BLOG

Taxonomy of Digital Threats: Defining the Four Categories of Risk

We recently hosted a webinar with Dr. Sam Small, ZeroFOX’s CSO, that outlines an understanding of types, tactics, and risk protection strategies required to combat today’s evolving cyber threats. For most organizations, digital engagement means business. Today’s institutions invest in digital platforms to engage with customers and ease support. However, cybercriminals also recognize the value of digital platforms and exploit this new and expanding attack surface. 

ZeroFOX has defined four distinct categories of digital threats. You’ll find definitions and examples of each below:

Digital Threat Category 1: Theft and financial fraud targeting customers and third parties

The first category of digital threats focuses on specific theft and financial fraud that targets both individual consumers and third parties. This category can be broken down into three specific types of threats: financial fraud, counterfeiting and piracy, and identity theft and credential stealing. Financial fraud targets customers and third parties and involves impersonating the company, brand or employees to send their credentials or send money without any items in return. 

Counterfeiting and piracy focus on targeting customers with fake versions of products or selling legitimate goods in an unauthorized manner. A major concern with this type of digital threat is fake coupons that are often posted on social media platforms, providing them a wide audience. Fake coupons and counterfeit goods can affect a company’s reputation and revenue.  

Fraudulent social media account selling counterfeit goods

Identity theft and credential-stealing involve cybercriminals profiting off stolen login credentials, account numbers and any other form of personal information. Once a bad actor gains an individual’s personal information, they can then sell that to other cybercriminals on dark web sites. 

Consumer scam example

Category 2: Attacks on reputation 

When a digital threat happens on an individual or company’s digital presence, it affects their entire reputation. These attacks are often conducted by ideologically or politically-driven hacktivists, competitors, customers or employees who are willing to slander the organization. Examples include posting fake or negative reviews, false information online and creating social media accounts to disseminate misleading information. 

Account takeovers can be damaging to executive reputation

Account takeovers are an easy way for bad actors to take advantage of a high-profile figure’s reputation and reach. These executives, celebrities and other targets often have massive followings that can be targeted with phishing links, offensive content and reputation-damaging content.

Category 3: Attacks against the enterprise and employees

Attacks specifically targeting whole organizations and their employees are also common on digital channels. This category can be broken down into four subsets: theft of employee data and credentials, theft of customers data, theft of IP, media content, and software, and the capture of infrastructure information. Examples of these four categories include spoofed website and social media accounts, phishing campaigns, social media account takeovers, information-stealing malware and fake apps.

Example of Business Email Compromise targeting employees

One example of an attack in this category is Business Email Compromise, a tactic involving the impersonation of a high-profile executive, such as the CEO or CFO, to coerce employees into divulging information or wiring funds. This type of tactic has risen greatly in popularity over the last 5 years and is difficult for traditional security tools to detect.

Category 4: Emerging threats

The final digital threat category is called emerging threats and includes threats and attacks that are being planned/discussed but have not been engaged in an actual attack yet. Emerging threats can be placed into two types: evidence of the intention of an attack targeting the enterprise or its executives, locations, or industry and discussion and development of a tool to exploit them. 

Example of leaked credit card images on a social media account

Emerging threats can be difficult to identify but comprehensive monitoring for attack planning and chatter across chatrooms, forums, social media and more can help thwart attacks before they reach your customers, employees and whole enterprise.  

Learn about all four categories in detail

Interested in learning more about how digital threats occur as well as the top digital threats and tactics facing modern organizations? Listen to the on-demand recording here