Who Are Cybercriminals?
"These are individuals or groups engaged in illegal online or phone-based activities, usually with the goal of financial gain or acquiring confidential information," explains cybersecurity specialist L. Apynis. Online scammers seek access to sensitive personal or organizational data, attempt to disrupt computer systems, or deceive victims into transferring money using various techniques such as malware, network intrusions, and social engineering scams.
Not all cybercriminals are highly skilled IT professionals. "Some may have completed IT studies or professional courses, but the majority only possess basic IT knowledge and use simple tools. Most phone scammers are quickly trained and only learn how to deceive victims and extract money," says the cybersecurity expert.
The skill levels of online criminals vary depending on their objectives, the scale of their operations, and their methods. However, the most skilled cybercriminals pose the greatest threat, as they can carry out complex attacks, such as espionage or financial data theft.
Do Cybercriminals Work Alone or in Groups?
Cybercriminals operate both individually and in organized groups, depending on the scale of their activities. "There are hacker groups worldwide that are state-sponsored and aim for political or economic advantages through long-term strategies like cyber espionage," comments cybersecurity expert L. Apynis.
Organized cybercriminal teams are well-structured and carry out sophisticated operations such as financial data theft or infrastructure disruption. Each member has a specific role, such as developing malware or hacking systems. In contrast, individual scammers often engage in simpler fraud schemes, while more complex attacks—such as botnet creation—require teamwork and substantial investments.
How Do People Become Cybercriminals?
People often become cybercriminals due to financial motives. Cyber recruiters look for individuals attracted by the promise of "quick and easy money." "Whether for financial gain, curiosity, or involvement in criminal organizations, individuals are often drawn into certain communities that offer opportunities to earn money illegally," says L. Apynis.
One example is investing in a "money mule"—a person who knowingly or unknowingly participates in money laundering by transferring or handling funds from illicit activities. This helps fraudsters obscure the true source of their money and makes it harder for law enforcement to track them down.
The global network of cybercriminals is expanding rapidly. Deceiving someone over the phone or online does not require extensive IT knowledge, as fraud schemes are pre-designed and easy to follow. "Although this may seem like an attractive way to earn money, it’s crucial to understand that engaging in such activities makes you a criminal subject to legal consequences. Moreover, even cybercriminals themselves are often deceived by their own recruiters," adds L. Apynis.
What Are the Main Ways Cybercriminals Try to Deceive Us?
"The most common fraud tactics include email phishing, social engineering, malware, fake websites, and compromised online stores. This year, we’ve noticed an increase in smishing and vishing attempts," says Baltimax cybersecurity engineer and ESET internet security expert L. Apynis, explaining these methods in detail:
- Smishing (SMS phishing) – This scam involves sending fraudulent text messages, often impersonating trusted organizations like banks or courier services. These messages may urge the recipient to click on a link or provide personal information. Clicking the link can lead to a fake website designed to steal personal data.
- Vishing (voice phishing) – This scam involves fraudsters calling victims while posing as representatives of official institutions, banks, or IT support. Their goal is to trick victims into revealing sensitive information, such as login credentials or banking details.
"We can combat cybercriminals by educating the public and implementing various security measures, such as additional antivirus protection. Cooperation is also crucial—we report fraudulent websites and information to relevant authorities. Companies should invest in advanced security solutions and provide cybersecurity training for employees," explains the expert. "Moreover, if scammers call you, do not argue or provoke them, as this could lead to an influx of spam messages or calls. The best approach is to simply end the conversation and not waste time."
4 Steps to Combat Cybercriminals:
- Public Awareness and Information Sharing – Experts and the media should educate people about cyber fraud tactics and how to recognize them, encourage caution when sharing personal data, and collaborate with law enforcement by reporting new scams to colleagues and loved ones.
- Collaboration – Report fraudulent websites and activities to the National Cyber Security Center (NKSC) and other relevant organizations.
- Security Measures – Use various security tools, including reliable cybersecurity solutions and two-factor authentication. Companies should implement advanced security strategies, educate employees about potential risks, and conduct cybersecurity training and simulations.
- Joint Efforts – Individuals, organizations, and government institutions should unite their efforts to make it more difficult for scammers to succeed.
