Clutching your wallet harder isn’t going to help.
These days, criminals aren’t looking to pick your pocket, mug you for your wallet or even rob a bank.
Those crimes still remain a threat. But increasingly, our money is being targeted digitally whereby cybercriminals look to steal data that in turn can be leveraged to perpetrate fraud.
October is Cybersecurity Awareness Month, an opportunity for financial institutions, government agencies and other organizations with a stake in preventing cybercrime to remind us about the ever-present, growing risks.
A new survey points to cybercrime already weighing heavily on the minds of Canadians. The recent poll by RBC found nearly 90 per cent of respondents experience fraudulent attempts daily with almost 60 per cent stating they have been notified of a security breach where their data is being kept.
“That’s up quite a bit from 2022,” says Adam Evans, chief information security officer at RBC, noting that the figure regarding data breaches was 20 per cent last year.
“What we’re seeing is a continual evolution and industrialization of cybercrime.”
According to one report, cybercrime accounts for trillions in dollars of losses globally, including about $7 trillion in 2021, up from about $4 trillion in 2015. And it’s expected to reach more than $12 trillion by 2025. Of note here, the entire global economic output for this year is estimated at about $120 trillion. (All figures here are estimates in Canadian dollars.)
In Canada, cyber-fraud and similar crimes cost Canadians $530 million in 2022, based on reports gathered from the Canadian Anti-Fraud Centre.
Keep in mind numbers are generally considered under-estimates as fraud is typically under-reported.
Another recent report by credit report provider TransUnion found about one in 20 digital transactions in Canada in the first six months of 2023 were suspected to be fraudulent. As well, fraud committed against telecommunications providers is up 400 per cent year over year, and 90 per cent against insurers.
“The pandemic really catapulted us into digital, particularly for businesses as a must-do to survive,” says Patrick Boudreau, head of identity management and fraud solutions at TransUnion Canada.
That move to online not just for consumers but for businesses and other organizations in such short order led to inevitable security gaps that criminals have exploited.
“If you go back four years ago, for example, insurance presence online was fairly low,” Boudreau says. Now with it commonplace to apply for insurance online, cybercriminals steal personal data gleaned from data breaches — a nearly daily occurrence — and from our social media feeds to create fake profiles, take out coverage policies, and make false claims.
Boudreau notes this is just one iteration of the many forms of cybercrime today.
“Criminals continuously try different approaches until they find a weak spot, and then they exploit it.”
Many are even state-sponsored (mostly Russia-supported), particularly with respect to ransomware attacks, a recent report from the Canadian government notes. Increasingly, criminals are creating ransomware to ‘lease out’ to other criminals not just to kidnap victims’ data by encrypting it, and only unlocking it after ransom payments are made.
They often copy the data and then still sell it to other criminals.
For the average person and even advisors, the best defence against this growing crime is vigilance and awareness of the increased sophistication of phishing attacks. These are fake emails, texts, ads aiming to trick us into providing our usernames and passwords, and, in turn, access to our emails, bank accounts and even networks at work. Another tip is to check your credit report, which you can do free with TransUnion and Equifax.
Generally speaking, Canadians are on high alert, as the RBC survey suggests, which found more than 80 per cent of respondents worried about their data being compromised.
One key challenge, however, is our presence online is constantly growing with most of us managing dozens of accounts — from banking to health apps, Evans says.
‘We’ve created this click culture where people want things now, signing up quickly only, not necessarily understanding the data being collected,” he says.
“You have to be more discerning.”
It’s not that these organizations are dodgy. Rather, each new account we have leaves us more exposed to a data breach.
Certainly, companies and governments are upping their defences constantly to stop breaches.
But even big tech firms face an ever-shifting challenges.
That includes Intel — one of the world’s largest semiconductor manufacturers.
“At Intel, providing security technologies capable of mitigating those risks is part of an effort evolving constantly,” says Ibett Acarapi with global cybersecurity with Intel, noting cybersecurity is essential to the world of finance operating efficiently.
“Although we have solutions more focused on the user and others focused on the cloud and the network itself, we acknowledge that threats are in constant development.”
Cybersecurity is an ongoing battle requiring tech companies to up their game.
Similarly small, independent financial firms, like Evans Financial Planning in Winnipeg, must now pay more attention to cybersecurity than ever before.
“My business is mainly carried out online and, so, cybersecurity is something I must put a lot of thought into,” says its founder Jason Evans, a fee-only certified financial planner.
That includes spending time reinforcing with clients — who are often approaching retirement — the need to be cyber-vigilant.
“Sometimes I get clients saying, ‘I am having trouble logging into the secure file sharing app we use; can you tell me my password?’”
In turn, Evans uses that as an opportunity to remind them that nobody but them should know their passwords, while encouraging them to use password manager software that can securely store all their log-in data.
“It’s all about seizing upon those moments to educate them toward being more cyber-aware and secure.”