What is malware?
Malware is any software used by criminals to maliciously access devices and obtain personal information to commit fraud. Around half of all cases of credit card fraud are committed using malware.
This can include spyware, ransomware, computer viruses, and cryptoworms, such as the WannaCry attack in 2017. Targeting computers with a Microsoft Windows operating system, WannaCry encrypted data and demanded ransom payments for their decryption. This attack affected over 200,000 devices in 150 countries.
Criminals may use your personal information to commit identity fraud or sell it on to other criminals once they have it. This results in the loss of billions of dollars every year to sophisticated online attacks.
How do criminals use malware?
There are a number of different ways criminals use malware to gain personal and financial details of their victims.
One of the most popular methods is through phishing scams. Fraudsters send unsolicited emails that appear to be from a reliable source, such as a credit card company or bank. These emails will include links to domains that mimic legitimate websites. When someone clicks on these links, they will be asked to input sensitive details, or malware will be unknowingly downloaded on their device.
Spyware may be one form of malware that is downloaded onto a victim’s device. This can run in the background while the victim goes about their usual activities. The software can monitor and track a variety of information to collect sensitive information.
Ransomware is another common form of malware software. As the name suggests, in the case of ransomware attacks, cybercriminals obtain sensitive data and demand a ransom for the individual or corporation to regain access. Criminals will often request that these ransoms be paid using cryptocurrencies like Bitcoin, as they are anonymous and untraceable.
Examples of malware and how they work
- Phising scam: criminals send legitimate-looking emails with links that collect sensitive information or unknowingly download malware software.
- Spyware: This software runs in the background of a device, monitoring online activity and keystrokes to steal information.
- Ransomware: Criminals steal sensitive data and files and demand the vicitm pays a ransom to regain access to them.
Victims can face serious financial repercussions regardless of the ransomware the fraudster uses. Costs might include restoring affected credit records, fixing infected devices, and increased insurance premiums as a result of fraudulent activity in the victim’s name.
How to reduce the risk of malware attacks
It’s important to stay proactive to reduce your risk of falling victim to malware attacks. You should always use strong passwords and remain wary of unsolicited emails. Check the sender’s full email address and do not open messages from unknown sources. Delete an email if you suspect that it is spam.
You can also check the legitimacy of a website by checking that it has ‘https’ in the URL or a padlock icon near the top of the browser window. If you cannot see either of these things, do not enter your details on the website, and avoid downloading any software from sites that appear untrustworthy.
Protect your devices with antivirus software, firewalls, and antispyware protection. Regularly run updates on all your devices, including smartphones. You should also back up important files either on an external drive or via cloud computing.
What to do if you think you have fallen victim
If you suspect that you may have fallen victim to a credit card scam, you should immediately report this to your card issuer. They will cancel the compromised card, send you a new one, and launch an investigation into the fraudulent activity.
You may need to file a police report and an identity theft report with the Federal Trade Commission (FTC) if other personal information is stolen, like your Social Security Number. You should also set up a fraud alert with at least one of the major credit bureaus. This will notify you when new credit applications are made in your name.
To remain vigilant, you should regularly check your bank and credit card statements, as well as reviewing your credit report for any unauthorized activity.
The Brex Mastercard® Corporate Credit Card is issued by Emigrant Bank, Member FDIC. Terms and conditions apply. See the Brex Platform Agreement for details.
Brex Inc. provides a corporate card. Brex Treasury LLC is an affiliated SEC-registered broker-dealer and member of FINRA and SIPC that provides Brex Cash, a program that allows customers to sweep uninvested cash balances into certain money market mutual funds. Investing in securities products involves risk, including possible loss of principal. Neither Brex Inc. nor any of its affiliates is a bank. Please see brex.com/cash for important legal disclosures.