Monday, March 19, 2007

IDentiWall makes phishing irrelevant

Threats on the net



By Stephen Cole
Presenter, BBC Click Online

The internet presents many opportunities for con-artists and fraudsters. Internet security experts Messagelabs have been examining the threats of the past year.

Here is a guide to the biggest threats to your computer's security.


Nasty little programs that can wreck your system or take control of your computer, viruses are still a growing threat.

In 2004, one in 16 e-mails was infected - that is 6%. The biggest offender of the year was the MyDoom "A" virus.

This, like a lot of malware, opens a backdoor in your computer system, allowing any program to be downloaded and run on your machine.

We are also seeing a shift in the motives of viruses writers.

Some, seduced by dirty money, are trying to take control of your PC and sell its resources to organised crime.

What on earth can they want with your computer? They want to make it part of a network of zombie PCs, used to distribute this:


We all know about spam - we all get inboxes full of it! Unsolicited junk e-mail is still on the increase.

Over the last three years we have seen the amount of spam flying around the 'net grow at phenomenal rate.

9% of all emails were identified as spam in 2002. A year later that had risen to 40%. And last year, a mailbox-busting 73% of all e-mail was spam - that is 9.2 billion junk messages!

What do you think most spam is about? Unsurprisingly, most of it is trying to sell us something.

Matt Sergeant, of Messagelabs, says: "The vast majority of spam is sent from 200 or so spammers, most of them based in the US.

"They're trying to sell you pornographic material, cheap watches, that sort of thing.

"While we see the e-mails coming from various countries around the world such as China, Brazil, England, home PCs located everywhere, all of the money is actually going back to the US despite where the emails are coming from."

But there is some hope. New anti-spam laws and some high-profile spammer arrests could see these figures plateauing and even starting to come down.

But this could also mean that spammers will simply move their operations into countries with weaker regulation, like Russia or China.

Apart from being a nuisance and hogging storage space, most spam is relatively harmless. Some, however, is far more destructive.


The most sophisticated of the bunch, phishing e-mails, pose as official e-mails from banks and other institutions.

They ask you to click on a link, which takes you to the bank's official website... or at least something that looks like the official website.

It is actually a fake, and the bank details and password you enter into the phoney logon screen is actually sent straight to the scammers.

After a gradual increase in phishing e-mails that were intercepted up to June last year, there was a sudden explosion. In July, there was a ten-fold increase.

Over the last few months phishing, and its ability to steal your online identity, has become the principal online threat.

Matt Sergeant: "Spammers use images in their e-mails as a way to avoid text-based filters that are looking for particular words or phrases in the e-mail.

"By using images you can't pull out the words in the e-mail so you can't see that the spammer is trying to send you off to Paypal or Citibank."

Four million phishing e-mails are now intercepted every month, and the amount that goes unreported is thought to be much higher.

So what will 2005 bring forth? Will these security threats continue to grow?

We spoke to Nigel Beighton from security experts Symantec, and Bryan Glick, the Managing Editor of Computing Magazine.

Watch the interview

Click Online is broadcast on BBC News 24: Saturday at 2030, Sunday at 0430 and 1630, and on Monday at 0030. A short version is also shown on BBC Two: Saturday at 0645 and BBC One: Sunday at 0730 . Also BBC World .


Story from BBC NEWS:

Published: 2005/01/07 17:28:14 GMT



IDentiWall coupled with Dynamic Security is your best choice for cyber crime fighting

Internet crime to hit homes hard

Home computer users are now the favorite targets of hi-tech criminals, reveals research.

The report by security firm Symantec found that cyber criminals are targeting home PC owners because they are the easiest to catch out.

It saw an 81% rise in phishing messages which attempt to trick people into handing over personal details.

Another study by a banking industry body shows many home users do not take basic steps to stay safe online.

Criminals typically use bogus or booby-trapped e-mail messages to lure people into handing over banking details.

Risky business

Symantec's bi-annual Internet Threat Report said that more than 157,000 unique phishing messages were sent during the first six months of 2006.

The phishing messages were getting much more sophisticated to make them more effective, said Ollie Whitehouse, Symantec research scientist and one of the authors of the report.



Install anti-virus software

On at least a weekly basis update anti-virus and spyware products

Install a personal firewall and/or ensure your operating system's firewall is on

Use Windows and Apple updates to patch security holes

Do not open e-mail messages that look suspicious

Do not click on e-mail attachments you were not expecting

Take time to educate yourself and family about the risks

Monitor your computer and stay alert to threats

"Organised crime is here and they are very interested in phishing," he said. "They target home users who have become the weakest link."

Many gangs trawl the net for more information about those they target with messages.

"Most people, by now, have left a digital footprint which can be mined," Mr. Whitehouse said.

Phishing gangs were also starting to target the customers of smaller banks and financial institutions. In early September the Anti-Phishing Working Group said that in the last year the number of bank "brands" targeted had doubled.

The Symantec report comes as the banking industry body the Association of Payment and Clearing Services reveals research which shows the risks people take online.

Only half of the consumers surveyed for the report said they would ignore phishing e-mail messages and 3.8% said they would respond to an unsolicited e-mail about their online accounts.

The survey also found that less than half of those questioned, 46.3%, kept their anti-virus software up to date. Only 10% had spam-stopping software installed.

"Clearly, it's a concern that so many internet users are still not aware of simple security advice," said an Apacs spokeswoman.

Story from BBC NEWS:

Published: 2006/09/25 09:33:44 GMT



Dynamic Security is fighting effectively this phenomenon

'Surge' in hijacked PC networks



The number of computers hijacked by malicious hackers to send out spam and viruses has grown almost 30% in the last year, according to a survey.

More than six million computers world wide are now part of a "bot network", reported security firm Symantec.

Computer users typically do not know that their PC has been hijacked.

More than a third of all computer attacks in the second half of 2006 originated from PCs in the United States, the threat report said.

While the total number of bot-net PCs rose, the number of servers controlling them dropped by about 25% to 4,700, the twice-yearly report said.


A large number of hijacked computers under the remote control of a single person via net-based command and control system.

Hi-tech crime: A glossary

Symantec researchers said the decrease showed that bot network owners were consolidating to expand their networks, creating a more centralised structure for launching attacks.

Ollie Whitehouse, senior consulting services director at Symantec, said: "This rise in the number of infected computers can certainly be attributed to the rise in the online population of countries like China and Spain, in Europe.

"There is almost an educational curve that the users and service providers have to go through. Unfortunately when certain countries go through rapid increases in connectivity and availability of technology that curve is not always kept up.

Alfred Huger, vice president of Symantec Security Response, said online criminals appeared to be adopting more sophisticated means of "self-policing".

He added: "They're launching denial-of-service attacks on rivals' servers and posting pictures online of competitors' faces.

"It's ruthless, highly organised and highly evolved."




Made4biz Security Translating real-world security knowhow into state of the art security systems.
Made4biz Security

Turn on Sound for Demos:
Bill Gates Demo (Location-based)
Elvis Demo (Location/Context-based)
Clint Eastwood Demo (Temporal-based)

Powered by Blogger

Subscribe to
Posts [Atom]

Technorati Profile

RSS Syndication

Made4Biz Security Inc