The Hacker Wish List

All over the world the annual list-making has begun, by both the ‘nice’ and the ‘naughty’. Not surprisingly, the lists aren’t all that dissimilar between the two. While every day folks build lists of goods and services, so are the cybercriminals and malicious actors hoping to capitalize on the poor cyber hygiene of consumers.

In 2018, analysts expect U.S. consumers will spend slightly more during the holiday shopping season, but where many expect double-digit growth is in ecommerce, specifically mcommerce (mobile commerce). In fact, mobile shopping is expected to jump 32% and will represent nearly half of all ecommerce sales. A shift to mobile-based shopping is music to a cybercriminal’s ears as 73% of fraud activity in Q3 was in a mobile channel.

Based on the RSA® Anti-Fraud Command Center’s research into cybercrime behavior, across the Dark Web and in public domains, we’ve isolated the five most popular cybercriminal wishes this coming year:

1.      Passwords.

  • Did you know? Just 28% of consumers update their password after a confirmed data breach. This makes is quite easy for a fraudster to conduct account takeover.
  • Why is it on the list? The Achilles’ heel of security and privacy are weak, easy to guess passwords, and the re-use of those same credentials across your digital universe – from merchants to email client and social media accounts. After a major breach, it is not unusual to find cybercriminals posting credential dumps in a pastebin, a Dark Web forum, or even on social media (Read more...)

*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Heidi Bleau. Read the original post at: