There is a distinct lack of humanity when reading media reports or watching shows about cyber criminals. Pop-culture has perpetuated the myth that they are masked villains with skills indistinguishable from magic. Reports tout sensationalized, click-bait news and mass media follows suit with coverage of these untouchables. This scare cycle may seem harmless, but it instills the wrong kind of fear in people: an irrational belief that they cannot fight back.
Reality is a bit more mundane…
Cyber criminals are fundamentally people who prey upon others using age-old deception techniques with new technologies. The same motivations driving conventional thieves—greed, opportunity, ego, boredom—motivate the cyber criminal. This human-oriented look at cybercrime is largely missing from existing conversations on the topic. Said another way, “you don’t have a malware problem, you have an adversary problem.” You have a landscape of living threats.
Phishing emails look and feel like they come from your coworker down the hall. Vishing calls sound like they’re really from Microsoft tech support. And ransomware as a service operators provide better customer service than your bank. The same techniques a traditional confidence man would use to scam your grandparents are still in play, only hiding behind computer pixels and blue light.
By recognizing cyber criminals for who they are, people like you and I, fear retreats in place of wisdom in the face of danger. When in doubt, ask! After all, an ounce of prevention is worth a pound of cure.