Cherchez la Femme or at least 30% of «Cyber-Criminals» are women – Report

Извините, этот текст доступен только на “Английский” и “Украинский”.

Women in cybercrime are more common than you think. The Infosecurity world moves at a glacial pace toward gender equity. A new study into gender and cybercrime has found that the criminal underground may be more accepting of women than the wider industry.


According to a recently published Trend Micro’s study, at least 30% – if not more – of cybercriminal forum users are women.


Trend Micro’s report, The Gender-equal Cybercriminal Underground, reveals how the company analyzed posts from a range of both English- and Russian-speaking hacker forums, and compared the data to more legitimate online communities.


The numbers show an impressive gap between legal and illegal communities. The researchers analyzed five English-speaking cybercrime forums: Sinister, Cracked, Breached, Hack Forums, and (now defunct) Raidforum. And they also inspected five Russian-language sites: XSS, Exploit, Vavilon, BHF, and WWH-Club. Users on these forums are largely anonymous.


Particularly, Trend Micro analyzed posts and traffic on these forums and found that, for English-speaking sites, some 40% of users appear to be women, and 42.6% of Russian cybercrime forum users were women, or at least write like them.


One forum, Sinister, had the highest number of female posters, at 61%. This is in stark contrast to the aboveboard forums.


«When compared to Stack Overflow, a developer and programming forum, only 12% of visitors were female,» Trend Micro’s experts revealed


The research also tracked the ages of the women visiting these forums, with the largest age group in the 25–34 bracket on both English- and Russian-speaking sites.


This data was compiled using Semrush, a machine-learning tool that can compare census data and information from social media to analyze content to identify gender online. Trend Micro does admit the process may be a little ropey, however.


“While the exact methodology used is proprietary,” the report says, “the company claims to draw on data from web traffic of over 200 million real internet users in 190 countries.”


The trend also used another machine-learning tool, Gender Analyzer V5, which can supposedly analyze text to uncover the gender of the writer. Here, the stats skew a little lower, with around 30% of posters suggested to be women.


The report also looks at some criminal areas where women are specifically sought after. Many hacking groups look for women to work in call centers “supporting” fake software, or to take part in romance scams where voice and video communication is called for to sell the con. They’re also often hired as mules to move money around.


Otherwise, though, Trend Micro has found the cybercriminal community to be largely merit-based. Skills matter, not gender, though in some communities, there remains some level of distrust towards women — but by and large, it’s not an issue.


Based on this, Trend Micro has one important advice for researchers and investigators: don’t assume that the person you are looking into is a male. Referring to threat actors using male pronouns as default introduces an element of gender bias, which could blind investigators.


“It is generally accepted that most cyber criminals are likely male. However, gender bias — whether explicit or implicit — can severely undermine a criminal investigation,” the report concludes.


“It is our recommendation for all investigators to avoid assumptions of male personas while carrying out their work (such as referring to a suspect as “he” or “his”) as this creates an inherent bias as they progress their case. We suggest instead to use “they,” which will not only cover any gender involved, but also force investigators to factor in that more than one person may be behind a single nickname under investigation.”


Source: Trendmicro.com

Related Posts



Извините, этот текст доступен только на “Английский” и “Украинский”. Over 709 million attempts to access phishing and scam websites in 2023 have been thwarted by Kaspersky’s anti-phishing system, marking a 40% increase compared to the previous year’s figures. Messaging apps, artificial intelligence platforms, social media services, and cryptocurrency exchanges were among the pathways most frequently […]


Ransomware surges as compliance stumbles – Thales Group

Извините, этот текст доступен только на “Английский” и “Украинский”. Thales announced the release of the 2024 Thales Data Threat Report, its annual report on the latest data security threats, trends, and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries across 37 industries. This year’s report found that […]


Romantic AI Chatbots Don’t Have Your Privacy at Heart

Извините, этот текст доступен только на “Английский” и “Украинский”. Experts have warned users of AI-powered “relationship” chatbots that their data and privacy are at risk, after failing all 11 apps they tested.   Non-profit Mozilla chose Valentine’s Day to release new research into the chatbots as part of its long-running *Privacy Not Included series of […]