Social engineering is a form of security fraud that relies on psychological manipulation techniques to trick people into revealing sensitive information. In the previous two articles in this series, we discussed in depth what social engineering is, and highlighted a variety of both common and sophisticated social engineering attacks.

From stealing sneakers to pinching PlayStations, bots are increasingly earning a reputation for being nefarious and disruptive – none more so than bots deployed by state actors to wield significant geopolitical influence. The Arab Spring, Brexit, and recent US presidential elections have all been victim to carefully orchestrated bot attacks from myriad geopolitical actors.

Finland’s National Cyber Security Centre (NCSC-FI) has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. The messages are written in Finnish but without the customary accented characters. In some instances, the messages pose as a notification that the user has received a voicemail message, or a communication from their mobile network provider.

Social Engineering is a form of security fraud that relies on psychological manipulation techniques to trick people into revealing sensitive information. In the previous article in this series, we discussed what social engineering is in more detail, the social engineering lifecycle, its reliance on human error, and some of the more common social engineering techniques.

In a recent Quarterly Index report, Netacea’s Threat Research Team listed the top five scalper bot targets of Q3 2021 and predicted the items most sought after by bots for Black Friday and the festive shopping season. But scalper bots (or grinch bots) have already been hard at work ahead of Christmas, depriving genuine consumers of luxury advent calendars and limited-edition toys in the run up to peak retail period.

Social Engineering is a form of security fraud that relies on psychological manipulation techniques to trick people into revealing sensitive information. This is often carried out online using a variety of social engineering techniques; one of the more commonly referred to social engineering attacks are phishing attacks (including, vishing, smishing, spear phishing and whale phishing).

Online travel agencies, more commonly referred to as OTAs, are online booking platforms used to compare prices and book flights, hotels or holiday packages. Well-known OTAs include Expedia, Booking.com and TripAdvisor. While we have seen a significant increase in the use of OTAs for booking travel arrangements in recent years, we have also seen a similar rise in OTA fraud. Total fraud loss to OTAs was predicted to grow by 19% to $25 billion by the year 2020.

Cyberattacks can take many forms. Those intended to disrupt a business often happen as denial of service (DoS) attacks, and its even more disruptive cousin, the distributed denial of service (DDoS) attack. Such attacks are often executed by a botnet, which is a network of infected machines or connected devices at the order of a botmaster. Botnet attacks present yet another challenge for security and IT teams focused on cybersecurity.

Cybercrime can take many forms, and the criminals behind such attacks work with increasing sophistication — even to the point that some companies may, unwittingly, be helping criminals launch attacks against other organizations. For example, botnets are an organized network of infected devices at a hacker’s disposal, which the hacker then uses to carry out cybercrime schemes by harnessing resources available to the bots on the system.