In 2022, a 12% drop in malware detections was recorded when compared to 2021, according to survey by Kaspersky, a company specialized in cybersecurity. The research indicates two main reasons for this phenomenon, a change of strategy by cybercriminals and a change of behavior by a customary group of targets, businesses.
This Content Is Only For Subscribers
To unlock this content, subscribe to MOVI NEWS.
The Reasons
The first reason for the fact observed by Kaspersky is that cybercriminals became more selective and prioritized attacks with the greatest potential for payback, such as companies and government entities in developing countries, like Brazil.
Another reason is the preparation of companies to defend themselves against ransomware, a type of attack that skyrocketed during digitalization forced by the pandemic.
Data theft is considered one of the most profitable cybercrimes. It is characterized by the blocking of systems and the subsequent collection of a ransom.
Brazil
In Brazil, criminals took the opportunity to focus on digital bank frauds. One of the most specialized groups on this field is Prillex, which would be behind the “ghost purchase scam”. This method of attack diverts money from purchases without the store and the customer noticing.
The scam simulates errors in card machines to duplicate transactions and, without the shopkeeper or customer noticing, make a second charge to the customer, of the same amount, but directed to the scammer’s account.
New Scams
The Brazilian cybercriminal group Prilex has now launched a malware (malicious program) capable of blocking approximation payments. The objective is to force the consumer to insert the card in the machine, so that the fraud takes place. According to the cybersecurity company, it is the first time in the world that a gang has managed to tie a knot in the purchase by approximation, considered safer.
When there is an attempt to pay by proximity, the infected machine displays the message “ERROR APPROXIMATION (sic) INSERT THE CARD (sic)”. After the card is inserted into the machine, the possibilities for fraud increase, as in the case of ghost shopping, the one that diverts money from the purchase without the store and the customer noticing.
Metaverse Attacks is also a new trend. Information security experts warn for the most likely threats in metaverse environments involve more common cybercrimes such as phishing and ransomware. However, there criminals have developed specific ones. This is the case of impersonating other people by cloning their voice and other characteristics into avatars and attacks that place an “invisible person” listening to a conversation, also called “person in the room”.
Prilex
It is a Brazilian group specialized in frauds and it is also behind scams at ATMs. While the main gangs in the world have prioritized ransomware attacks (blocking information upon ransom), considered as still more profitable, Prilex focused on financial transactions.
