The Internet is a profitable business if you’re a thief

 

More and more businesses and people are conducting a large portion of their company’s dealings on the internet despite security being an issue.  Below we have listed a few of the ways today’s new breed of internet con-artist is fleecing sheep of their fur all the way to the loom.

 

Phishing: A growth industry for aspiring thieves

 

  You receive an e-mail that looks like it comes from the Better Business Bureau, with all the normal letterhead and all the bells and whistles one would associate with a message from the organization.  The message states that a complaint has been filed against the firm you work for and directs you to a site, which downloads a keystroke logger that picks up your personal information and relays it overseas where you can’t retrieve it.  Millions of people have been conned by scans like this, appearing to come from financial services, Internet providers, or retailers conducting daily business.  One of the most recent scans even hijacked the name of the Federal Trade Commission, which is responsible for prosecuting e-mail fraud.

 

  According to the Anti-Phishing Working Group there were about 37,000 websites overseas conducting such scams in May and about 23,000 phishing attacks were reported in May.

 

  Internet thieves’ tactics and scams have gone from random spam to e-mails that look like those from a bank or Major Corporation, with professional writing, well crafted stories and better websites.

 

  Popular con-artist techniques that ensnare consumers include associating the e-mail with a holiday or event, such as the Super Bowl or World Cup; spear-phishing, where the sender appears to be someone inside the firm you work for; or telling you that your bank account has been compromised, and then urging you to enter personal information into a fake site that looks like the bank’s.

 

  The profile of Internet phishers is changing according to law specialists as organized crime has figured out phishing is a more lucrative way and less risky business than selling drugs and is making the switch.  Terrorists groups according to specialists are exhorting young jihadists to use the computer to knock the United States to its knees.

 

  To protect yourself from phishing always delete e-mail that asks you to enter any kind of personal information at a linked website.  Second always access accounts directly through a browser, using your bookmark or by typing the institution’s Web address instead of clicking on a link provided.

 

  The Bank of America and Vanguard currently ask customers to select a personal image or phrase to appear whenever they access the site to let them know that the site their on is the real deal.

 

Viruses: Changing threats

 

  Virus infections have held steady for the past year and this is a mark of progress for consumers and software producers because the threat of infection has become more and more challenging in recent times.  Postini a security firm in San Carlos, California recently acquired by Google that processes a billion e-mail messages per day estimates 1 in 500 e-mail messages contain a virus that could affect a computer adversely.  And security software provider McAfee says more than a third of malware they have neutralized was introduced during the past two years that the threats are not slowing down.

 

·         Botnets: Something new

 

  Botnets are networks of hijacked home computers (known as zombies) that criminals use to hide behind while sending out their nefarious spam or infecting other computers, one of the most lucrative and fastest growing threats to Internet security Botnets hijack a computer by depositing malware on a user’s computer.  McAfee has reported that its customers have indicated more than 20 million such invasions of computers since 2003, while Symantec says that up to 14% of computers in the United States are currently infected with bots.  EarthLink, the Internet service provider, reports that it blocks around 7,000 to 30,000 zombies per day trying to gain access to someone’s computer.

 

  According to EarthLink up to eighty percent of the spam now traveling across the Internet comes from a zombie attack trying to gain access to someone’s computer.  Botnets have also been used by criminals to conduct phishing and denial of service attacks that bring down computer networks by overloading them with traffic.

 

·         Rootkits

  Rootkits is a type of malware used by hackers to hide another piece of malware on a system, changing a system so it lies to the user, hiding files, processes, registry keys, and communication sessions.  McAfee reports a 10% increase in Rootkits from early 2006 and into 2007, most of it being distributed by spammers.

 

·         New methods of delivery

 

  Google’s recent surveys of 4.5 million Web sites found around 10 percent of them were downloading malware without knowing it.  And the malware rather than attacking the computer’s operating system has been designed to take advantage of weaknesses in applications like iTunes, QuickTime, Flash, and WinZip, according to McAfee.

 

·         Social-networking websites

  Cybercriminals have started using social networks to launch their malware, spreading concerns that malicious code may spread so quickly as to be uncontrollable.  The links that connect one person’s social-networking site to another’s make it possible to download malware onto visitors’ systems, especially since many people using social networks have multiple links to many other sites.

 

  The solution for the average user who might not spot a virus until it has infected their PC and possibly disabled it is to always run and update antivirus software, operating system, and applications whenever in doubt about a computers possible infection.

 

  Internet providers will continue to fight malware whenever they find it; EarthLink has recently added a premium service that claims to track almost 300 tendencies of malware and Google recently acquired a product that protects a browser from malicious downloads.

 

  Well that’s it for this hub, join us next time for more information on security threats your computer faces every second it is connected to the web.  Next time we will talk specifically about different types of computer viruses and how to prevent them as well as information on the legal situation today.

 

 

  

~ by warrenhayashi on October 16, 2007.