Cybercrime has grown to become the world’s third-largest economy after the US and China, according to the World Economic Forum (WEF). Based on data from Cybersecurity Ventures, it is projected to cost the world $8 trillion in 2023 and $10.5 trillion by 2025. So, it’s not surprising that Cybercrime Marketing has evolved as rampantly as it has.
The modern-day market affords anyone the ability to purchase products, services, and support. Malicious actors can and do buy access to networks and ransomware online, which is one of the main drivers of this growth. The offerings have grown to where threat actors do not need technical skills to launch sophisticated cyber or ransomware attacks. Like most software sales companies the black market has sales goals and deadlines. Seems that at the start of each month, there are new subscribers to these services which provide a glimpse into what was on sale. Here are the most recent examples I analyzed that can be shared with staff.
Note that in each of these examples, the first check is the email address when it looks legitimate. I then hover, never click, my mouse over the click here to see where the link goes. In these, you can see who spent the most.
Here is what I call a “low budget” or bronze package as the email address is all too obviously wrong.
In the example below the email address is not as obviously wrong and so I check the link which starts with bing.com!
Here is another example of the “bronze” package where the email address is wrong.
In this final example, the email address looks legitimate, the link is hard to decipher and the clue that this is bogus comes from the fact that it arrived in my email box in July. I looked deeper into the link, see my email address, and do not see either DocuSign or Salesforce. The lack of this tells me this is bogus. The length of time to know it reflects that someone upgraded to a “better” package.
In summary, selling subscriptions to support cybercrime operations is not new. These criminal operations having multiple offerings with updates and enhancements is not new. Defense and prevention start with understanding how, even with the best protection, there will always be a window of time where the new offerings work as advertised.
Remember if you have any doubts about any messages you receive, send them over to IT to have them check it out, and if the offering sounds too good to be true it probably is a trap.
At Lead I.T., we are constantly monitoring trends in cybercrime and would be happy to discuss any cyber security concerns you may have to ensure you are as well protected as possible. As we’ve noted in this blog, the market and opportunities for cybercriminals are not going anyway soon so ongoing vigilance is critical. Reach out to book a Discovery Call if you’d like to discuss how to more effectively protect your business from cyber threats.