Friends, it’s getting ugly in America. Criminal acts of every sort appear to be multiplying (or maybe the 24 hour news cycle makes it seem so?). Violent crimes are the most frightening and with good reason, but cybercrimes also victimize those who it touches, and create white collar violence for businesses and private citizens. Numerous sources can confirm that it is not my imagination that this pernicious crime is becoming more common and dangerous.
Earlier this month, nearly 280 million students at 8,8oo+ schools, who were in the midst of studying for final exams, were confronted with a ransomware data extortion attack aimed at Canvas learning management system. Students at Georgetown University, University of Pennsylvania, MIT, Harvard University, Duke University and Princeton University, plus Oxford University (UK) and schools in Australia, the EU and other US schools were impacted. Canvas went dark on May 1 and could not function until May 7, stranding students who were unable to submit assignments or study. The cybercrime syndicate threatened to leak student data—names, email addresses and student ID numbers, but not birthdays, government IDs, or passwords, which could not be accessed—unless Canvas made a payment. Instructure, the Canvas parent company, paid an undisclosed amount to the gang on May 12. Other noteworthy recent cybercrimes include a data breach at both booking.com (April 2026) and Dell Technologies (May 2026).
Cybersecurity Ventures estimates that cybercrime lost $10.5 trillion in 2025, making it a voracious, globally and universally impactful, expense that continues to escalate Cybercrime To Cost The World $12.2 Trillion Annually By 2031. The average cost of a data breach in 2025 exceeded $4.4 million worldwide and exceeded $10 million in the US, driven not just by clean-up expenses, but also costs associated with system downtime, legal fees, regulatory fines and diminished brand trust, as noted in Global Data Breach Costs Drop But Lack of AI Risk Mitigation Poses Problems, IBM Report Finds These numbers indicate a fundamental change: company failure now directly correlates with cybersecurity failure. The numerous disturbing reports unequivocally indicate that cyberthreats are not just occasional incidents, but an ongoing menace. Common cybercrimes that often target individuals include:
- Digital skimming is the set-up for unauthorized use of your credit or debit card information; it is also a potential gateway for identity theft. A skimming scam is often impossible to detect until the fraudsters raid your credit or debit card at an ATM machine or use your money to splurge on an unauthorized shopping spree. Favorite skimming locations are point-of-sale terminals at gas stations and mobile commerce markets. E-commerce websites whose check-out page has loose security measures is another favorite portal for malware that enables the capture of credit or debit account numbers—and maybe other sensitive info as well. For in-person transactions tap your card when the option is available, rather than inserting your chip card into the terminal, to avoid using the magnetic stripe that exposes your name and account expiration date. Regarding online shopping, digital skimming of a website is essentially impossible to detect. An old-school work-around is to phone in your order and speak with a human sales associate (or virtual assistant) to guarantee that your order is legitimately processed. Another option is to ask your bank to generate a virtual credit card for you, a temporary card that’s linked to your card account. If a virtual card number is hacked by a skimmer, the number cannot be reused; also, you can deactivate the stolen virtual card without affecting the real card. You might also use Pay Pal, Google Pay, or Apple Pay for card purchases; they are digital wallets that use tokenized payment data and don’t transmit actual card numbers to the merchant. If an e-commerce site is compromised by a skimmer, the cybercriminal will be unable to obtain your card info. Finally, it’s a good idea to set-up instant notifications for all credit and debit card transactions and receive activity alerts via text message or mobile app. This won’t prevent skimming, but it will help you learn of unauthorized charges immediately so you can call customer service.
- Phishing attacks are carried out by hackers who send emails that appear to originate from a trusted source. Obtaining usernames and passwords and asking you to download a file—which will contain malware—is the goal. There is a variation of this crime, known as spear phishing, when cybercriminals research targets to learn personal information and use it to craft relevant messages that is sent to targets as a way to build trust and more easily persuade them to drop their guard and enable the scam. The best way to avoid a phishing attack is to pay attention to the sender’s email address. For example, if your city or town appears to be the sender of an email that asks you to reply by sending your payment card number to settle a certain municipal bill, maybe a water or tax bill, remember that the email address will be .gov and not .com, or .biz., for example.
- Are you a robot? Now there’s a Captcha scam prowling through our digital networks, lying in wait for compliant targets who are just trying to log onto a website. The goal is to introduce a virus to your computer by installing malware that will allow cybercriminals to obtain access to all manner of sensitive information, from your workplace or personal email logins to your financial account credentials, such as crypto-currency wallets and other payment system info. The Captcha cybercrime can even hijack your browser and subject you to an avalanche of pop-up ads and other online annoyances. If Captcha asks you to not only check the box and verify that you are not a robot, but also asks you to press a sequence of keys, open a “run” box, or copy/paste a code, it is a scam. Close the window and disconnect from Wi-Fi immediately.
- Social engineering is a growing enabler of cybercrime. Basically, the hackers ask you to open the door and let them in. Social engineering is a form of psychological manipulation used to control a targeted individual. It employs universal human traits such as trust, curiosity, fear, politeness and deferring to perceived authority to trick individuals into revealing sensitive information or performing actions that compromise security—because they think they should. Phishing and spear phishing are examples of the con. Cybercriminals have figured out that human beings are the weakest link in the security system; it’s easier to trick someone into providing sensitive information than it is to locate security gaps in computer systems. Attackers use a variety of social platforms and other methods to engage in deceptive behavior that’s devised to hoodwink unsuspecting victims. The hackers encourage, or even coerce, their targets into disclosing restricted credentials and other sensitive data to obtain access to devices, digital information, or company facilities.
Advances in digital technologies have, unfortunately, facilitated the emergence of increasingly creative cybercrime syndicates. What was once often a “belt + suspenders” strategy implemented by the more prudent business owners, comprehensive cybersecurity measures are now a must-have component of an effective risk management strategy. Today, a robust cybersecurity defense is not only an operational competitive advantage that promotes organizational resilience, but also a strategy that strengthens the brand reputation by protecting both organizational and customer data. Going forward, companies of every size must accept that cybersecurity is now a standard business expense. As per Andrew Rinaldi, co-founder at Defendify, a cybersecurity provider, an overview of common cybercrimes that target organizations are:
Denial-of-Service (DoS) and distributed-denial-of-service (DDoS) attacks
A Denial-of-Service attack overwhelms your device or company network operating ability and prevents legitimate users from accessing the system. The DoS attack bombards the victim with a flood of traffic or information designed to crash the system. Unlike other types of hacking, DoS attacks are usually initiated by an aggressive competitor who uses the attack to disrupt your website and gain an advantage. Another DoS attack motivation could serve as a diversion for an even more damaging cyberattack, such as a ransomware takeover. A DDoS attack is a ratcheted-up DoS attack, intensified by launching the takeover from multiple host computers. This type of attack overwhelms a company’s website or online service and causes it to malfunction and otherwise become inaccessible.
Man-in-the-Middle (MITM) attacks
An MITM attack occurs when hackers literally insert themselves between the user and the services s/he intends to interact with. The MITM cyberattacker intercepts communication between the user and the platform by imitating the website and hijacking online activity—think eavesdropping. In some cases, email conversations can be intercepted and altered, if the attacker decides to control the conversation. Obtaining the ability to make unauthorized purchases by stealing credit and debit card account numbers and other financial credentials that may include identity theft is the usual motive. Unfortunately, no single method can prevent all types of MITM attacks. However, requesting that site users choose strong passwords, requiring multi-factor authentication for user login and using a virtual private network (VPN) to encrypt network traffic and avoiding the use of unsecured public Wi-Fi service.
Drive-by-download attacks
These attacks have the ability to spread malware throughout a wide geographic area. In this scenario, the cyberattacker digitally tracks insecure websites that are susceptible to hacking and inserts the malicious code into vulnerable sites. When an unsuspecting website visitor accesses the infected site, s/he might unintentionally download and install malicious code or be redirected to a fraudulent site created by the attacker. Unlike other types of cyberthreats, a drive-by download doesn’t require the user to take an action, like clicking a button or opening an email, to be infected. All you have to do is visit a website—yikes!
The best way to prevent this type of attack is to keep their internet browsers and operating systems updated and avoid insecure websites, whenever possible. The drive-by is yet another reason to speak with a website security expert to obtain a vulnerability assessment and discuss what you can do to preserve the functioning of your website, the privacy of your data, the trust of your customers and the integrity of your brand.
Ransomware
Ransomware is the leading cyberthreat in the world. As of 4Q2025, 24% reported a ransomware attack, up from 18.6% in 2024. The rise of ransomware cybercrimes is driven by artificial intelligence and the increasing sophistication of phishing schemes. Phishing is the leading attack vector of ransomware cyberattacks and 46% of the ransomware targets confirmed that a phishing attack led the way. Stolen credentials accounted for another 25% of ransomware attacks.
Ransomware continues to become more user-friendly and sophisticated, most recently with the availability of (are you ready for this?) Ransomware-as-a-Service, which allows less technically gifted criminals to carry out attacks, enabled by deepfake technology that makes it easier to outwit security systems. Furthermore, new and more anonymous cryptocurrencies have made it easier to transfer, launder and spend the ransom money without being traced. To coax targets to pay up, hackers commonly resort to various threat campaigns, such as data theft and public disclosure. See the Canvas ransomware attack that hijacked final exams and papers.
Agentic cyberattack
AI agents help hackers to launch more sophisticated and damaging attacks by making it easier to identify weaknesses in cybersecurity systems. Unlike traditional attacks that rely on humans to make decisions and coordinate the action, agentic cyberattacks use agentic AI systems that mimic human decision‑making—only better. AI agents can operate with limited human supervision and also adapt to changing circumstances in real time. Often, multiple AI agents work together, with each handling different tasks. Meaning, an AI agent can carry out the cyberattack. It can execute complex, multi‑stage attacks faster and more consistently than human teams and its ability to quickly adapt makes detection harder, because the attack strategy can change dynamically IRT, if necessary.
On the defense side, Agentic AI and AI agents are beefing up cybersecurity by automating decision-making and adapting to evolving threats (Columbus, 2025). AI systems enable dynamic access management by adjusting user access based on behavior and risk, aligning with zero trust principles—that is, no social engineering con games. Additionally, agentic AI continuously monitors activities, identifying anomalous patterns to detect and mitigate insider threats before they escalate. Agentic AI enhances workflow efficiency by automating tasks like alert triage and incident response, with applications in cybersecurity for autonomous threat detection and response (Lisowski, 2024). Organizations adopting agentic AI for security and governance are reporting significant benefits, including faster decision-making, and improved risk management (Chiodi, 2025).
Deepfake and synthetic cyberattacks
Attackers increasingly use deepfake audio and video to impersonate trusted individuals to gain access to secure systems—more evidence of social engineering. Deepfake video and Generative AI have introduced new risks by making impersonation and fraud more difficult to recognize. The technological advances have given rise to a growing underground economy that offers Deepfake- as-a-Service to cybercriminals by creating customized audio and/or video clips that impersonate requested high-ranking trusted targets who can “authorize” the crime.
In other words, phishing campaigns are now trending toward workflows. for example, a bank manager wired $35 million after receiving a call from a director at the bank, whose “voice”—which in reality was an AI clone that gained trust by way of forged emails—he thought he recognized. Financial approvals, vendor onboarding, contract renewals, payroll changes and legal sign-offs are especially vulnerable to deepfake attacks. These workflows often assume legitimacy because they are frequent requests and time-sensitive. Instead of sending a single malicious email, deepfake attackers simulate full conversations. They build rapport. They reference previous messages. Over time, they can create a narrative that feels real. These conversations are all-too-often able to position the ultimate request—the crime—as simply doing your job. Deepfake phishing and synthetic cyberattacks succeed because the scam avoids obvious red flags. Content doesn’t read as malicious. Sender email looks legit. Context makes sense. Nothing seems suspicious.
Assess and implement your cybersecurity needs
Small and medium-sized businesses, a category that includes Freelance professionals, are more frequent targets of cybercrime than larger companies, industry research shows. The hackers know that smaller organizations often do not have the funds to install a sophisticated cybersecurity system (per social engineering). Because the devil never sleeps, you must realize that it is time for Freelancers and SMB owners to provide a line item budget for cybersecurity. Finding that budget may be a stretch but compared to the cost incurred if the unthinkable happens, the additional expense will seem quite reasonable. Take a look at your P & L to see where you might be able to trim an expense. Better still, brainstorm how you might be able to increase monthly revenue, if only modestly. Research cybersecurity providers to receive an assessment of your digital system and pricing info. The time to act is now, before the bad guys (and gals) discover your business.
Thanks for reading,
Kim
Image: © Gorodenkoff Productions for iStock
Freelancetheconsultantsdiary's Blog 