5 Commercial Cyber Threats You Might Not Have Heard Of

Cyber crime is evolving at an alarming pace, with criminals constantly finding new ways to exploit technology and human psychology. While most businesses are aware of phishing emails and ransomware attacks, there are several lesser-known cyber threats that can be just as damaging.

From AI-powered voice scams to fake vendor impersonations, here are five cyber crimes you might not have heard of – and how to spot them before they cause damage.

1. Pig Butchering Scams

Originally a scam targeting individuals via ‘romance scams’, cyber criminals are now using this method to defraud businesses via financial decision-makers within those organisations. They build long-term relationships with corporate executives or staff with financial roles, before persuading them to invest in fraudulent schemes.

The term comes from the unfortunate reality that you, as the victim, are ‘the pig’. With the cyber criminals being the ‘butchers’.

How to spot it:

• Business opportunities that seem too good to be true.
• Unsolicited advice from new online contacts, usually via email or private messages.
• Pressure to make financial commitments quickly.
• Requests for sensitive financial data or deposits without proper due diligence.

2. AI-Powered Corporate Deepfakes (Video & Audio)

With a famous case recently in the news; a finance worker was duped by a sophisticated AI video call, into transferring $25million to scammers. These AI-generated video and audio techniques normally mimic executives, often using human trust and pressure tactics to authorise fraudulent transactions.

How to spot it:

• Reach out to the person who may be being impersonated directly via a verified method.
• Ask questions that only the person on the call or video would know the answer to.
• Look for small inconsistencies in facial expressions or audio.
• Follow company security protocols before acting on high-risk instructions.

3. ‘Financial Celebrity’ Deepfakes

Criminals use AI to create fake celebrity endorsements to boost credibility for fraudulent investments or services. In recent years, figures such as ‘the money-saving expert’ Martin Lewis have been impersonated by deepfake technology in order to dupe people into making scam investments.

How to spot it:

• Check official social media accounts or websites for verification.
• Be wary of offers that have a limited time period to invest.
• Compare the message with the celebrity’s known communication style.
• Ask yourself whether this person is likely to endorse the type of investment on offer.

4. AI Supercharged Phishing Scams

The rise of AI has led to some predictable and concerning developments in cybercrime. Having an always-on digital criminal assistant was always going to make phishing scams more effective.

AI has glossed over the weaknesses of older phishing scam tactics, which suffered from poor language choices, unprofessional branding, and other inconsistencies. A recent study has shown that AI-supported phishing scams can fool more than 50% of targets.

How to spot it:

• Check email headers and sender details carefully.
• Visually inspect branding, communication style, and tell-tale signs of AI copywriting.
• Avoid clicking on unfamiliar links or downloading unexpected attachments.

5. Fake LinkedIn Business Influencers

The rise of AI has made stealing someone’s online style of communication an absolute cinch. Feed a few LinkedIn posts into AI, and you’ve got a convincing interpretation. Fraudsters are using these techniques, alongside stolen profile photos, to create business influencers offering everything from investment opportunities to seemingly innocent-looking personal information scraping techniques.

How to spot it:

• Scrutinise connection requests, especially from accounts with little history.
• Check for the LinkedIn profile verification mark, indicating identity checks have taken place.
• Search LinkedIn for duplicate profiles.
• Verify new contacts through mutual connections or official channels.

Some Hard & Fast Rules For Protecting Your Organisation.

While common logic might indicate that digital crime requires a digital solution, Trustco recommends a marriage of man and machine when it comes to spotting and protecting against cyber crimes.

Educate: Train your organisation’s users to become ‘cyber sceptics’ by ensuring up-to-date training and clear communication—this is the best way to stop scams in their tracks.

Invest: Invest in the highest-grade cyber security solutions that meet your budget. It can be tempting to opt for base-level options when you have yet to experience a hack or fallen victim to a scam, but investing upfront can save you hundreds of thousands of pounds in the future.

Develop a Sixth Sense: Always stop and question any email, call, video, or communication that seems suspicious.

If in doubt, learn from the experts!

Trustco and our cyber security partners, Arctic Wolf, are running an exclusive insider knowledge webinar this March. By joining us, you’ll learn how to:

Discover
Arctic Wolf will reveal the latest strategies employed by threat actors.

Identify
Understand how new cyber threats interact with your own security setup.

Act
Use the expert knowledge of Arctic Wolf to facilitate action points for your organisation.

If you are interested in learning more, click here to visit the webinar page.