Information Seizers Target Trusted Sites
A new cyber threat known as "drive-by downloading" could expose Internet users to identity fraud and theft while they would remain ignorant of everything at the time of Website browsing, according to Vice-President for consumer products at Symantec, Tom Powledge, as reported by News on March 1, 2008.
People using the Internet without any effective security software installed on their computers could be at risk no matter whether the sites they visit are popular or trusted. Users without up-to-date software for Internet security on their Windows-based computers are highly vulnerable to the new 'drive-by downloading.'
Drive-by downloading takes place when a visitor accesses a compromised site, which hunts for vulnerabilities in the visitor's PC. During hunting for vulnerabilities the site plants a key logger, a small application that records keystrokes on the computer to seize credit card and banking information.
The 'drive-by downloading' threat is new and could catch users unaware. Powledge said that the tricky part about it relates to Web pages that one might think to be trustworthy. Many Web masters actually remain ignorant long enough about their Websites being under hackers' control.
According to Symantec, 15% of Internet users are unprotected and a huge rate of 95% of hackers' attacks target at home computers that do not have a firewall protection. Today, hackers are far more sophisticated. They are no longer simply caused others' computers to crash by infecting them with a virus or worm moreover, they now target sensitive information.
An underground market runs for buying and selling of personal identifying information. Hence, the perpetrators try to capture username and password, others' credit card or bank account numbers so that they can either sell them off or hack into the users' bank account themselves. There are also hackers running their operations internationally who are engaged full-time in harvesting personal information.
Researchers at Symantec cited the Website hack of the Sydney Opera House in June 2007 in which site visitors who didn't have a strong Internet security exposed themselves to security risks. Some other hacking attacks involved the Alicia Keys' page on MySpace and the site of Miami Dolphins Stadium.
Related article: Inappropriate IT Decisions Leads to Security Dangers
» SPAMfighter News - 13-03-2008