The Unusual Suspects: The Professional 2020
The Professional works a 9-to-5 day at a company that might look like a legitimate operation however in reality, it’s anything but.
The Professional is engaged in cybercrime or cyber-enabled crime, running phone support scams, writing software for other criminals, or helping prop up the cybercrime supply chain.
At the top of the tree, the Professional may operate money-making resources such as botnets or exploit kits, also marketing them for hire as outsourced services to other criminal groups.


The Professional is a career cyber criminal who may well have made the jump from traditional organised crime into cyber-enabled fraud. They’ve got the skills and experience to evade detection and understand the structure of the organisations they break into. 
An example of the Professional’s work might include cold-calling members of the public under the pretence of technical support in order to persuade them to download malware. The Professional is equally likely to infect people’s PCs with malware via spam campaigns or ‘malvertising’ (online ads laced with malicious software), or responsible for administering part of a botnet under an affiliate model.


The Professional is motivated by one thing: money – and the more of it they can get their hands on, the better. The Professional shies away from the riskier illegal pastimes – bank robbery, cheque fraud and the like – and instead uses technology to lower their risk and exposure to the consequences.
That also means they’ll take a long view of realising the profit from their activities, prioritising low-profile, long term scams over smash and grab tactics. The Professional will have built up a solid reputation and a network of contacts, consultants and others, many of whom they’ve likely never met face-to-face.
It’s entirely possible that more junior Professionals may start what they think is a legitimate job – for example as a social media specialist with foreign language skills – and find they are actually working for a criminal or nation-state backed criminal enterprise.

Modus Operandi

‘Cybercrime as a Service’ - the creation and sale of the tools of cyber crime by third parties to criminals - has boomed over the last few years.  This supports the evidence that marketplaces for specialist cyber crime skills for organised criminals are well-established.
In early 2014, Interpol took down a crime ring behind the Blackshades malware – which was paying salaries to staff and had even hired a marketing director. Criminals also hire IT experts for the same reason that normal companies do: specialist tasks such as supply chain optimisation need to be addressed by crooks as well as legitimate organisations.
Business fraud, hacking and phishing are the go-to techniques used by most of the Professionals. Businesses are set up specifically to scam vulnerable members of the public though fraudulent cold calls offering un-needed technical support contracts or email scams. Spammers, Advanced Fee fraudsters and others have also been known to work recognisable ‘office hours’ and gather together in organisations with defined roles, including finance, leadership and project management.
More recently, the Professional has been keen to conduct one-off, high-value scams such as ‘Whaling’,  where the Professional emails senior finance staff pretending to be their CEO, telling them to make urgent payments (into the Professional’s account). While simple on paper, this is surprisingly effective, exploiting the authority that the CEO has over the duped individual.

Get in touch and speak with one of our experts, or download The Unusual Suspects Overview to find out more:

The Unusual Suspects overview   Contact us


The Unusual Suspects overview

600.4 KB

12 Default Profile Image
Head of External Communications
Media Team
Digital Intelligence