In addition to the software-based threats we have just looked at, there is a range of other Internet threats which result from the activity of malicious individuals and/or groups, rather than being software-driven.
These threats are much more likely to be directed against people, rather than computer systems, and are therefore amongst the more dangerous Internet threats.
They include phishing, identity theft, hoaxes, ransomware, grooming and cyberbullying.
This is an extremely serious Internet threat and is becoming more common. The fraudsters use many techniques, such as phishing and spoofing (sending e-mails from false addresses) to obtain information about potential victims. This highly-confidential information is used to build a portfolio known as an identity document, which can be used to steal or gain access to financial assets.
Identity theft could include the use of someone's confidential information to order many different credit cards that could then be used by the criminals to buy different products to the limit of the cards.
If you are suspect that identity theft has taken place, you should immediately contact www.identity-theft.org.uk
This is the website of the UK authority dealing with the problem of Identity Theft. There are also International agencies involved in fighting this growing Internet threat.
Phishing is the Internet word for Fishing. You may have used the phrase "fishing for information". This is essentially what phishing is, but applied to the Internet rather than talking to someone face-to-face. It is related to the term Phreaking, used to describe the activities of phone phreaks, who attempt to manipulate the telephone system to obtain free phone calls.
Phishing is generally, is carried out by Internet criminals and fraudsters who wish to get their hands on a computer user's valuable personal information. This information usually includes credit card details, user login details and passwords.
Phishing works by a fraudster setting up a fake or spoof web site that is similar, or virtually identical to a legitimate web site, for example, a bank. An e-mail is then sent to many people (often millions) informing them that they must go to this website link in the e-mail and type in important information. The e-mail may tell them that if they fail to do this then they may end up losing money or that their bank account will not be secure.
This is a very effective scam because it is based upon people's fear. This kind of attack is often classed as a type of Social Engineering, as it is based on human characteristics rather than hardware or software.
Click to see a somewhat simplified phishing example ...
Ransomware is a relatively new and nasty Internet scam. It is a serious criminal act that is based upon a computer user's fear of losing important data and information.
This type of attack involves hacking into a user's system and encrypting critical files. The user is then be notified of this by e-mail and told that the only way to recover the files is by sending money to the blackmailer who will then reveal the password that will decrypt the files.
This type of threat is not reported often but it is believed that many people would rather pay the ransom and get their files back than go to the authorities with the fear that their files will never be recovered.