How the Bad Guys Profit—What Are They After?

How the Bad Guys Profit—What Are They After?

What are they after?

We’ve mentioned several items of interest to criminals. Some are obvious: social security numbers, dates of birth, customer names, credit card numbers. Others may surprise you. Criminals hack into company computer systems for any number of reasons, including:

  1. Access to other SMBs’ data. If your business uses QuickBooks hosting online, for example, it may contain EINs and receivables data for hundreds of other small and mid-sized businesses. This provides criminals with additional inroads into future targets through the back door of your business.
  2. Email addresses of employees. These can be used for future phishing scams or sold to companies selling products.
  3. Intellectual property. SMBs hold patents, trademarks, and other forms of intellectual property that can be stolen by cyber intruders. Companies in other countries with less stringent IP laws manufacture the goods based on stolen IP, for example, threatening a business’ protection of their patent.
  4. Bank account information. If your firm regularly handles wire transfers to pay or receives payments, thieves scoop up the data to use them to ‘rob’ bank accounts through virtual transfers.
  5. File for fraudulent tax returns.Data captured by criminals has been used for IRS scams and fraudulent tax returns.
  6. Health insurance and Medicaid fraud. Medical, dental, and psychiatric practices, hospitals, healthcare centers, nursing homes, and medical companies may contain vital information on health insurance and Medicaid reimbursement that criminals use to commit insurance or Medicaid fraud.
  7. Corporate espionage. Stealing secrets isn’t limited to governments. Secrets may be strategic plans, customer lists, or product development ideas that can be sold to third parties.

For these seven items thieves are after, there are probably 77 more hidden within your corporate files that can be sold, exploited, or shared to your company’s detriment.

To use an analogy, consider your home. Inside your home are items of obvious resale value, such as televisions, electronics, computers, and jewelry. But you may not remember the nearly-empty bottle of prescription painkillers in the medicine cabinet from when your son had his wisdom teeth extracted. A thief can sell five pills on the street for money. You may have power tools in the basement that you use rarely, but these can also be sold. And the keys to your backyard shed hanging up in the kitchen make it easy for thieves to break into that outbuilding and steal the lawn mower.

Your company is like your home. There are obvious items of value for resale, but there are also items you might not consider valuable that thieves do. Like protecting your home with solid locks, stout doors, cameras, and alarm systems, cybersecurity protects against intrusion and guards everything within.


Stay tuned in our Cybersecurity series for the continued post.


Leave a Reply