According to statistical data from 1 Jan. 2022 – 30 June 2023, there have been 280,000 cases of deception, with a damage value of 39 billion baht, or an average of 88 million baht per day, as reflected through the stage to create knowledge and understanding. and awareness of cyber security by the Office of the National Cyber Security Commission (NCMC).
Mr. Phutthakhun Phutthawattanakul, a cyber security expert, gave information that we are now living in the world of cyberspace. or the online world, which is an electronic system used to communicate more This leads to the most common online dangers being: 1. More than 51,000 cases of product fraud. Accounting for 32.67 percent
2nd place: 22,000 cases of fraudulent transfer of money to earn income from activities; 3. 18,000 cases of deceiving people into borrowing money but not receiving the money; 4. 14,000 cases of fraudulent investment that is not considered to be defrauding the public; 5) Call gang cases. Center 12,000 stories
If you drill down and look “Cyber threats” Currently, Thai people are most likely to be deceived in 3 types: The first type of threat… “Criminals on Social Media” is a Social Engineering attack that uses human weaknesses to trick people into stealing information. Or trick the victim into doing something, such as sending a fake email to a fake website. to steal passwords
But “the weaknesses of each human being are often different” can be separated into 7 parts: the first part…“Fear” Everyone has a certain feeling of fear and “villains” will use this weakness to influence them by using their power to put pressure on victims to act quickly, such as pretending to be a government official and contacting them to report that the parcel is left behind and suspected of being involved in something illegal. This makes some people easily afraid of being tricked into handing over important personal information.
The second part…“Hustle” The nature of the phone call has been rushed without giving the victim time to think. To force someone to make a decision within a short period of time For example, in the case of pretending that your account is suspended, you must change your password within the specified time or you may not be able to log in.
The third part...“Greed” Scammers use this method to trick victims into receiving special offers or free things.
The fourth part…“Curiosity” Tricking people into clicking on links to open files with interesting, curiosity-provoking content attached to them.
Next comes the fifth part…“Use credibility” People who often claim to be government officials fake emails, websites, and documents that look similar to the real thing, tricking people into clicking on links to fill out information.
Part six… “Distracting attention” Tricking them into doing other things so that they don’t have to check for abnormalities, such as pretending to send a PDF file to ask the victim to help print the file and then the file is attached with malware.
Part seven…“Trick me into loving you” who use this love to seek benefits to transfer money or other assets When the victim becomes aware, they will flee. All of which is a big process. and develop technology to hack victims’ data and analyze it to find each person’s weaknesses. The more people become victims, the more money the “villain” will have to develop the system.
Later, cyber threats “Phishing email scams” are one of the most common online scams. “Which has a pattern of using tricks. and impersonating a corporate website” that targets personal information such as credit card numbers. ID card number Password to login to the victim’s online account
For many formats such as “Spear phishing” is a targeted attack. “Specific” makes the crime more subtle. This is because criminals often have gathered information about their victims beforehand and then “analyzed” it to increase efficiency. and credibility in deception
There is also a “Whaling” format that targets senior executives in order to steal large sums of money. Phone calls and phishing messages (Vishing/Smishing) are divided into phone phishing (vishing), calling. The victim claims to be a representative of a government agency, threatening them and reporting a serious problem. and forcing the sending of personal information and SMS phishing (smishing) email attacks
Next is “Pharming” which is similar to sowing seeds and waiting for harvesting to produce a large amount of produce, such as creating an application for people to download for free. and wait for the moment to collect the user’s personal information Therefore, in order to carry out transactions in the online world “It should be carefully screened” because cyber threats are becoming more serious.
Emphasizing this, “The danger of personal data theft” often comes in various forms in internet fraud or scams, divided into many types such as “Credit card scams” which are scams sent via email. To confirm credit card information from the bank In order not to have the card cancelled.
They may also call to ask for information claiming to be a credit bureau service provider. to confirm the card and information on the card This allows the offender to obtain information on the card number, name, and the number on the back of the card as well.
In the “Win Scam” section, it is an email that tricks the victim into receiving a huge prize of money. But you must submit information such as the front of your ID card. Verify your identity or transfer the fee for receiving the prize There is also the “Customs Fee Scam,” which involves contacting the victim and getting acquainted with them and then offering to send them the goods but having to pay a fee. or various fines
Nowadays, “all over the world is aware of cyber threats” because in 2022 KASPERSKY’s detection system found attacks on users with various malicious virus files, more than 400,000 files per day, approximately 5% more than in 2021, especially the proportion of Detected malicious software increases 18%, predicts upcoming cyber threats in 2023
For example: 1. The Ukraine war will cause an increase in international cyberattacks. 2. Increased attacks targeting spacecraft and drones. 3. Social media attacks, including the use of targeted deepfakes.
and 4. Cyber attacks via cloud computing will become more severe. 5. Increased attacks on critical infrastructure that will have severe and widespread impacts on society. 6. Ransomware will return in new, more dangerous form. 7. More IoT devices will be targeted by attacks or botnets to conduct DDoS attacks.
The question is: “Where did the stolen data go?” As for the websites we use on a daily basis, called “Surface Web,” there are about 4% of them. This type can be searched using a search engine and can be accessed using a web browser. A standard that does not require any special configuration.
As for 90% in the Deep Web, it is information or websites that are not indexed by standard search engines such as Google or Yahoo. This means that general users will not be able to find those websites through Search Engine, but can still access them. You can go through the URL as usual.
And another 6% is on the Dark Web, which is a gray area that is home to hackers. and computer crime groups It “offers a wide range of illegal services.” Stolen digital data includes hidden economic data such as stolen credit cards. In the US, they sell for $5-30, UK $20-35, Canada $20-40.
A password for a bank account with a balance of $2,200 sells for $190. A bank account password with an invisible fund transferred to a bank in the United States for a balance of $6,000 sells for $500. In England, a balance of $10,000 sells for $10,000. $700 and account balance $16,000 sells $900
This makes the future “We will no longer face thieves running around on the streets,” but instead may face hackers picking into the pockets of people in the digital world, who will fall victim to thousands at once.
Tags: Hackers steal data sell causing Thailand lose billion baht year
-
