Social media sites and educational institutions were increasingly targeted by phishers who continued to expand the targets of their attacks in the first half of 2010. With greater diversity of attacks, phishing continues to be a global problem, with numerous industries and well over 30 different countries experiencing targeted attacks according to Cyveillance’s “1H 2010 Cyber Intelligence Report”.
While banks and credit unions continue to be the top targets of phishers, social media sites and universities are growing favorites of phishers due to the inherent nature of these users to share personal information. Cyber criminals are gaining access to confidential information through simple searches in order to carry out elaborate social engineering scams.
Universities are specifically targeted for credentials including name and password information. Phishers use these details to create botnets – applications that allow unauthorized access to and/or control over a user’s computer in order to help facilitate malicious activity such as spamming or denial of service (DoS) attacks. Alternatively, social media is used as a means to distribute malware in order to reap greater financial benefits. While these avenues are used in different ways, they are both targeting large groups of individuals who are typically more willing to share information and trust online links.
The report also includes test results identifying how long it takes leading antivirus software vendors to detect new malware threats as they are initially discovered in real-time and over the course of a thirty day period. When Cyveillance fed active attacks through 13 of the top AV vendor1 offerings, they identified that these solutions initially detect on average less than 19% of malware threats. That average detection rate increases to only 61.7%
During the first half of 2010, a total of 126,644 phishing attacks were detected, for an average of over 21,000 unique attacks per month with the volume remaining relatively steady throughout the half. The amount of attacks seen monthly is down compared to the second half of the previous year, but the overall volume confirms that the problem of phishing is still easily one of the top threats on the Internet. The schemes are varied, but typically involve a spoofed (spam) email that mimics an email from a legitimate and respected organization in order to steal personal information, which is then used for online fraud, identify theft or unauthorized network access purposes.
The majority of malware threats on the Internet continue to originate within the United States. The country leads in almost every significant malware statistical category. Other developed countries such as China, Canada and the United Kingdom do not provide the same volume of threats as the U.S., but still pose significant danger to Internet users. There are many types of malware, ranging from “bot” programs used to launch spam to DoS attacks to keyloggers and backdoor Trojan viruses used for stealing sensitive information or targeting specific SCADA or industrial platform. While all malware presents a threat, the variations used for financial fraud typically cause the most harm to consumers.