May 12, 2011
Microsoft Reports Increased Cyber Scams
Cybercriminals are increasingly targeting consumers with "marketing-like" approaches, according to the security intelligence report released by Microsoft.
As the general public becomes more aware of cybercrime, cybercriminals have gotten more sophisticated and continue to evolve their attack methods.
Microsoft's latest report found that attacks were being run like marketing campaigns with fake product promotions, especially during events that generate a lot of media attention.
A "polarization" of cybercriminal behavior was discovered by the report, with a surge in the use of "marketing-like" deception tactics to steal money from people.
On one side, highly skilled criminals exploit the vulnerability in systems and networks of a targeted environment by acquiring special intelligence and using social engineering to trick intended victims in pursuit of a large payoff, the report says.
While on the other side are cybercriminals that use more "accessible methods, including social engineering tactics and leveraging exploits created by the more skilled criminals, to take a small amount of money from a large number of people."
With the increased popularity of social networking, criminals create new opportunities to directly affect individuals as well as their friends, colleagues and family through impersonation, the report says.
In addition, these social engineering techniques trick people with false advertisements, fake security software, and pay-per-click schemes that generate cash when Internet links are activated, Microsoft reports.
"With more consumers and devices coming online every day, cyber criminals now have more opportunities than before to deceive users through attack methods like adware, phishing and rogue security software," Graham Titterington of Britain-based analyst firm Ovum told the AFP news agency.
"It's becoming increasingly difficult for consumers to decipher legitimate communications and promotions given the sophistication of tools criminals are using."
Rogue security software, or "scareware," are virus software used to dupe Internet users by pretending to find viruses and other problems on computers and then offering to sell a program to fix the issue, according to AFP. In 2010, Microsoft reported that it detected and blocked this type of software on almost 19 million systems.
In addition, Microsoft reports that phishing targeted at online gaming sites reached a high of 16.7 percent of all phishing online. Phishing tactics, which use social networking as the "lure," increased 1,200 percent from a low of 8.3 percent in January to a high of 84.5 percent in December of 2010.
Furthermore, Microsoft reports that Adware, which uses software crated to infect machines with pop-up advertisements, also increased by 70 percent from the second quarter to the fourth quarter of 2010.Two new Adware families that are the most prevalent malware in many countries, JS/Pornpop and Win32/ClickPotato, were responsible for the increase.
To guard against these growing threats, computer users are advised to update their computers with reputable security software, and by not clicking on links or opening files without making sure that they are safe.
On the Net: