At Least One Part of the Economy is Growing: Cybercrime

In case anyone thought it was getting easier to keep customer data safe, here are a few studies that will bring you back to reality.

The APWG (Anti-Phishing Working Group) released its latest Phishing Activity Trends Report and found that new records were being reached in a variety of areas, such as rogue anti-virus software, phishing websites and crimeware designed to target financial institutions' customers.

According to a release, the APWG H1, 2009 report found that the numbers of detected rogue anti-malware programs—fake security software that actually infects computers to animate assorted electronic crimes—grew 585 percent between January and the end of June 2009.

The number of unique phishing websites detected in June rose to 49,084, the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement.

The number of hijacked brands also reached an all-time high of 310 in March and remained at an elevated level to the close of the half in June.

The APWG added a new metric to its Trends Report that measures proliferation of three categories of malevolent software: Crimeware (code designed to victimize financial institutions' customers); Data Stealing and Generic Trojans (designed to send information from the infected machine, control it, and open backdoors on it); and Other (commonly auto-replicating worms, dialers for telephone charge-back scams, etc.). This data was obtained from report contributor Websense.

This metric replaces counts of "Password-Stealing Malicious Code URLs" and "Password Stealing Malicious Code - Unique Applications" which, due to incongruent sources and counting methods became systematically unreliable.

According to Dan Hubbard, APWG Trends Report contributing analyst and Websense CTO, the growing complexity of these attacks is making it difficult for experts to distinguish between those attacks that are designed to steal banking credentials from customers.

"Due to evolution of attack sophistication, it is becoming increasingly difficult to separate and report on attacks that are specifically designed to steal customer banking information," Hubbard said in a statement. "Additionally, attacks that only look for credentials from popular social networking, web mail, and even gaming sites, can lead to attacks for banking theft and crimeware." Continue article (Finance Tech)

New computer viruses target banks, social networks

* Facebook, Twitter increasingly interesting for hackers

* Eight e-mails out of nine were spam in Q3

* Bank fraud software now cover tracks, use money mules

By Tarmo Virki, European technology correspondent

HELSINKI, Sept 30 (Reuters) - Cyber criminals are increasingly focusing their attacks on the hundreds of millions of users of social networks and on loopholes in bank security systems, security software vendors said on Wednesday.

At the same time, spam e-mail messages rose sharply in the third quarter, Symantec Corp (SYMC.O) said.

And as Facebook reached 300 million accounts in September, social networks and social media continued to attract criminals, smaller research firm F-Secure (FSC1V.HE) said in its quarterly virus report.

"As Twitter has grown in popularity, it has been increasingly targeted by worms, spam and account hijacking," F-Secure said.

Cyber criminals choose targets that are widely used, allowing them to go after the largest number of potential victims.

"Cyber criminals continue to follow the money," said Yuval Ben-Itzhak, technology chief at a small security software vendor Finjan, who on Wednesday revealed a new method criminals use to steal money from bank accounts and hide their tracks.

Finjan said it expects a growing trend of using new software that forges on-screen bank statements, concealing the true transaction amount to dupe account holders and their banks, and then sends the stolen money to money mules accounts.

"With the combination of using sophisticated Trojans for the theft and money mules to transfer stolen money to their accounts, they minimize their chances of being detected," Ben-Itzhak said.

SPAM, SPAM AND SPAM

The amount of spam in all e-mail traffic rose to 88.1 percent in the third quarter from 81 percent a year ago, said Symantec's MessageLabs in its quarterly report.

MessageLabs said botnets are now responsible for sending 87.9 percent of all spam.

Hackers take advantage of the PC vulnerability by booby- trapping websites with a malicious code that loads onto computers. Infected PCs are commandeered into a botnet, a network of hijacked computers. They are used for identity theft, spamming and other cyber crimes.  Continue (Reuters)

Google Urges Cooperation Against Bad Ads, Malware

A malicious ad surfaced in Google search results just as Google called for a more concerted industry effort against such scams...

As if to underscore its call for greater industry cooperation to fight malicious online ads and content, Google allowed a scam ad to appear briefly atop search results on Tuesday for the term "Firefox."

The sponsored link purported to take Google (NSDQ: GOOG) searchers to the official Firefox Web site, but in fact took them to a different domain, firefox.mozilla-now.com, according to Sophos, a computer security company.

More Security InsightsWhite PapersPop Goes the Trademark?: Competitive Advertising on the InternetNeutralizing the Spyware ThreatWebcastsGone in 6.0 Seconds: Protecting Laptops and Data from TheftSharePoint and Compliance Regulations- The Rules and How to Avoid Violating ThemReportsCybersecurity Balancing Act3G Safeguards: Incomplete, Getting BetterVideos

InformationWeek editor, John Foley, spoke with Calvin Lui, CEO of Tumri, about their interactive ad platform. With their new technology, ads dynamically change based on geography, demographics, psychographics, media type, sites, etc.Google appears to have removed the ad as a violation of the company's advertising policies.

A company spokesperson declined to comment on the Firefox ad in question, but acknowledged that the company does look for and remove ads that violate its policies.

"Google's advertising policy requires that the Web site address displayed in the ad must match the domain of the landing page for that ad in order to ensure that users clearly understand the destination Web site being advertised," the spokesperson said in an e-mailed statement. "We use a combination of manual and automated processes to detect and enforce these policies."

But the incident underscores the problem that Google and other online companies face in trying to thwart malicious advertising, or malvertising.

Malicious ads have also been spotted this year at nytimes.com. eweek.com, mlb.com, and foxnews.com, among other Web sites and such incidents are becoming more common.

ScanSafe, a security company, on Wednesday said that a large scale malvertising attack had hit popular Web sites, including drudgereport.com, horoscope.com and lyrics.com, over the weekend.

The company said that the ads were delivered by the several advertising networks, including DoubleClick, YieldManager and FastClick.

On Wednesday at the Virus Bulletin conference in Geneva, Switzerland, Eric Davis, head of Google's anti-malvertising team, part of the company's broader anti-malware team, urged ISPs and security companies to work together to fight malicious ads and content. He pointed to the Australian government's Australian Internet Security Initiative, a program to help ISPs identify hijacked PCs (bots) and regain control over them, as an example of cooperative security.

Along those lines, Google earlier this year introduced a custom service engine for conducting background research on online advertisers. In June, the company launched anti-malvertising.com as a home for its custom search engine and as a resource for those fighting malvertising.

 Information Week