Phishers and cyber criminals get smarter
RAVI BHASIN
Phishers and cyber criminals get smarter
By- SecurityPark.net
26/01/2007
CA,
Inc's latest report warns of a new level of cyber-crime potential as
increasingly sophisticated attackers aim to steal intellectual property,
personal identities and the contents of bank accounts across international
borders, and within organizations and social networks.
Predictions from the CA 2007 Internet Threat Outlook include:
1. Blended threats will continue to evolve:
Attackers
will increasingly use multi-phased exploits to take control of unsuspecting
users' computers, steal private information, and perpetrate other attacks.
2. Phishers will get smarter:
Users
should expect social engineering tactics to become more convincing and more
effectively targeted at the knowledgeable user. Fake phishing emails with
subjects such as "to verify your account" will be replaced by more clever
attempts, such as worms disguised as "mail failure" notices.
3. Spam will increase:
Due
to the low cost of sending mass spam – especially through botnets – cyber
criminals will increasingly use this medium to distribute trojans.
4. Targeted attacks will increase:
Criminals
or disgruntled employees can use malware for corporate espionage or to steal
intellectual property. For example, an employee's home or office computer can
be infected by visiting a pornography or gambling site where criminals have
planted a keylogger or spyware to transmit salable information. Criminals also
can use ransomware to "kidnap" a user's data until the user is willing to pay
for its release.
5. The rise of kernel rootkits:
A
rootkit is a cloaking technology that allows an intruder to hide malicious
activity on a previously compromised machine. Using a rootkit, an attacker can
hide malware such as backdoors, sniffers and keyloggers. Kernel rootkits add
code or replace a portion of kernel code with modified code to hide a backdoor.
6. Increased exploitation of browser and
application vulnerabilities beware:
As
cyber criminals find it harder to break through Security defenses with traditional attacks, they will
increasingly exploit vulnerabilities in Web browsers and applications.
7. Typo-squatting on search engines:
Hackers
will increasingly seek to poison search engine rankings and to perpetrate
click-fraud on ad networks. Typo-squatting – linking easily mistyped domains to
malicious sites – will become more prevalent.
Criminals are preying on consumers and small businesses via these "free"
anti-spyware programs that actually contain the malware they purport to address.
Instead of cleaning users' computers, these attackers try to get money from
users through deception.
http://www.securitypark.co.uk/article.asp?articleid=26395&CategoryID=1