How Cyber Criminals Are Using Social Media To Hack Bank Accounts

Criminals are using social media to check when customers are contacting banks about problems and then posing as the bank in order to hack people's data, according to the head of the Irish Garda National Cyber Crime Bureau, who said Gardaí have had multiple incidents of this activity reported to them.

Det Supt Michael Gubbins said cyber-crimes will become increasingly stealthy and hard to detect in the coming years. One example could be the increasing use of so-called fileless malware, where malware doesn't sit on a computer's hard drive but in its RAM, a temporary storage part of the computer where the malware is harder to detect.

But social engineering, using manipulation and deception in order to obtain the information being sought, like the example of calling people who have been interacting with banks online -remains "at the very top" of potential threats, he said.
He said businesses need to educate their employees to be conscious of cyber security best practice. 

"You've got to let them know what's happening out there...it's not all about technology or having the best IT equipment, because it doesn't capture everything," he said. "Co-operation among all relevant actors is key."

Det Supt Gubbins was speaking at Dublin Information Sec 2018, a cyber security event organised by Independent News & Media, the leading Irish publisher. The increasing usage of crypto-currencies like Bitcoin has seen new types of cyber-crime emerge, Det Supt Gubbins said, with users of the currencies being targeted by hackers attempting to steal the digital currency.

So-called "crypto-jacking" has also emerged, whereby hackers infiltrate a computer and use it to engage in the resource-intensive process by which a Bitcoin is created, known as "mining". Other common attacks include ransomware, for example where a computer is locked by a hacker who demands a payment in order to allow a user to regain access. 

Det Supt Gubbins said this has become less common in recent years as people had become more savvy in terms of preventing it. He also urged attendees to make sure to stress-test their cyber-security systems in the same way as they would carry out a fire drill.

Irish ndependent

You Might Also Read:

Cyber Criminals Are Outspending Business:

« China Is 'biggest state sponsor of Cyber-Attacks on the West'
35 Million 2018 US Voter Records For Sale »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

IDpendant

IDpendant

IDpendant offers a wide range of services, including authentication technology, client security products, single sign on systems, encryption solutions, card and mobile device management systems.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference is a non-profit, annual, information security conference located in Halifax, Nova Scotia, Canada.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

nsKnox

nsKnox

nsKnox is a fintech-security company, enabling corporations and banks to prevent fraud and ensure compliance in B2B Payments.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

Softanics

Softanics

Softanics’ ArmDot protects .NET apps with advanced obfuscation, control flow protection, and virtualization, securing code against reverse engineering without requiring agents or environment changes.

SignalRed

SignalRed

SignalRed provides the cutting edge next-generation penetration testing and secure development solutions to startups and large enterprises.

Skylark

Skylark

Skylark is a leading global IT services provider, transforming client’s businesses through innovative and advanced technology solutions.

Soteria LLC

Soteria LLC

Soteria LLC are a client-focused organization providing expert advisory, consulting services, and tailored solutions to prevent, detect, and respond to cybersecurity incidents.