Get free advice on all things IT


The 7 Worst Types Of Cyber Frauds


Just hearing the term ‘cyber fraud’ will probably want to make you log on and change every password you have, especially since these types of cyber attacks are growing to be more and more frequent on a global scale and nobody seems to be safe - not individuals and not businesses. Some of these attacks can be scary, some can leave permanent damage and some types are downright pathetic - so let’s take a look at the 7 worst types of cyber frauds.

cctv on green wall

Photo by Lucas Gallone on Unsplash

It’s important to understand that there are plenty of different types of cyber threats out there, ranging from phishing, where individuals pretend to be legitimate companies and try to take sensitive information such as passwords and credit card details, to ransomware, where hackers encrypt your data and hold it ransom until you pay a fee - blackmail, essentially. Sadly, the list doesn’t and won’t end there, and there will always be a new type of threat created with malicious intent. Some of the worst (and some pathetic!) types of cyber frauds and attacks include:


Although all of these attacks hit the headlines as major cases of cyber frauds and attacks, the same principles can be applied to much smaller businesses and organisations. In fact, it’s probably easier for attackers to turn their attention to smaller business, so let’s take a look at these cases in a little bit more detail.


The Yahoo! hack has gone down as the biggest data breach in history when it took place back in 2013. It did take Yahoo three years, though, to finally release an official statement where they admitted that over 500 million users had seen their data stolen by hackers.

It’s not clear exactly what was included in the data, but speculation suggests hackers took the names, email addresses, telephone numbers, dates of birth and even hashed passwords - which are passwords users create featured scrambled letters and characters to make it not as easy to hack. So, how did they do it? The hackers used
‘forged cookies,’ which are bits of code that stay in the user’s browser cache so that a website doesn’t require a login with every visit.

Yahoo users ended up being slightly fortunate, though, as the stolen data didn’t include payment or bank details, as they are all stored elsewhere, and this prompted Yahoo to urge users to change their passwords. While you could argue that both Yahoo and the millions of users probably got off lightly, it shows just how easy it is for hackers to gain sensitive data and then either sell it on to other hackers who would have certainly utilised bank accounts, or kept it for themselves and waited for the right time to attack and commit cyber fraud at your expense.


Sony warned its users back in 2011 that names, addresses and other sensitive information of around 77 million people with accounts on the PlayStation Network had been stolen. While the attack only lasted two days, it saw their online service affected for an entire month, while over 12,000 credit card details had also been stolen.

It was revealed
the the group ‘OurMine’ was behind the attack, and although they didn’t utilise the information or sell it on, it just shows how scary the situation can be. Firstly, Sony would have lost out on business as their universally-popular online services had to be suspended, while you have to wonder whether any other hacker would have acted in the same way when having 12,000 credit card details available; cyber fraud would be a safe assumption to make.


This event wasn’t the type of bank raid you see in the movies, it was on a much bigger scale where hackers based in Russia targeted hundreds of financial institutions worldwide, in which £650 million went missing, with British banks thought to have lost tens of millions of pounds after the gang spent two years orchestrating the attack.

They used a method called
spear phishing, where they sent an email, which appeared to come from a trusted source, and when somebody opened the email, the malware infected their systems and allowed the hackers to jump right into the bank’s network - and they were lurking there for months.

In fact, the software they had was so sophisticated that it allowed the criminals to view video feeds from ‘secure’ offices as they gathered data, and were able to impersonate bank staff online in order to transfer millions of pounds into dummy accounts. They were also able to instruct cash machines into dispensing money at random times of the day without a bank card, and they were eventually caught after an investigation was launched when a cash machine in Ukraine was spitting out money at random times.

This shows how even the largest of organisations are vulnerable to these types of cyber frauds, which makes individuals and smaller businesses more prone to falling victim to these highly impactful and clearly frightening attacks, where one wrong click can possibly make you lose your life savings.


The NHS ransomware attack is the most recent cyber attack to have happened in the UK, when a strain of ransomware named WannaCry crippled the NHS and also affected other major companies, such as FedEx. They tricked users into opening an attachment within an email which released malware onto their system, referred to as phishing.

Hospitals and GP surgeries were the biggest victims, as they had to revert to using pen and paper, cancelling appointments and turned away patients because of the ransomware. As always with ransomware, they demanded payments to restore access to their data and it’s just as easy to fall victim to this regardless of the size of your organisation, or even if it’s just you browsing the web at home.

The Ransomware attack on the NHSImage Credit

It’s a scary prospect to face, as your business could rely on your data and technology and if ransomware has taken control of it, the only way to secure it is by paying the sum they’re asking for and sometimes, they even increase the payment demands. Blackmail is fraud, even if it’s via the internet and the eventual impact can be massive, especially if your data is sensitive and the demands could be much higher and seriously damage you financially.


You can probably chalk this one in the pathetic category; it sounds like it did permanent damage as Google was the victim, but thankfully the impact wasn’t as serious in the end. In 2009, cyber attackers known as Operation Aurora stole intellectual property from Google and around 30 other companies after they were targeted by malware. The attack was traced back to China, but Google stopped short of accusing the Chinese government for the responsibility of the attacks.

Google then went on to reveal that the attack failed as the only ‘intellectual property’ that was stolen was that only two Gmail accounts had been partly accessed. In another interesting turn of events, the attack was traced back to two schools in China that had a partnership with Baidu - Google’s main search engine rival in China.

All of that effort for two Gmail accounts.


When a hacker gains access to a computer system, more often than not, the intent is malicious and, when multiple nuclear research facilities are the victim, things could get out of hand very quickly. That might have happened back in 2012, when it was reported that hackers got a worm into control systems of nuclear facilities in Iran.

malware started to do unexpected things such as shutting down monitoring stations and other hardware, but at random times in the night, it would activate workstations and make them play ‘Thunderstruck’ by legendary hard rock band AC/DC at maximum volume. It’s unclear whether that was the intention when they broke into the nuclear research facility, but you have to take into consideration the damage that could have been done had the hackers achieved their goal. Some people really have too much time on their hands but just in case you were wondering...


Another pathetic attempt and, once again, Sony is involved. Back in 2014, sensitive data was stolen includes employees and their families’ emails, addresses and financial information, along with movies and health records of some of the most famous actors in Hollywood. It was the Guardians of Peace who took credit for the blackmail attempt, but speculation suggested that another mega force in the world were largely involved.

Image Credit

It was thought that North Korea was involved as they thought Sony’s release of The Interview starring James Franco and Seth Rogen, a movie about the assassination of Kim Jong-un, was an act of terrorism. North Korea denied it, but congratulated the hackers by calling it a righteous deed. Considering North Korea have been involved in other hacking scandals, you probably can’t rule this attempt out either.

These types of attacks are only scratching the surface when it comes to the various types of cyber frauds, as you’ve probably come across scammers asking for information through emails while identity theft is another popular cyber fraud type, so it’s crucial to remain protected online.

The main reason why all of these cases are considered fraud is because the method might have been different in some cases, but the companies involved did lose a lot of money, either in having to pay fines or because they lost out on crucial business because of these attacks.


Ransomware has emerged as a detestable form of malware with hackers looking to make a profit at your misfortune in what is proving to be a popular form of cyber fraud. Why should we be forced to pay for data we already own? Thankfully, there are ways you can prevent this attack from happening, so you won’t need to be in that situation.

If you want to learn more about ransomware and how to prevent it from happening, check out our free eBook.

button to get a guide

FREE Case Consultation

Recent Posts