Cybercrime and its effect on the consumer. Cybercrime is currently on the rise worldwide. Cybercriminals, also known as hackers, are finding it very lucrative to steal personal information from consumers. Every time a consumer goes online, they are open to various threats that could damage not only their personal identity, but also important data stored on their PCs. Cybercriminals are continuously devising new ways to make your personal information their own–for a price.
Consumers find the Internet a tool of convenience. On a regular basis, consumers are going online to take care of personal finances such as; banking, paying bills, and investing. Online users also shop, communicate with family and friends, and work from home – all benefits of the Internet. However, the same convenience that makes consumers’ lives easier can also put them at risk.
According to the Symantec Corp.’s semiannual Internet Security Threat Report, the United States has the highest percentage of broadband users. The U.S. also has the highest number of bot-infected computers in the world, with China coming in second. Bots are computer programs that are covertly installed on a targeted system – allowing an unauthorized user to remotely control a computer. From July 1, 2005 to Dec. 31, 2005, bots made up 20 percent of the top 50 malicious code samples reported to Symantec.
When a computer is infected with bot malicious code, an attacker from a remote computer can use the system and other infected computers to launch a denial-of-service attack, which is also known as DoS. Businesses are the hardest hit by these attacks, as they rely on the Internet for revenue and communication purposes. DoS attacks increased 51 percent, (with an average of 1,420 attacks observed daily around the world) from the previous period according to the Internet Security Threat Report.
Machines remotely controlled, and invisibly infected by Trojans, are known as bots and bot networks. These networks are used to issue viruses and threats over the Internet. The bots and bot networks target personal data, and perpetuate cybercrime by allowing fraud, extortion, malicious code, and spyware and adware to be installed on consumers’ PCs.
Experts in the security arena believe that the cases of bots and bot networks will increase, leaving users vulnerable to more Web-based attacks launched by cybercriminals.
Cybercriminals are now relying on software called Crimeware that will help them execute online scams and steal consumer information. Crimeware has many ways to wreak havoc on a PC; however, the most popular are: Trojan horses, bots, keystroke loggers, spyware, adware, and backdoors. It is common to see more than one of these threats being used by cybercriminals. Some threats even have the capability to disable antivirus software and firewalls, enabling the malicious code to do even greater damage to a PC. This is also known as being modular.
Worms, viruses, and Trojan horses–which may also contain keystroke logging and backdoors–are the most common modular malicious codes that can be a threat to personal data. Modular malicious code was responsible for 88 percent of the top 50 malicious code samples according to the Symantec Internet Security Threat Report. Malicious code that revealed, or could reveal confidential information grew from 74 percent to 80 percent of the top 50 malicious code samples.
Money is the main motivation for these types of malicious code attacks. Threats based from modular malicious code have assisted criminals in stealing identities and credit card information. Once again, security experts predict an increase in theft of personal and confidential information for monetary gain.
Another way consumers are being targeted is by phishing scams. Thieves trick consumers into giving them personal information such as passwords and credit card information. These criminals use the information lured from users to steal identities and commit other forms of online fraud.
One in every 119 e-mail messages were found to be a phishing attempt. This makes up an average of 7.92 million phishing attempts per day, which was up over the first six months of 2005, with an average of 5.70 million phishing attempts per day found.
Computer hoaxes are another way to mislead consumers. Hoaxes will instruct users, through phony technical language, to send the e-mail to everyone they know. They play on fears to mislead users. These e-mails should always be deleted, once again reminding consumers to never open e-mail from an unknown source.
Dean Turner is senior sanager of Symantec Security Response.