2005 saw internet crime becoming more and more prevalent. Here is a press release from the National Cyber Security Alliance and the Department of Homeland Security predicting what is in store for us in 2006:
According to the 2006 Department of Homeland Security and NCSA Emerging Internet Threat List (http://www.staysafeonline.info/basics/2006threatlist.html) viruses continue to pose a threat to consumers, as malicious codes become more sophisticated and targeted towards popular activities, such as Instant Messenger and text messaging. Wireless devices, such as PDAs and cell phones are also becoming increasingly more vulnerable to hackers and viruses. Phishing continues to be an ongoing threat to consumers as they become more prevalent and sophisticated in obtaining consumers’ personal and financial information. Five online preparedness best practices are also highlighted to offer consumers the necessary tips on how to take action against cyber thieves and avoid becoming victim to Internet crime this year.
Emerging Threats for 2006:
Hackers use Instant Messaging to spread viruses and worms.
Phishing fraud becomes more prevalent and sophisticated.
Viruses attack cell phones and PDAs.
Hackers target online brokerage accounts.
Online Preparedness Practices:
Practice the core three protections – install, configure, regularly update.
Do not open unexpected emails.
Do not download attachments in unsolicited emails.
Take precautions to protect your mobile devices.
Here is a link to their Stay Safe Online site, which has a lot of relevant information on how to protect yourself from these threats.
The Anti-Phishing Working Group (APWG) just released their December Phishing Activity Trends Report, which shows an increase in activity. They reported 4,630 sites distributing crimeware in November to 7,197 in December.
Here is the definition of crimeware from Wikipedia:
"Crimeware (as distinct from spyware, adware, and malware) is designed to (through social engineering or technical stealth) perpetrate identity theft to access a computer user's online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the thief controlling the crimeware."
"Crimeware can surreptitiously install keystroke loggers to collect sensitive data—login and password information for online bank accounts, for example—and report them back to the thief. A crimeware program can also redirect a user's browser to a counterfeit website controlled by the thief even when the user types the website's proper domain name in the address bar. Furthermore, crimeware can wait for the user to log into their account at a financial institution, then drain the account behind the scenes."
Knowledge and awareness are the best defenses against internet crime. Unfortunately (all too often), internet crime goes unreported. A good place to report internet criminal activity is the Internet Crime Complaint Center (FBI).
Reporting it provides valuable intelligence (real time) to the cyber crime warriors, who are out there protecting US!