While You Still Need to Protect Yourself from Them, Hackers are Often Victims Themselves
Due to the almost faceless nature of many cybercrime acts, it can be easy to see them as nothing more than the acts themselves, which is of course not true in the slightest. Behind these attacks are people, and where people performing illegal acts are concerned, there will always be concerns about other criminal acts which perpetuate the ones at the surface.
A perfect example of this is an ad which was placed on the White Shark Channel of the Telegram messaging service:
“Selling a Chinese man in Sihanoukville just smuggled from China. 22 years old with an ID card, typing very slow.”
That ad, listing the sale of a human being, offered a price of about $10,000.
Human Trafficking is Connected to Cybercrime
Many people in China, Taiwan, Thailand, and Vietnam have become the victims of human trafficking under the guise of promising employment opportunities. They might believe they have an amazing job lined up, when in reality, they are traveling to a different location only to be held against their will and forced to work under the duress of beatings, torture, and starvation. These victims are forced to work by defrauding people online, and they are essentially held captive and forced to engage in this activity until they make enough money to leave. These victims are also frequently moved or sold to other organizations, which consequently increases the price of freedom.
The victims are forced to participate in “pig butchering” scams. These scams entail the scammer “fattening up” the victim by pretending to be their friend or fostering a romantic relationship, while simultaneously drawing out money into an investment platform. Once the victim has run out of money, the scammer cuts off all contact and leaves with all of the cash. Due to the shame of being fooled in this way, many victims do not report this kind of fraud.
These operations are well-oiled machines that have their processes properly outlined and provided to their enslaved workforce. They are even told to create social media accounts to make everything more believable. These profiles are then stacked with photos and interests that give them an air of wealth, like sports cars or posts about investment. They even tap into such precious memories and feelings like family values to gain the victims’ trust.
After the accounts are created, these trafficking victims then reach out to their victims. One scammer reported working with eight other scammers organized under a leader, who provided them with 10 phones to use for outreach. Scammers then took notes on the victims that might be useful in perpetrating the scams. All of this “customer mapping” gives the attackers an idea of how successful their attempts at scamming might be.
This is all done with the attackers being essentially victims themselves. They cannot call law enforcement, or they risk being sold off to another organization, and they might even be forced to make statements which absolve the company of their crimes.
Long Story Short: Coercion is Bad
While we never want to advocate for the actions of scammers and hackers, it’s also important to note that in many cases, it’s a matter of their being taken advantage of. You might not be the only victim in this dynamic.
The other major takeaway from this is that criminals often treat cybersecurity like a business. They might have several horrific ways to make their ends meet, but it’s very organized and sophisticated in the way it is run.
In any case, it’s important to note that your team should be able to identify these types of threats in addition to the more in-your-face and obvious ones. To learn more about how you can get your team the training they need, be sure to contact us at 607.433.2200.