As the Web continues to offer new features and services, and users get more sophisticated, so cybercriminals devise more innovative ways to trick them.
IBM’s mid-year security report says ‘phishing’ emails, in which fraudsters send what purport to be alerts from banks in a bid to steal customers’ account details, have declined this year. Phishing accounted for just 0.1 % of all spam in the first six months of this year, compared to 0.2-0.8% in the same period last year.
The decline is attributed to both improved email filtering software and increased awareness among users of such activity. Instead, phishers have switched to injecting malicious code into legitimate Web sites and posting malware links in blogs and social networking pages. The number of new malicious Web links rose more than 500% in the first half of this year.
IBM also says it is seeing more instances of ‘Trojan horse’ programs, which are used to spy on victims and steal their information. A current popular vehicle for delivering this malware is fake links to movie sites. Movie fans are often identified through social networking pages, but people searching under the keywords ‘movie’ and ‘free’ can get search returns for malware distributors. The link sends them to a blog page and invites them to download an application to view a video. The app is actually a Trojan, and both Windows and Mac versions have been detected.
The IBM report says social networking sites have been a boon to online scammers. “The high concentration of users and personal information allows for more specific targeting of potential victims. Dating sites, for example, provide scammers with fertile hunting grounds.
“Scammers also keep lists of successfully conned victims, and once a victim has been identifi ed and successfully conned, their identity and contact details may well be traded, sold or passed to another scammer running a different con.”
Read the full IBM report at tinyurl.com/lvq67x