criminals Are Using Social Media To Hack Bank Accounts

Criminals are using social media to check when customers are contacting banks about problems and then posing as the bank in order to hack people's data, according to the head of the Irish Garda National Cyber Crime Bureau, who said Gardaí have had multiple incidents of this activity reported to them.

Det Supt Michael Gubbins said cyber-crimes will become increasingly stealthy and hard to detect in the coming years. One example could be the increasing use of so-called fileless malware, where malware doesn't sit on a computer's hard drive but in its RAM, a temporary storage part of the computer where the malware is harder to detect.

But social engineering, using manipulation and deception in order to obtain the information being sought, like the example of calling people who have been interacting with banks online -remains "at the very top" of potential threats, he said.
He said businesses need to educate their employees to be conscious of cyber security best practice. 

"You've got to let them know what's happening out there...it's not all about technology or having the best IT equipment, because it doesn't capture everything," he said. "Co-operation among all relevant actors is key."

Det Supt Gubbins was speaking at Dublin Information Sec 2018, a cyber security event organised by Independent News & Media, the leading Irish publisher. The increasing usage of crypto-currencies like Bitcoin has seen new types of cyber-crime emerge, Det Supt Gubbins said, with users of the currencies being targeted by hackers attempting to steal the digital currency.

So-called "crypto-jacking" has also emerged, whereby hackers infiltrate a computer and use it to engage in the resource-intensive process by which a Bitcoin is created, known as "mining". Other common attacks include ransomware, for example where a computer is locked by a hacker who demands a payment in order to allow a user to regain access. 

Det Supt Gubbins said this has become less common in recent years as people had become more savvy in terms of preventing it. He also urged attendees to make sure to stress-test their cyber-security systems in the same way as they would carry out a fire drill.

Irish ndependent

You Might Also Read:

Cyber Criminals Are Outspending Business:

« China Is 'biggest state sponsor of Cyber-Attacks on the West'
35 Million 2018 US Voter Records For Sale »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

National Cybersecurity and Communications Integration Center (NCCIC)

National Cybersecurity and Communications Integration Center (NCCIC)

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

Zercurity

Zercurity

Zercurity is on a mission to build the ultimate cybersecurity operations platform for businesses. To help protect against a growing number of internal and external threats.

Cyber Security Forum Initiative (CSFI)

Cyber Security Forum Initiative (CSFI)

CSFI is a non-profit organization with a mission to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

DEFENTEK - National Security Informatics

DEFENTEK - National Security Informatics

Defentek (aka National Security Informatics) is a technology consortium covering a broad spectrum of intelligence computing solutions and interception technologies.

Enea

Enea

Enea is one of the world’s leading specialists in software for telecommunications and cybersecurity. Our products are used to enable services for mobile subscribers, enterprise customers and IoT.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

Ermetic

Ermetic

Ermetic’s identity-first cloud infrastructure security platform provides holistic, multi-cloud protection in an easy-to-deploy SaaS solution.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Offensive Security Manager (OSM)

Offensive Security Manager (OSM)

Offensive Security Manager is the ultimate AI software that will enforce offensive security automation, orchestration, coverage, ensure quality, and lets you manage whole process.

Foghorn Consulting

Foghorn Consulting

Foghorn can analyze your cloud to enhance performance and security, while reducing costs. Based on AWS’ 6 Pillars, our AWS WAFR Certified Engineers Will Identify Areas of Improvement.

SecAI

SecAI

SecAI is an innovative threat intelligence-driven, and AI-powered vendor aiming at cyber threat detection and response.

Cypherleak

Cypherleak

Cypherleak provide Automated Cyber Risk Monitoring & Ai powered cyber recommendations.