How Cyber Criminals Are Using Social Media To Hack Bank Accounts

Criminals are using social media to check when customers are contacting banks about problems and then posing as the bank in order to hack people's data, according to the head of the Irish Garda National Cyber Crime Bureau, who said Gardaí have had multiple incidents of this activity reported to them.

Det Supt Michael Gubbins said cyber-crimes will become increasingly stealthy and hard to detect in the coming years. One example could be the increasing use of so-called fileless malware, where malware doesn't sit on a computer's hard drive but in its RAM, a temporary storage part of the computer where the malware is harder to detect.

But social engineering, using manipulation and deception in order to obtain the information being sought, like the example of calling people who have been interacting with banks online -remains "at the very top" of potential threats, he said.
He said businesses need to educate their employees to be conscious of cyber security best practice. 

"You've got to let them know what's happening out there...it's not all about technology or having the best IT equipment, because it doesn't capture everything," he said. "Co-operation among all relevant actors is key."

Det Supt Gubbins was speaking at Dublin Information Sec 2018, a cyber security event organised by Independent News & Media, the leading Irish publisher. The increasing usage of crypto-currencies like Bitcoin has seen new types of cyber-crime emerge, Det Supt Gubbins said, with users of the currencies being targeted by hackers attempting to steal the digital currency.

So-called "crypto-jacking" has also emerged, whereby hackers infiltrate a computer and use it to engage in the resource-intensive process by which a Bitcoin is created, known as "mining". Other common attacks include ransomware, for example where a computer is locked by a hacker who demands a payment in order to allow a user to regain access. 

Det Supt Gubbins said this has become less common in recent years as people had become more savvy in terms of preventing it. He also urged attendees to make sure to stress-test their cyber-security systems in the same way as they would carry out a fire drill.

Irish ndependent

You Might Also Read:

Cyber Criminals Are Outspending Business:

« China Is 'biggest state sponsor of Cyber-Attacks on the West'
35 Million 2018 US Voter Records For Sale »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

CircleCI

CircleCI

CircleCI’s platform allows developers to rapidly release code (for web and mobile apps) they trust by automating the build, test, and deploy process.

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

Tinfoil Security

Tinfoil Security

Tinfoil is a simple, developer friendly service that lets you scan your website for vulnerabilities and fix them quickly and easily.

7Safe

7Safe

7Safe has been delivering hands-on digital security training courses since 2001 and offer e a portfolio of university and industry-accredited courses.

OSIRIS Lab - NYU Tandon

OSIRIS Lab - NYU Tandon

The Offensive Security, Incident Response & Internet Security Lab (OSIRIS) is a security research environment where students analyze and understand how attackers take advantage of real systems.

FFRI

FFRI

FFRI is committed to research and development of preventing the most advanced cyber-attacks and breaches.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Abnormal Security

Abnormal Security

Abnormal is an API-based email security platform providing protection against the entire spectrum of targeted email attacks.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

Norma Inc.

Norma Inc.

Norma provides the secured wireless environment (WiFi and Bluetooth) with the unauthorized AP detection, and secures your IoT assets from various threats.

OmniCyber Security

OmniCyber Security

Omni is a cyber security firm specialising in Penetration Testing, Managed Security and Compliance.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.