Cyber Fraud Explained

If you have seen the "Catch Me If You Can" blockbuster (based on real-life events), you know how efficient this approach can be.

• Identity Theft: Financial fraud takes place using stolen personal information - social security numbers, login credentials, or banking details.
• Government Impersonation Fraud: Scammers pretend to be tax authorities, police, or other officials. Victims end up paying fake fines or offering their sensitive data.
• Business Email Compromise (BEC): A business executive's email account is hijacked or spoofed, and employees end up following fake orders, transferring money, or disclosing confidential information to scammers.

Much like hackers exploit vulnerabilities in software, fraudsters exploit our emotional vulnerabilities. Can one refuse "lending" money to someone they truly love? How can someone NOT pay a small fee when one is convinced that a million-dollar prize is awaiting? More than just gaining trust, this type of fraud goes one step further, profiting from people's deepest emotions.

• Romance & Dating Scams: Online “I love you” from people you've never met in real life, followed by requests for money, gifts, or access to personal information, is almost certainly a scam.
• Fake Charity & Donation Scams: Criminals set up fake donation pages after disasters or humanitarian crises.
• Lottery & Sweepstakes Scams: Victims are informed that they are lucky prize winners, but only after they pay a “processing fee” or provide personal details to claim it.
• Medical & Insurance Fraud: Fraudsters offer fake medical treatments or insurance claims.

Charles Ponzi promised investors huge returns with little risk in the 1920s, and that is how we have “Ponzi schemes" today. Emails, fake websites, and social media ads are all great ways to promote them. People who are too desperate or uninformed financially can easily fall victim to:

• Ponzi & Pyramid Schemes: Victims have to recruit others in exchange for promised profits. The pyramid comes from the fact that early investors are paid with the money of new recruits.
• Investment & Cryptocurrency Fraud: Fake investment opportunities or cryptocurrency deals that seem too good to be true.
• Fake Job & Recruitment Scams: Fake jobs are posted to attract people willing to pay “training fees” or give their personal data.

Before the internet, in the 1970s, “phreakers” manipulated telephone networks to make free calls. Today, cybercriminals use malware, fake apps, and hacked devices for frauds that can bring them much more money:

• Online Shopping Fraud: Selling imaginary goods on fake online stores and never delivering or stealing payment information of unsuspecting clients.
• Tech Support Scams: Presenting fake technical emergencies and coercing victims into allowing 3rd party access to their systems.
• Ransomware Attacks: These types of attacks often have a strong fraud element, as attackers use fake warnings or impersonate authorities to pressure victims into paying.
• Credit Card Fraud: Unauthorized purchases or cash advances are made using stolen credit card info.
• Online Payment Fraud: Online transactions are intercepted or manipulated so that money or financial info can be stolen.

Sometimes, trusted employees or suppliers can exploit their access. Companies have always been vulnerable to employees committing theft or sabotage. Digital communication has made this much easier.

• Insider Fraud: Employees or contractors misuse their authorized access to steal sensitive data, commit financial fraud, or aid external attackers.
• Data Leakage & Sabotage: Confidential information can be exposed, systems can be damaged, and operations can be disrupted with irreparable financial or reputational damage. All it takes is a member of the team who is either negligent or in the mood for revenge.

When you are connected to the digital world, you can consider yourself within reach of a scammer. Just having an email address, a phone number, or an online account that you constantly use – personally or as part of your job - is enough.

Most cyber fraud techniques use social engineering, that is, using psychological tricks to gain people's trust. Technology only creates the opportunity; usually, though, it is a person who unknowingly opens the door to fraud. Fraudsters concentrate on finding a weak spot, and they probe multiple targets.

Compromising Communications

• If you have an email account, phishing will likely find you. A message that looks official asks you to click a link or download a file. Click on it, and your login credentials could be stolen. Or maybe some malware is installed on your device. Or a gateway into your company systems just opened.
• Man-in-the-middle attacks are a constant background threat for everyone who communicates online, as messages and login sessions can be silently intercepted. This is an especially prevalent attack on public or poorly secured networks.
• Some attacks don’t even rely on your mistakes, just on catching you at the right (or wrong) moment. Browser hijackers can redirect your traffic without warning, or session hijackers can take over a login in mid-process.

Exploiting Accounts and Access

• If you reuse passwords across accounts, maybe you should start worrying about credential stuffing: stolen passwords from old breaches are reused to break into corporate systems.
• If your phone number is tied to important accounts, SIM swapping is another risk. Mobile carriers are tricked into transferring your number so that attackers can intercept security codes and take control of business-critical assets.
• When you simply browse the internet, pharming attacks (fake websites and DNS spoofing are used to redirect you) - can deceive you into handing over sensitive information.
• Recently, there has been a growing trend of people casually sharing personal or sensitive information with AI chatbots, but did you know that you might unknowingly expose data that can later be exploited by cybercriminals? Even innocent details can help attackers fine-tune fraud attempts.

Manipulating Business Processes

• For employees who manage transactions or approve payments at work, deepfakes and AI scams are a new threat that should not be ignored. A cloned voice or fake email chain can pressure victims to skip security steps. Be especially weary when your “boss” tries to induce a strange sense of urgency.
• When processing digital invoices, pay extra attention not to fall victim to invoice fraud.
• If you think that nothing can go wrong when scanning QR codes, then you probably never heard of quishing (QR code phishing).
• If you type on an unsecured device, keyloggers can secretly record every keystroke - capturing passwords, emails, and sensitive documents without leaving any visible trace.

With the right strategies, cyber fraud can be prevented, detected, and contained through layers that strengthen your systems, make it easier to spot threats early, and, when things go wrong, get back on your feet quickly for both people and businesses. 

For a comprehensive set of actionable tips, refer to our dedicated guide on Cyber Fraud: Prevention & Protection.

A strong defense against cyber fraud begins with securing every endpoint in your organization. Robust endpoint security can protect devices like laptops, servers, and smartphones from phishing, malware, and ransomware attacks. An Endpoint Protection Platform (EPP) combines malware detection, intrusion prevention, and encryption into one solution.

Timely patch management closes exploitable vulnerabilities, while access control through Identity and Access Management (IAM) solutions can help organizations make sure that only authorized users have access to sensitive systems.

A firewall can act as a barrier against external threats, limiting traffic. And as more and more operations move to the cloud, protecting cloud environments with strong cloud security measures has become non-negotiable. For mobile devices, securing remote access points through Mobile Device Management (MDM) is recommended.

Endpoint Detection and Response (EDR) monitors devices for suspicious behavior, while Extended Detection and Response (XDR) correlates data across endpoints, networks, and cloud services for a broader view.

Robust Email Security can help thwart BEC and phishing attempts by fraudsters by preventing malicious emails from reaching their intended target. 

For organizations without large internal teams, Managed Detection and Response (MDR) delivers 24/7 monitoring and expert analysis. Threat Intelligence helps organizations anticipate and recognize fraud tactics before they escalate.

A Security Operations Center (SOC) centralizes threat detection and response, often using tools like Intrusion Detection Systems (IDS). Technologies such as Anomaly Detection and File Integrity Monitoring (FIM) add extra layers as they identify irregular behavior and unauthorized changes.

When an Incident Response Plan (IRP) is implemented, teams can react quickly and effectively during a fraud incident, minimizing damage and starting recovery as soon as possible.

When the result of the fraud is data loss due to ransomware, a robust recovery strategy restores encrypted systems quickly, minimizing downtime after an attack. Removing malware remnants should never be neglected - follow best practices for malware detection and removal so that infected systems are fully cleaned before resuming operations.

Equally important is restoring data from offline backups. The most important steps after recovery are patching their vulnerabilities, resetting compromised credentials, and taking steps to prevent future attacks.

Unfortunately, for cybercriminals, it is not difficult to bank their profits, as there are global marketplaces featuring stolen data, malware kits, and illegal services. In other words, there is a huge underground economy sustained by dark web forums and encrypted communication platforms. Cryptocurrencies, particularly those that prioritize anonymity, enable untraceable payments for ransomware attacks, data breaches, and illicit services.

Cybercrime-as-a-Service (CaaS) allows ready-made packages for non-technical players. Its most aggressive offshoot is probably Ransomware-as-a-Service (RaaS), which lets developers lease ransomware tools to affiliates for a share of the profits. Newer trends like Scam-as-a-Service allow even unskilled users to launch convincing scams. This industrialized model has fueled the explosion of cyber fraud attacks across sectors and geographies.

Cybercriminals also jumped at the opportunity to use AI to automate attacks and create highly personalized phishing messages and deepfakes. Popular social media platforms and online communities have become the preferred playing field for phishing campaigns, fake giveaways, and fraudulent ads.

Cyber fraud leads to enormous worldwide losses, and according to estimations, it is growing - in 2027, it could reach $23 trillion / year (up from $8.4 trillion in 2022). The FBI's Internet Crime Complaint Center (IC3) reported $12.5 billion in cybercrime losses in 2023 in the U.S. alone - a 22% increase over the previous year. Investment fraud, Business Email Compromise (BEC), and phishing attacks are the most common vectors of cyber fraud - identity fraud alone accounted for $23 billion, according to industry surveys.

1. Cryptocurrencies and digital assets are major causes of the increase in cyber fraud. Some of the most notorious scams in history come from these areas, with some reports estimating losses at roughly $19 billion

• The OneCoin Ponzi scheme defrauded investors worldwide of an estimated $4 to $15 billion by promoting a nonexistent cryptocurrency.
• The PlusToken Ponzi scheme lured investors into a fake wallet platform, ultimately stealing an estimated $2 to $3 billion in cryptocurrencies.
• The 2022 collapse of FTX, considered a respected crypto exchange, exposed billions in misused customer funds and led to the fraud conviction of its founder.
• NFT markets are famous for their fraud potential, and the losses can be staggering. In 2024, two Californians were charged with a scheme that cost investors $22 million.

2. Traditional business scams have evolved into sophisticated operations. BEC scams, where attackers impersonate company executives or suppliers to trick employees into wiring money, have cost businesses $2.9 billion in 2023 alone.

• Early cases like the Google and Facebook BEC scam (2013-2015), in which $100 million was stolen through fake invoices, show that even the most tech-savvy companies can fall victim.
• The Crelan Bank BEC attack in Belgium, resulting in a $75.8 million loss, and Ubiquiti Networks falling prey to a $46.7 million fraud are proof that through scaled operations, cyber frauds can affect any industry.
• Criminals have also increasingly targeted small firms. In a real estate BEC scam, hackers compromised agents' emails and stole $20 million from unsuspecting homebuyers during property purchases.

3. Deepfake technology takes cyber fraud to unprecedented levels of sophistication.

• Scammers can use deepfake voice technology to impersonate a senior executive, like in the case of a German manufacturer where the CFO was convinced to authorize a €40 million transfer.
• Another case involved fraudsters in Hong Kong who used deepfake video conference calls to mimic the CFO and colleagues, resulting in a $25 million loss.

4. Technology allows cybercriminals to prey on emotions without any borders.

• Romance scams have evolved into a global phenomenon known as “romance baiting” (a name that tries to replace the offensive term “pig butchering”). Fraudsters build emotional relationships with victims before luring them into fake investment opportunities, defrauding them of huge sums of money.
• Cyber fraud victims often suffer profound emotional and psychological harm, like in the case of the breached Finnish therapy firm Vastaamo, which led to sensitive patient records being used to blackmail victims.

Currently, there are over 150 individuals and groups on the FBI’s Cyber Crimes Most Wanted List for crimes such as computer intrusions, wire fraud, and identity theft. International operations are growing in complexity - in 2024, Interpol's Operation HAECHI V led to 5,500 arrests and the seizure of $400 million.