Want a well-paid a career? Have you considered cybercrime?
OK, so there may not be a pension scheme and a company car, but rookie fraudsters are taking home approximately $18,700 (£15,000) a month with 'cybercriminal CEOs' making up to three times as much as their counterparts in legitimate businesses. According to a new report from Arkose Labs.
The return on investment for launching cyber attacks or committing online fraud is larger than ever before. Some of the highest earning fraudsters are known to be making around $7.5 million (£6 million) a year according to even the most conservative estimates. This is almost three times the amount that FTSE 100 chief executives were paid in 2020, when they earned an average $3.4m (£2.7m).
"The temptation for committing online fraud is higher than ever simply because the results yield thousands, if not millions of pounds, for even the newest and most junior cybercriminals in the chain," says Brett Johnson, a reformed cybercriminal recently hired by Arkose as its chief criminal officer. "Online criminals have a shopping list of opportunities available to them - everything from refund fraud to account takeover. They can almost pick and choose which type of fraud they want to commit. In particular, marketplace and messaging platforms have become vastly popularised in the fraud community where cybercriminals can promote their own personal fraud business, recommend attack tools and techniques, and offer free step-by-step guides for the rookie fraudster."
Among other findings of the report, bot-driven attacks are on the increase. Scraping attacks increased by 60 percent in the first three months of the year, while four percent of all logins were a credential stuffing attempt.
Attacks on metaverse companies have increased 40 percent since the end of 2021 too as fraudsters seek to exploit new and untested strategies. Industry specific attacks are also on the rise, fintechs have seen 2.5 times more attacks in the first quarter of 2022 compared to the two years previously, with 75 percent of attacks aimed at fintech companies focused on consumer logins. Gaming companies experienced 260 percent more attacks, including an 85 percent increase in fake account registrations, compared to Q4 of 2021.
The full report is available from the Arkose site.