According to ACFE research, organizations worldwide are losing an estimated 5 percent of their annual revenue to fraud, which translates to more than $3.5 trillion annually. The various types of fraud challenges in an organization are Internal Fraud, Vendor Fraud, Spam, Identity Theft, Account Takeover and Terrorism.
Popular trends in cyber fraud are Malware, Phishing and Social Engineering.
Malware is equal to malicious + software. It could be a software or code that is designed typically to spoil, disrupt, steal or inflict some other “harmful” or illegitimate action. A vast number of malware infections are caused by some action from a user like opening an e-mail attachment or URL, downloading a file from the Internet, Viruses, Worms, Trojans and botnets.
A fraudulent attempt usually made through email in order to steal someone’s personal information. Phishing emails usually appear to arise from a well-known organization and ask you for your personal information. It is possible that these attempts will appear to come from an organization or person that you do business with or you know personally.
Phishing trends: Started out as a way to acquire user ids, password, and other confidential data. These credentials are then used to logon to the online applications (i.e. internet banking) and transfer funds to other "money mule” accounts. There are two types of phishing. spear phishing-Targeted phish against a specific organization, and whale phishing- a spear phishing attempt that targets the CEO or high level executive of a company.
Social Engineering is the act of manipulating people into performing actions or divulging sensitive information. Social engineering is typically carried out face-to-face, email or by phone.
The best examples of social engineering ranges from Nigeria Scams to ‘Visa Fraud Department’ to hacking Gmail, AOL accounts. Social Networking makes it easy to provide real information about the victim.