Criminals and victims – changing our perspective on cyber crime
- Peter Plowman, Senior Manager, Financial Crime, ANZ
I'm not going to give you my top tips on how to protect yourself.
You're going to do something for me, please. I want you to think differently about two simple things and convince others to do the same. If you do, I think more people will educate themselves, protect themselves and we'll respond better to the threats out there.
First, I don't like the word 'fraudster'. I’m not a fan of the word 'cybercriminal' either.
The words fail to reflect the impact to victims and society that these crimes have. 'Cybercriminal' has the air of something technologically futuristic, in the digital ether, disconnected.
The reality is you can buy the software (and support!) with little knowledge, but the damage done is far from ethereal and disconnected to a victim. So when I get the chance, like this, I call them what they are.
Thieving filth (or stronger words which would be inappropriate for polite newsletters).
You should too, every chance you get.
While this can be a bit amusing, make no mistake, the people (and technology) many teams work to stop are not just exploiting holes in systems. They are not Robin Hoods, taking money from big businesses and giving it to the poor. This is not the little guy sticking it to ‘the man’. This is not some victimless crime.
This filth attaches itself to old, vulnerable people, non-digital natives and others with mental disabilities to exploit them. They create fake charities and exploit death and destruction. They use our 'cyber' world to enable this. They invade, trespass and squat in systems, intercepting and exploiting private information, engineering extortion and blackmail. They rob people of their inventions, reputations and obliterate trust along with businesses.
Victims can be ruined. More than just monetary loss, they play with people’s lives, emotions, trust and security.
Did that have more impact? Did that make you a little angry? Good. Do me a favour and take it to heart the next time you hear my offending words.
Secondly, I'd like to talk about victims. You sometimes call them 'fools'. I get that the person that falls for the Nigerian Prince scam or some long lost family inheritance can seem silly. I hear about them weekly. Don't feel smug.
I could get you.
Filth impersonates banks, energy and telecommunications companies to threaten security details from you for ‘late’ bills or prizes. They surf your open social media pages to take the freely available information there. Lately they just offer you cheap phones, non-existent goods or enticing stories and videos through those same networks, leading to malicious software on your devices and unintended transactions on your cards.
I can find your Kryptonite in your devices, in your digital footprints, in your friends, your home, your wifi and your trash. If I'm one of the 'good guys' (and I'm not impervious either), imagine what someone with professional ill intent (filth) targeted to you or your business could do.
Let's keep the conversation focused on the filth and how we thwart them. Let's try not to diminish the impact to victims by insulting their intelligence. Let's change the conversation. "Some fraudster just fooled that gullible twit out of his money" becomes "how do we best protect the vulnerable from filth?"
I figure the real change flows from there.