Reckon the top users of Big Data are the likes of banks, consumer products companies and mass marketers? Maybe so, but there’s another industry altogether just as focused on maximising its take on your wallet. Cybercrime.
That’s according to Trend Micro senior software architecture director Jon Oliver. “Scammers are very astute people and a core component of their ‘business’ is the collection and use of large data sets,” he says.
It’s Big Data in action, with comprehensive user interfaces providing in-depth insights into infection rates, complete with the ability to run experiments to see how millions of ‘customers’ react to various tactics and malware exploits.
“There is a high level of Big Data professionalism in cybercrime because it delivers results – and those ‘customers’ are in reality victims,” Oliver confirms.
In a timeframe from 2010 to 2014, he says an evolution in scam attacks was noted, driven by the analysis and experimentation being conducted by highly organised criminal outfits. The more shots you take, the more hits you get; “That’s one side of it, yes, but there is also a strong element of improving the aim at what you’re shooting to drive up the conversion rate. We’ve seen scammers achieve conversion rates in their ‘customer bases’ of over 14%, up from 5% or less depending on the scam.”
It’s a hit rate that most marketers can only dream of.
No question then, that Big Data delivers the goods. “Doing careful measurement across their databases directly impacts how the attacks are carried out, and by extension, how successful they are,” Oliver adds.
While there is a little paranoia over government surveillance from some quarters, the more clear and present threat is likely to come from the scammers who have an even more powerful incentive – that of profit. However, Oliver says there’s no need to shut down your interaction with the Web, nor do you need to start wearing a tin foil hat.
Instead, in addition to the usual precautions which include always updating software when prompted to do so, using an Internet Security suite and being aware of social engineering techniques, he says there are other tactics you can employ.
“Use specific, long and complex passwords for your email and financial services, and use a password manager for all your other internet services. Use two-factor authentication where possible. And consider using a dedicated ‘safe’ device for banking and other sensitive services. In other words, take the same level of precautions and discipline you would in securing your house – and have a plan for what to do if you suspect a possible breach.”