.st0{fill:#FFFFFF;}

Podcast

6 Ways To Make Money Online – Ep 352 

 April 22, 2022

By  Donna Grindle

Share0
Tweet0
Share0

Cybercrime is a booming business. In 2021, the US experienced an unprecedented increase in cyber attacks with criminals making $6.9 billion online. In today’s podcast, we review the FBI’s Internet Crime Report for 2021.

A 5 star review is all we ask from our listeners.
1x
Apple PodcastsGoogle PodcastPlayer EmbedShare Review Us on Apple PodcastsListen in a New WindowDownloadSoundCloudStitcherSubscribe on AndroidSubscribe via RSSSpotify
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy

In this episode:

6 Ways To Make Money Online – Ep 352

Today’s Episode is brought to you by:

Kardon

and

HIPAA for MSPs with Security First IT

 Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity. 

PriSec Boot Camp

The Privacy and Security Boot Camp

3.5 day In Person Event

Sep 12, 13, 14 and 15

PriSecBootCamp.com

Great idea! Share Help Me With HIPAA with one person this week!

Learn about offerings from the Kardon Club

and HIPAA for MSPs!

Thanks to our donors. We appreciate your support!

If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!

405(d) Tip of the Week

[02:53] 10 Best Practices: #1 Email Protection Systems

The two most common phishing methods occur by email access:

  1. Credential theft is where attackers leverage emails to conduct credential harvesting attacks on the organization.
  2. Malware dropper attacks are used when attackers deliver malware through emails, which can compromise endpoints.

An organization’s cybersecurity practices must address these two attack vectors. Because both attack types leverage e-mail, e-mail systems should be the focus for additional security controls.

For Small Organizations:
  • Instill basic email protection controls such as standard antispam and antivirus (AV) filtering controls, which should be implemented in any e-mail system.
  • Acquire Multifactor Authentication (MFA) for remote email access, which is the process of verifying a user’s identity using more than one credential, thus adding an extra layer of defense against email attacks.
  • Implement education and awareness activities such as training, phishing simulations, and awareness campaigns to assist employees and partners in protecting your organization against phishing attacks.
For Medium & Larger Organizations:

In addition to the items mentioned above for small organizations, medium and large organizations should do the following:

  • Institute basic email controls including real-time black hole lists, distributed checksum clearinghouses (DCCs), and spam/virus checks on outbound messages.
  • Utilize advanced and next generation tooling to combat phishing and malware. These tools use threat analytics and real-time response capabilities to provide protection against phishing attacks and malware.
  • Perform analytical education by reviewing who in your organization is being targeted most and create cyber security education specifically for that group.

6 Ways To Make Money Online

[09:37] FBI Releases the Internet Crime Complaint Center 2021 Internet Crime Report

The FBI’s 2021 INTERNET CRIME REPORT includes information from over 800,000 complaints of suspected internet crime and reported losses from cyber attacks. They have also released state specific statistics on cyber crime. The report shows that phishing scams, non-payment/non-delivery scams, and personal data breach were the top three cyber crimes reported by victims in 2021.

Of all critical infrastructure sectors reportedly victimized by ransomware in 2021, the Healthcare and Public Health, Financial Services, and Information Technology sectors were the most frequent victims. The IC3 anticipates an increase in critical infrastructure victimization in 2022.

[13:52] Below is a chart showing the top six ways cyber criminals have made money through online scams. Business email compromise tops the list. Hence, why email protection systems is #1 on the 405d list of most impactful cybersecurity threats. And why we included it in our tip of the week.

Tech Support Scams On The Rise
[19:23] One of the most common scams, that David has noticed with his clients, are the “Microsoft” pop ups that say there is a problem with the computer and to call this number to get it fixed. He sees these mostly coming from hacked websites and malicious Chrome extensions. Some anti-malware programs don’t do a good job of looking at browser extensions. So, ask your IT if their tools evaluate browser extensions or just get rid of non-essential extensions altogether.

Many victims report being directed to make wire transfers to overseas accounts or purchase large amounts of prepaid cards. In 2021, the IC3 received 23,903 complaints related to Tech Support Fraud from victims in 70 countries. The losses amounted to more than $347 million, which represents a 137 percent increase in losses from 2020. Most victims, almost 60 percent, report to be over 60 years of age, and experience at least 68 percent of the losses (almost $238 million).

Tech support scammers continue to impersonate well-known tech companies, offering to fix non-existent technology issues or renew fraudulent software or security subscriptions. However, in 2021, the IC3 observed an increase in complaints reporting the impersonation of customer support, which has taken on a variety of forms, such as financial and banking institutions, utility companies, or virtual currency exchanges.
[31:21] The FBI IC3 report also shows that the US leads the list in the number of victims by country with 466,501 victims in 2021. The UK was the next highest with 303,949 victims. Of the 20 other countries mentioned, their combined total was just 25,002 victims.

The Phishing / Vishing / Smishing / Pharming cybercrime type, by far, accounts for most of the victims. These are all communication type scams.

Go to top

Cybercrime is big business. The scary thing is that it is easy to do nowadays. Hackers don’t have to be programmers or have advanced technical expertise to participate in cybercrime. Cybercrime has its own business model and criminals are making it easier for people to subscribe to their tools and platforms. So, needless to say cyber attacks are not going away or becoming less frequent any time soon.

Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!

HIPAA is not about compliance,

it’s about patient care.TM

Listener Survey

Special thanks to our sponsors Security First IT and Kardon.

Share 0
Tweet 0
Share 0

HelpMeWithHIPAA.com Is A
Collaborative Project

Created & Sponsored By: