How Cyber Criminals Are Using Social Media To Hack Bank Accounts

Criminals are using social media to check when customers are contacting banks about problems and then posing as the bank in order to hack people's data, according to the head of the Irish Garda National Cyber Crime Bureau, who said Gardaí have had multiple incidents of this activity reported to them.

Det Supt Michael Gubbins said cyber-crimes will become increasingly stealthy and hard to detect in the coming years. One example could be the increasing use of so-called fileless malware, where malware doesn't sit on a computer's hard drive but in its RAM, a temporary storage part of the computer where the malware is harder to detect.

But social engineering, using manipulation and deception in order to obtain the information being sought, like the example of calling people who have been interacting with banks online -remains "at the very top" of potential threats, he said.
He said businesses need to educate their employees to be conscious of cyber security best practice. 

"You've got to let them know what's happening out there...it's not all about technology or having the best IT equipment, because it doesn't capture everything," he said. "Co-operation among all relevant actors is key."

Det Supt Gubbins was speaking at Dublin Information Sec 2018, a cyber security event organised by Independent News & Media, the leading Irish publisher. The increasing usage of crypto-currencies like Bitcoin has seen new types of cyber-crime emerge, Det Supt Gubbins said, with users of the currencies being targeted by hackers attempting to steal the digital currency.

So-called "crypto-jacking" has also emerged, whereby hackers infiltrate a computer and use it to engage in the resource-intensive process by which a Bitcoin is created, known as "mining". Other common attacks include ransomware, for example where a computer is locked by a hacker who demands a payment in order to allow a user to regain access. 

Det Supt Gubbins said this has become less common in recent years as people had become more savvy in terms of preventing it. He also urged attendees to make sure to stress-test their cyber-security systems in the same way as they would carry out a fire drill.

Irish ndependent

You Might Also Read:

Cyber Criminals Are Outspending Business:

« China Is 'biggest state sponsor of Cyber-Attacks on the West'
35 Million 2018 US Voter Records For Sale »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cogeco Peer 1

Cogeco Peer 1

Cogeco Peer 1 provide Data Center, Cloud Infrastructure, Managed IT, Managed Security, Data Connectivity and Voice Services.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

Zimperium

Zimperium

Zimperium offers enterprise class protection for mobile devices against the next generation of advanced mobile attacks.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

AnChain.AI

AnChain.AI

AnChain.AI's analytics platform proactively protects crypto assets by providing proprietary artificial intelligence, knowledge graphs, and threat intelligence on blockchain transactions.

Pentest360

Pentest360

Pentest360 is a 24x7x365 Penetration testing service offered through a feature-rich, centralised platform on the cloud that delivers instant visibility during security assessments.

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

Humming Heads

Humming Heads

Humming Heads offers a complete solution to fight the advanced threats that target a company's endpoints and servers.

RecoLabs

RecoLabs

Reco’s proprietary AI technology dynamically maps business interactions within your collaboration tools to identify sensitive assets shared and uncover incidents that are relevant to your business.

Akamai Technologies

Akamai Technologies

Akamai's leading security, compute, and delivery solutions are helping global companies make life better for billions of people, billions of times a day.

ProArch

ProArch

ProArch is a global team of multidisciplinary experts in cloud, infrastructure, data analytics, cybersecurity, compliance, and software development.