Ransomware has gone corporate. These attacks, which hold files and PCs hostage until there’s a payout, may seem savage but behind the scenes, it’s civilized. The hackers have days that look a lot like any paper pusher’s — bosses to report to, tickets to track. And accordingly, the major organizations behind this kind of malware have refocused their attention. It’s not individuals they’re primarily focused on.
You and I just don’t have enough money for them. However, for a multitude of mom-and-pop scammers, we do.
That point became clear during the 2024 RSA Conference in San Francisco, where members of Microsoft’s security teams spoke with the press on cybersecurity topics, including the most current threats to everyday people. While you could still get caught up in a ransomware campaign, the main targets nowadays are companies big enough to pay multimillions but too small to have robust IT security teams.
Instead, Sherrod DeGrippo, director of threat intelligence strategy at Microsoft, says you should watch most for seemingly innocuous tricks that play on your emotions: romance schemes, influencer scams, banking hoaxes, and other such deviousness.
Romance scams, for example, involve gaining someone’s trust and affection, and then using the relationship to start asking for money.
Influencer scams twist people’s legitimate desire to earn a living into fronting money for opportunities that never pan out — and potentially expose the victims to identity theft if tax identification numbers and other personal details are shared.
Dominik Tomaszewski / Foundry
Banking scams prey on the fear of losing something important. Similar scams might focus instead on more immaterial losses, like your reputation. (Scams about keeping your secrets or your child out of trouble run in this same vein.)
Many of these scams aren’t new — even those that seem to be are just riffs on long-standing attacks, like the influencer ruses. And they’re still prevalent, rather than having gone away.
So what can you do? Stay alert, for starters. Besides these timeless scams, be on the lookout for seasonal ones, too. Microsoft says it anticipates a rise in scams related to the Olympics and elections as those events draw closer, and you can count on recurring periods like tax season in the U.S. to spawn fresh rounds of scam attempts. Vet your email and messages carefully, and if something feels urgent, get an outside opinion before acting on the situation.
(This piece of advice should be particularly familiar to us chronic overthinkers. Except you finally get to make productive use of your mistrust of everything.)
You should also keep your antivirus software up to date. So long as you’re not actively trying to click on bad links, run dodgy apps, or browse sites of dubious origin, it should keep you safe from malware looking to con you, as well as ransomware and other threats. (Remember, just because you’re not a target, doesn’t mean you can’t get caught up in a malware campaign as collateral damage.)
Between these two approaches, you should be able to get through all the dangers online relatively unscathed.