Cybercriminals Adopting Sophisticated Attack Techniques
A panel of security experts, representing the three leading financial institutes PayPal, JPMorganChase and Bank of America, revealed at the RSA Conference held in San Francisco (USA) that cyber threats are becoming increasing sophisticated and cyber crooks are getting smarter at tricking new authentication systems, as reported by SCMAGAZINE on April 22, 2009.
The criminals have addressed some of the basic problems faced by them in their illegal business, like spelling errors in the phishing e-mails and websites having malicious characteristics. According to David Shroyer, Senior Vice President, Online Security and Enrollment Department of Bank of America, these crooks have invested handsomely on a spell-checker, as reported by SCMAGAZINE on April 22, 2009.
Shroyer also added that at present, several phishing e-mails not only direct to sites claiming to be legitimate financial institutes, but also to web pages trying to implant malware onto the systems of the users.
Besides, while conventionally phishing scams were developed to steal confidential user details, modern day phishing scams are very sophisticated that, at occasions, they may take control over the entire system of the users or businesses.
According to security experts, organizations have started to make heavy investments in their business structures, with most of them starting to store less-confidential information as a normal business activity's part and encrypting the details they retain. But cyber criminals are so smart that they are successfully breaching the best available security models.
Usually, malware obtains and stores the information locally, obtains and circulates data to a far server or provides the access or control of the compromised system to the hackers. Thus, stealing details has become quite easy for the criminals as it is majorly associated with phishing.
Panelists are RSA Conference said that they are having the burden of making the systems of customers secure. They also added that details of criminals must be verified by making all possible efforts while logging on to the computers.
However, the best option to evade security threats such as malware circulation and phishing it to raise the awareness of people that by opening unknown links, they would just invite trouble for themselves."
Related article: Cheburgen.a: A New Email Worm
» SPAMfighter News - 29-04-2009