, who goes by the pseudonym "EvaPiks" on several underground cybercrime forums, appears to have been careless enough to have left a trail of digital breadcrumbs that led to Check Point's researchers uncovering his/her online history and persona.
Social engineering -- manipulating human behaviour -- is still key in the cybercriminal
In 2019, McAfee predicts that this underground industry will consolidate, creating larger cybercriminal
You can identify the operating capabilities of cybercriminals
,"How did the crime occur?"This information is readily available from security research firms and the court documents from cybercriminals
who have been brought to justice.
A common scheme is for the cybercriminal
to call an individual and pose as a member of the company's information technology team, indicating to the team member that there is a "problem" with the team member's email account.
We also saw the range of financial organisations that cybercriminals
have been trying to penetrate expand significantly.
Rechtman is correct that no system is foolproof; eventually, cybercriminals
will find their way around even 2FA.
The high level of sophistication of the services and tools we found in the North American underground allows cybercriminals
to thrive across the spectrum of expertise, said Raimund Genes, CTO, Trend Micro.
looking to minimise the risk of criminal prosecution switched from malware attacks to the aggressive distribution of adware.
It used to be that cybercriminals
needed skills at all stages of the attack: reconnaissance, exploitation, evasion, etc.
According to the report, the uniformity of Trojan programs and the scale of activity points to a greater professionalism among cybercriminals
, whose aim is to profit from criminal activity and not raise the attention of the press or law enforcement to their stealth tactics.
For example, the cybercriminal
operation "MageCart" targets online retailers by creating websites that mimic their victims' websites and inserts malicious code to capture card data.