What does a cyber criminal look for in a potential target?

A man types on a computer keyboard in Warsaw February 28, 2013 (Reuters)

Most people are aware of how important being secure online is, but a recent report shows that not everyone perceives that threat equally.

Norton by Symantec recently released its Cybersecurity Insights Report which delves into statistics of online crime in Canada, its perception among different age groups and the financial toll it can take on consumers. One of the most alarming statistics from that report is 28 per cent of Millennials surveyed believe they aren't interesting enough to be a target of cyber crime. If you fall into this category, and think you're immune to things like credit card fraud, unauthorized access to your email and more, you're in for a bit of a rude awakening.

As a Millennial myself, I'm guilty of having this frame of mind regarding cyber security. I don't share my account information, add locks to my devices and routinely change my passwords. What could possibly go wrong? Jamie Manuel, Information Protection Manager at Symantec, shares with us why that attitude needs to change.

"Millennials themselves are very confident that they are taking proper security measures but there are a number of factors that make them more at risk," Manuel says. "They are more likely to own many devices, their digital confidence may make them less cautious, they are more engaged online than other generations and many of them rely on organizations to take responsibility if a hack/attack occurs.

"People think that they are protected by being a part of the masses but, the truth is, if everyone is a potential target, the risk that you’ll become a victim is higher than expected."

In the past year, 7.3 million Canadians have been victims of online crime which translates roughly to around 1 in 5 which means that, unfortunately, no one is safe from cyber crime. Whether you're young, old, tech savvy or don't know how to work the digital video recorder, you're a potential victim in the eyes of a hacker.

As for target demographics and potential victims, Manuel says the hackers just go to where the masses are.

"Cybercriminals go where the people are. A surge in online shopping activity greatly increases the chance that they will take advantage and target both consumers and businesses for financial information exchanged online," Manuel says.

"The other reality is, almost anyone who has an email address, online accounts, a credit card or access to these things can be an attractive target. Cybercriminals are making huge financial profits by gaining access to online bank account details, credit card information and personal account information like social media networks."

Still don't think you're interesting enough to be a potential victim? That makes no difference to hackers as they're most likely selling off information they accumulate regardless of how ‘interesting’ you are. On the Symantec official blog, author Candid Wueest outlines just how much information can sell for:

• Scans of real passports (identity theft purposes) - $1 to $2

• Stolen gaming accounts (can yield valuable virtual items) - $10 to $15

• Custom malware (i.e. for stealing Bitcoins) - $12 to $3,500

• 1,000 followers on social networks - $1 to $12

• Stolen cloud accounts - $5 to $8

• Sending spam to 1 million verified email addresses - $70 to $150

The value of credit card information can vary widely, earning the seller anywhere from $0.10 to $20 apiece.

"Credit card information, on the other hand, has not decreased in value in recent years,” Wueest writes. “In 2007, this information was advertised at between $0.40 and $20 per piece. How much you pay can depend on a number of factors, such as the brand of the card, the country it comes from, the amount of the card’s metadata provided, volume discounts, and how recently the card data was stolen. In 2008, the average asking price for credit card data was slightly higher--$0.06 to $30--and later in the year it rose to from $0.85 to $30. Today, prices for stolen credit card information range between $0.10 and $20."

In the end, cyber security is all about the attitude and the steps you take towards protecting yourself from an attack. Hackers don't need someone interesting to victimize per se as it really doesn't matter to them. If you have a credit card, you're a target. If you have an email address, you're a target. If you have a mobile device, you're a target. If you have a social media profile, yup, you're a target. The only way to safeguard yourself is to take a proactive approach in protecting your digital information.

"Canadians that are not being proactive about their online safety are at a higher risk than those that are taking steps to keep themselves safe while online. While it sounds simple enough to do, people often don’t take the necessary actions to keep themselves safe until they either become a victim, or someone close to them becomes a victim," Manuel says.

"Many of us still have the ‘it won’t happen to me’ mentality which doesn’t help the millions of Canadian cybercrime victims per year."