Page 33 - Banking Finance September 2025
P. 33
ARTICLE
vesting and adopt strategies to safeguard personal and or- 2. Identity Theft
ganizational data. Data harvesting is a goldmine for identity thieves. With ac-
cess to personal identifiers such as passport details, or
What is Data Harvesting? Aadhaar numbers, fraudsters can impersonate individuals to
Data harvesting refers to the systematic collection and ag- open bank accounts, secure loans, or conduct fraudulent
gregation of personal and behavioural data from a multi- transactions. These crimes often go undetected until signifi-
tude of sources, often conducted on an unprecedented cant damage has been done, leaving victims to grapple with
scale. Legitimate businesses leverage this practice to en- financial and reputational fallout.
hance user experiences, customize services, and drive data-
driven decision-making. However, the ethical boundaries of 3. Deepfake and Impersonation Scams
data harvesting are frequently blurred, especially when sen- Harvested images, videos, and voice recordings have be-
sitive information is extracted without explicit consent. The come tools for creating deepfakes-highly realistic digital im-
methods employed range from relatively benign data scrap- personations of individuals. These sophisticated forgeries are
ing to invasive techniques that tread into questionable le- increasingly used in extortion, blackmail, or impersonation
gal territories. scams. By manipulating trust in digital communications,
deepfake scams can wreak havoc on personal and profes-
Malicious actors exploit this expansive digital ecosystem by sional relationships, further eroding confidence in online
employing deceptive practices such as phishing campaigns, interactions.
fraudulent applications, and social media scraping. These
methods allow them to amass troves of valuable informa- 4. Account Takeovers
tion, often without the knowledge or permission of the in- Harvested data frequently includes login credentials or clues
dividuals involved. Compounding this issue is the prolifera- to password recovery questions. Cybercriminals exploit these
tion of stolen datasets readily available for purchase on the
vulnerabilities to hijack online accounts, enabling unautho-
dark web, creating a thriving underground marketplace. rized transactions, data theft, and further fraud schemes
This clandestine trade fuels a cycle of exploitation, enabling targeting the victim's contacts. The ripple effect of these
cybercriminals to weaponize personal data for nefarious takeovers can compromise entire networks, amplifying the
purposes. scope of the attack.
The Role of Data Harvesting in Cyber 5. Grief Harvesting Scams
Frauds One of the most insidious forms of cyber fraud involves grief
Harvested data acts as the backbone of many cyber fraud harvesting. Scammers target bereaved individuals by scrap-
schemes. With access to personal details such as names, ad- ing obituary announcements and related social media posts
dresses, phone numbers, bank details, and even social me-
dia activity, scammers can craft highly convincing attacks.
Here are a few ways data harvesting enables cyber fraud:
1. Phishing and Spear Phishing
Phishing scams-where attackers trick individuals into provid-
ing sensitive information-have become increasingly effective
due to data harvesting. By leveraging harvested data,
scammers can create emails or messages that appear highly
authentic. These tailored communications often mimic
trusted entities, luring victims into clicking malicious links or
sharing confidential information. Spear phishing, a more tar-
geted variant, uses detailed personal data to exploit spe-
cific individuals, frequently leading to unauthorized access
to sensitive accounts or systems.
30 | 2025 | SEPTEMBER | BANKING FINANCE
