FutureFive New Zealand - Consumer technology news & reviews from the future
Story image
Phishers smarter, more devious
Thu, 1st Oct 2009
FYI, this story is more than a year old

As the Web continues to offer new features and services, and users get more sophisticated, so cybercriminals  devise more innovative ways to trick them.

IBM’s mid-year security report says ‘phishing’ emails, in which fraudsters send what purport to be alerts from  banks in a bid to steal customers’ account details, have declined this year. Phishing accounted for just  0.1 % of all spam in the first six months of this year, compared to 0.2-0.8% in the same period last year.

The decline is attributed to both improved email filtering software and increased awareness among users of  such activity. Instead, phishers have switched to injecting malicious code into legitimate Web sites and posting  malware links in blogs and social networking pages. The number of new malicious Web links rose more than  500% in the first half of this year.

IBM also says it is seeing more instances of ‘Trojan horse’ programs, which are used to spy on victims and  steal their information. A current popular vehicle for delivering this malware is fake links to movie sites. Movie  fans are often identified through social networking pages, but people searching under the keywords  ‘movie’ and ‘free’ can get search returns for malware distributors. The link sends them to a blog page and  invites them to download an application to view a video. The app is actually a Trojan, and both Windows and  Mac versions have been detected.

NETWORK SCAMS

The IBM report says social networking sites have been a boon to online scammers. “The high concentration of  users and personal information allows for more specific targeting of potential victims. Dating sites, for  example, provide scammers with fertile hunting grounds.

“Scammers also keep lists of successfully conned victims, and once a victim has been identifi ed and successfully conned, their identity and contact details may well be traded, sold or passed to another scammer  running a different con.”

Read the full IBM report at tinyurl.com/lvq67x