Cyber-criminals Evolving with New Attack Tactics

Cyber-security specialists participating in a cyber-security forum of TechAmerica in Washington D.C., cautioned that online miscreants were developing fresh methods for stealing information like inserting trojans to contaminate lawful websites or crafting fake software, which although appeared legitimate actually carried malware. PCWorld reported this on October 14, 2009.

Said the specialists that during the past few months, there had been an increase in sophisticated cyber-attacks such as personalized or spear phishing, a scamming process involving e-mails to specific individuals that apparently stole personal information. Clearly, spear phishing assaults target potential victims much better compared to ordinary phishing assaults since they attempt at convincing users that the electronic mail sent to them is a message from an authentic organization or business partner.

Says cyber-security senior fellow Eric Cole at Lockheed Martin, cyber-criminals currently seem to be concentrating on hijacking reliable suppliers of information through the insertion of trojans into authorized websites alternatively, through the dispatch of fraudulent e-mails purporting to be from persons known to the recipients, while soliciting personal information, thus reported PCWorld.

Earlier during 2007, twin websites bearing association with the Miami Dolphins football club became infected with criminal's malware, while this year (2009), a website bearing association with Paul McCartney the famous rock singer served malicious software.

Moreover, cyber-criminals also seem to be using help-wanted e-mails and advertisements for recruiting money mules, i.e. unwitting individuals whom cyber-criminals hire for illegal activities in the pretext of engaging them in work-at-home schemes. For, they are actually made to first collect stolen money into their bank accounts and then transmit the same to the attackers' accounts after deducting a specified commission.

Furthermore, Microsoft has observed that there has been an enormous increase in the distribution of fake software during 2008. The company identified two Trojan viruses namely Win32/FakeSecSen and Win32/FakeXPA that pretending to be security software actually infected over 3m PCs during July-December 2008.

Said security specialists that such fake security software offered to scan an end-user's PC for free but then falsely informed that his system was infected. Thereafter, it insisted that the user bought the infection-removal software, which, however, turned out useless.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 10/29/2009