IV. How Cybercriminals Operate: Tactics & Techniques

Understanding the methods cybercriminals use is key to recognizing their attempts and protecting yourself. They don’t always need advanced hacking skills; often, they exploit human nature or unaddressed security weaknesses.  

1. Social Engineering

This is one of the most common and effective tactics cybercriminals use. Instead of breaking into computer systems directly, they manipulate people to get what they want.  

  • Explanation: Social engineering involves tricking individuals into revealing confidential information, clicking malicious links, or performing actions that compromise their security. It exploits human psychology – trust, fear, urgency, curiosity, or a desire to help.  
  • Examples:
    • Impersonation: Pretending to be someone trustworthy, like a bank official, a government agent (e.g., from a tax office or even the RPNGC), a tech support representative, or a colleague/boss. This is seen in phishing, smishing, and vishing attempts where they mimic official communication.  
    • Urgency: Creating a false sense of urgency to pressure victims into acting quickly without thinking (e.g., “Your account will be suspended in 24 hours!”).  
    • Fear Tactics: Threatening negative consequences (e.g., “If you don’t pay this fine immediately, you will be arrested.”).  
    • Posing as a Friend/Relative in Distress: Sending messages asking for money because they are in an “emergency” (e.g., “I’m stranded and need money for a flight.”).  

2. Exploiting Vulnerabilities

Cybercriminals constantly look for weaknesses in technology and systems that they can exploit for their malicious purposes.  

  • Explanation: A “vulnerability” is a flaw or weakness in software, hardware, or a system’s configuration that can be exploited by an attacker. Cybercriminals scan for these weaknesses to gain unauthorised access, install malware, or disrupt services.  
  • Examples:
    • Software Bugs: Flaws in operating systems (like Windows or Android) or applications (like web browsers, email clients, or social media apps) that hackers can use to gain control.  
    • Weak Passwords: Easily guessable passwords (e.g., “123456”, “password”, your name or birthdate) are simple entry points for criminals using automated programs.  
    • Unpatched Systems: When software or operating systems are not updated regularly, they remain exposed to known vulnerabilities that criminals can easily exploit. Updates often contain crucial security fixes.  
    • Misconfigured Settings: Incorrectly set up network devices or software can leave doors open for attackers.  

3. Data Breaches

A data breach occurs when sensitive, protected, or confidential data is accessed or disclosed without authorisation.  

  • Explanation: Cybercriminals infiltrate an organization’s computer systems or databases to steal large quantities of sensitive information. This can happen due to hacking, employee error, or social engineering.  
  • How they Occur:
    • Targeted Attacks: Hackers specifically target a company to steal customer data, intellectual property, or financial records.  
    • Insider Threats: Employees (intentionally or unintentionally) compromise data security.  
    • Third-Party Vulnerabilities: A vendor or partner company with access to your data suffers a breach.  
    • Weak Security Measures: Lack of encryption, poor access controls, or unpatched systems within an organization.  
  • What Happens to Stolen Data:
    • Identity Theft: Personal details (names, addresses, IDs, birth dates) are used to commit fraud.  
    • Financial Fraud: Credit card numbers, bank account details are used for unauthorised purchases or transfers.  
    • Sale on the Dark Web: The stolen data can be packaged and sold to other criminals on illicit online marketplaces.  
    • Phishing Campaigns: Stolen email addresses and names are used to create more convincing phishing attacks.  
    • Blackmail/Extortion: Sensitive company or personal data might be held for ransom.  

4. The Dark Web (Brief mention)

  • Explanation: The Dark Web is a hidden part of the internet that requires specific software, configurations, or authorizations to access. It’s often associated with illicit activities because of its anonymity.  
  • Where Stolen Data Might Be Sold: After a major data breach, criminals often sell large databases of stolen personal information (like email addresses, passwords, credit card numbers, or even national identification details) on the Dark Web to other criminals who then use this data for further fraud, identity theft, or targeted attacks.