7 Cybersecurity Threats to Watch Out For and Help on How to Better Protect Yourself

October is Cybersecurity Awareness Month, a critical time to reinforce the importance of protecting ourselves and our businesses from the ever-evolving landscape of cyber threats. Cybercrime is a global crisis, and the FBI's 2023 Internet Crime Report reveals a stark reality: losses from cybercrime have exceeded $12.5 billion, a 22% increase from 2022.¹ This highlights the urgent need for individuals and businesses to prioritize cybersecurity now more than ever.

The report received a record number of complaints from the American public: 880,418, a nearly 10% increase from the previous year.¹ These numbers underscore the escalating threat and the need for proactive measures to help mitigate risk.

Here are 7 key cyberthreats to be aware of, updated with some of the latest information:

1. Phishing: This pervasive scam remains a top threat, with 298,878 complaints in 2023.¹ Phishing attacks encompass various forms, including emails, text messages (smishing), and phone calls (vishing). Cybercriminals are becoming increasingly sophisticated, employing tactics like pharming (redirecting users to fake websites) and telephone-oriented attack delivery (TOAD) to deceive victims.
2. Ransomware: After a slight dip in 2022, ransomware attacks are surging again. The FBI received over 2,825 complaints in 2023, an 18% increase, with reported losses rising by a staggering 74% to $59.6 million.¹ Attackers are deploying new tactics, including using multiple ransomware variants against the same victim and employing data-destruction threats to pressure victims into paying ransoms.
3. Data Breaches: Through the first half of 2024, 1,571 data compromises were reported impacting an estimated 1.07 billion victims.²  
4. Business Email Compromise (BEC): BEC scams continue to plague both businesses and individuals. In 2023, the IC3 received 21,489 BEC complaints with adjusted losses over $2.9 billion.¹ Fraudsters compromise legitimate email accounts to conduct unauthorized fund transfers. The report highlights the rise of virtual meeting platforms being used to hijack emails and impersonate business leaders, particularly in remote work environments.
5. Remote Desktop Protocol (RDP) Exploitation: Exploiting vulnerabilities in RDP remains a common tactic for cybercriminals to gain unauthorized access to systems and deploy malware, including ransomware.
6. Software Vulnerabilities: Outdated software provides an open door for cybercriminals. Regularly updating software with the latest security patches is essential to helping mitigate this risk.
7. Social Engineering: This manipulative tactic relies on psychological tricks to deceive individuals into revealing confidential information or taking actions that benefit the attacker. Social engineering often works in conjunction with other threats like phishing.

How to Help Protect Yourself and Your Business:

• Educate Your Employees: Conduct regular and comprehensive cybersecurity training to empower employees to recognize and avoid threats like phishing, social engineering, and ransomware.
• Keep Software Up-to-Date: Enable automatic updates for operating systems, applications, and security software to help ensure you have the latest protections.
• Utilize Antivirus and Antimalware Software: Install reputable security software on all devices and schedule regular scans.
• Use a Virtual Private Network (VPN): A VPN encrypts your internet connection, helping safeguard your data, especially on public Wi-Fi.
• Use Multi-Factor Authentication: Implement MFA on all accounts possible to add an extra layer of security.
• Require Strong Passwords: Enforce strong, unique passwords and consider a password manager to help employees generate and store them more securely.
• Implement Email Authentication and Intrusion Prevention Software: These tools can help filter out phishing emails and other email-based threats.
• Have a Cybersecurity Plan: Develop a comprehensive plan that includes procedures for preventing, detecting, and responding to cyberattacks. This should include incident response protocols, data backup and recovery strategies, and communication plans.
• Stay Informed: Keep up-to-date on the latest cybersecurity threats and best practices by following reputable sources like the FBI's IC3, CISA, and the National Cybersecurity Alliance.

By taking these proactive steps, you can help significantly strengthen your defenses against cybercrime. Remember that cybersecurity is a shared responsibility. Stay vigilant, stay informed, and stay safe online.

For more information on cybersecurity best practices and how ID Watchdog can help you better protect your employees and their families, contact us today.

1. 2023 Federal Bureau of Investigation Internet Crime Report
2. ITRC, H1 2024 Data Breach Report, July 2024

The information provided is intended as general guidance and is not intended to convey any tax, benefits, or legal advice. For information pertaining to your company and its specific facts and needs, please consult your own tax advisor or legal counsel.  Equifax Workforce Solutions provides services that can help employers reduce their compliance risks. Details on our provision of these services and related support will be contained in your services agreement. Links to sources may be to third party sites. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.